Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/EA7ZWYpuhroApQY6pMx4oqHwo7M.roa
File: EA7ZWYpuhroApQY6pMx4oqHwo7M.roa (raw, json)
Hash identifier: XyCIUh3jSAufwrHUnMRBjbq8rkc7+r6WNRrO9oRKnDg=
Subject key identifier: 10:0E:D9:59:8A:6E:86:BA:00:A5:06:3A:A4:CC:78:A2:A1:F0:A3:B3
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01856DCAE3B70C49D586E0EDFE8B9DEA92BA
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/EA7ZWYpuhroApQY6pMx4oqHwo7M.roa
Signing time: Sun 01 Jan 2023 14:44:51 +0000
ROA not before: Sun 01 Jan 2023 14:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42218
IP address blocks: 195.54.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e3:b7:0c:49:d5:86:e0:ed:fe:8b:9d:ea:92:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 14:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=100ed9598a6e86ba00a5063aa4cc78a2a1f0a3b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e8:b7:0d:0c:dd:f7:9f:14:f4:0c:fd:03:56:
ee:cc:80:29:05:99:ab:53:5d:5a:b0:05:54:e6:60:
e3:4f:a8:03:cd:57:7f:a9:9e:80:15:ba:ce:a7:c8:
86:55:89:4d:b8:11:f0:4a:9c:f4:8f:e6:e4:14:b7:
9e:c1:72:1e:e1:12:ca:87:b3:4b:e9:b3:a1:7e:fc:
db:7a:f7:d3:1f:27:be:3d:34:0d:18:f7:17:e7:49:
9e:a6:2a:50:a8:d4:11:b8:9d:dd:7a:66:a5:8a:d7:
6e:9c:49:bb:56:17:9f:6c:fe:69:49:ea:c3:8d:88:
39:ab:05:a3:73:5e:c7:60:5e:26:51:8a:1d:65:52:
31:ce:cf:ac:52:bb:e5:3d:65:b7:9e:b0:fd:5c:17:
d3:8e:fd:4b:2d:50:2e:f3:60:61:5d:22:42:e8:a2:
77:dc:6d:79:87:2c:e9:a2:f2:62:34:44:05:b1:36:
fb:83:58:39:84:52:11:46:8a:1d:44:96:de:17:5a:
fd:46