Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/bf7bbb-6b12-474c-93bc-7c73059278ef/1/0Y32BfPWsP4C_REjz9Qsh6rszDQ.roa
File: 0Y32BfPWsP4C_REjz9Qsh6rszDQ.roa (raw, json)
Hash identifier: aOXPLk0XeMaui8ELlrdERUkPdrfHmf7qgIa9qUCDTkM=
Subject key identifier: D1:8D:F6:05:F3:D6:B0:FE:02:FD:11:23:CF:D4:2C:87:AA:EC:CC:34
Certificate issuer: /CN=7d4fbe5594707fdcf94025ea15571a68c24da9ab
Certificate serial: 01896A658A80D6F63B8CEAEAAD9794BBA56F
Authority key identifier: 7D:4F:BE:55:94:70:7F:DC:F9:40:25:EA:15:57:1A:68:C2:4D:A9:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fU--VZRwf9z5QCXqFVcaaMJNqas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/bf7bbb-6b12-474c-93bc-7c73059278ef/1/0Y32BfPWsP4C_REjz9Qsh6rszDQ.roa
Signing time: Tue 18 Jul 2023 19:06:26 +0000
ROA not before: Tue 18 Jul 2023 19:06:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197782
IP address blocks: 195.160.168.0/23 maxlen: 23
2001:67c:275c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6a:65:8a:80:d6:f6:3b:8c:ea:ea:ad:97:94:bb:a5:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d4fbe5594707fdcf94025ea15571a68c24da9ab
Validity
Not Before: Jul 18 19:06:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d18df605f3d6b0fe02fd1123cfd42c87aaeccc34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b7:ce:d5:8d:1e:5e:a8:4c:12:44:40:5f:9d:
20:35:43:a6:de:c0:f1:5f:97:58:c1:a3:6c:fd:55:
0c:6a:3c:fd:5e:0e:fc:e4:74:6a:cd:2a:75:3f:1a:
70:65:82:86:be:9a:8e:be:2d:da:f5:fe:11:47:6b:
8d:ec:e5:a4:b0:44:01:6a:c9:b9:aa:fa:aa:54:17:
40:a0:a5:0f:9f:ab:ef:50:28:78:69:97:0a:07:c4:
11:07:5a:2d:91:29:23:5e:38:7d:81:38:e8:02:d4:
87:52:2a:1c:64:8f:79:b2:2a:48:f8:cd:3a:cb:4c:
ec:24:2f:06:57:39:6c:77:ff:57:62:e5:57:c7:b8:
97:31:e0:61:6f:d1:d4:40:42:e2:92:65:a9:13:4f:
ff:53:1b:d3:e1:6e:a3:b0:84:17:88:8e:7e:20:11:
0b:f3:87:24:ad:76:bc:26:d4:50:91:08:42:b6:8d:
47:89:cd:5e:dc:44:6a:fe:c0:8b:aa:74:92:f8:d0:
48:ff:8d:17:fc:e9:22:1a:23:41:58:e3:4c:34:b6:
e4:19:20:f1:52:53:af:bb:34:79:69:cb:66:bb:96:
12:43:b8:6b:db:80:60:e5:99:f2:8a:d3:cc:a8:a7:
94:69:80:0a:d7:88:a9:e9:b0:82:33:47:9d:06:1c:
53:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8D:F6:05:F3:D6:B0:FE:02:FD:11:23:CF:D4:2C:87:AA:EC:CC:34
X509v3 Authority Key Identifier:
keyid:7D:4F:BE:55:94:70:7F:DC:F9:40:25:EA:15:57:1A:68:C2:4D:A9:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fU--VZRwf9z5QCXqFVcaaMJNqas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/bf7bbb-6b12-474c-93bc-7c73059278ef/1/0Y32BfPWsP4C_REjz9Qsh6rszDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/bf7bbb-6b12-474c-93bc-7c73059278ef/1/fU--VZRwf9z5QCXqFVcaaMJNqas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.168.0/23
IPv6:
2001:67c:275c::/48
Signature Algorithm: sha256WithRSAEncryption
ae:18:13:1a:da:ff:5b:a2:a8:d2:db:f0:63:3e:3a:30:7a:d9:
3c:fa:1f:e2:fe:5f:ba:95:52:5e:74:b6:46:01:b4:84:7c:11:
1c:44:eb:19:ce:b3:e1:93:19:53:22:8d:2c:82:ea:f3:7d:2f:
93:1f:b1:53:ab:5a:51:0d:c5:4c:03:58:24:8e:1e:57:1e:18:
97:ec:9f:95:08:44:19:9f:c1:f8:03:64:56:84:ec:12:ed:d3:
0c:2e:2e:bd:56:57:d3:ee:0d:27:d9:a4:50:a8:44:7d:77:bc:
bc:92:34:19:ae:c1:db:06:8e:20:b0:a6:2e:87:98:78:8a:2c:
07:d7:e1:f3:a3:67:1a:f0:84:e3:4c:ea:87:99:d9:58:43:64:
0d:56:b6:31:cd:2c:31:fe:71:20:c4:19:72:7c:83:90:02:09:
94:67:82:b7:de:2b:3e:93:74:71:f0:89:03:27:43:07:52:70:
ab:69:d0:60:ca:3b:33:58:18:03:2a:76:44:98:f1:25:e5:7a:
4c:f9:ad:a9:d0:ce:63:a5:e1:e7:a2:71:99:2f:7e:ca:14:7d:
da:a5:92:69:35:3e:48:44:5a:64:ee:83:cb:3e:f3:4e:eb:46:
e8:a5:4f:e4:ea:df:65:b8:03:9d:5f:39:a0:42:71:1c:ff:16:
5c:c8:c6:47
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlqZYqA1vY7jOrqrZeUu6VvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNGZiZTU1OTQ3MDdmZGNmOTQwMjVlYTE1NTcxYTY4YzI0
ZGE5YWIwHhcNMjMwNzE4MTkwNjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMThkZjYwNWYzZDZiMGZlMDJmZDExMjNjZmQ0MmM4N2FhZWNjYzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLfO1Y0eXqhMEkRAX50gNUOm3sDx
X5dYwaNs/VUMajz9Xg785HRqzSp1PxpwZYKGvpqOvi3a9f4RR2uN7OWksEQBasm5
qvqqVBdAoKUPn6vvUCh4aZcKB8QRB1otkSkjXjh9gTjoAtSHUiocZI95sipI+M06
y0zsJC8GVzlsd/9XYuVXx7iXMeBhb9HUQELikmWpE0//UxvT4W6jsIQXiI5+IBEL
84ckrXa8JtRQkQhCto1Hic1e3ERq/sCLqnSS+NBI/40X/OkiGiNBWONMNLbkGSDx
UlOvuzR5actmu5YSQ7hr24Bg5ZnyitPMqKeUaYAK14ip6bCCM0edBhxTewIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNGN9gXz1rD+Av0RI8/ULIeq7Mw0MB8GA1UdIwQY
MBaAFH1PvlWUcH/c+UAl6hVXGmjCTamrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlUtLVZaUndmOXo1UUNYcUZWY2FhTUpOcWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9iZjdiYmItNmIxMi00NzRjLTkzYmMt
N2M3MzA1OTI3OGVmLzEvMFkzMkJmUFdzUDRDX1JFano5UXNoNnJzekRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9iZjdiYmItNmIxMi00NzRjLTkzYmMtN2M3MzA1OTI3OGVm
LzEvZlUtLVZaUndmOXo1UUNYcUZWY2FhTUpOcWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw6CoMA8E
AgACMAkDBwAgAQZ8J1wwDQYJKoZIhvcNAQELBQADggEBAK4YExra/1uiqNLb8GM+
OjB62Tz6H+L+X7qVUl50tkYBtIR8ERxE6xnOs+GTGVMijSyC6vN9L5MfsVOrWlEN
xUwDWCSOHlceGJfsn5UIRBmfwfgDZFaE7BLt0wwuLr1WV9PuDSfZpFCoRH13vLyS
NBmuwdsGjiCwpi6HmHiKLAfX4fOjZxrwhONM6oeZ2VhDZA1WtjHNLDH+cSDEGXJ8
g5ACCZRngrfeKz6TdHHwiQMnQwdScKtp0GDKOzNYGAMqdkSY8SXlekz5ranQzmOl
4eeicZkvfsoUfdqlkmk1PkhEWmTug8s+807rRuilT+Tq32W4A51fOaBCcRz/FlzI
xkc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 11:53:56 2025 by rpki-client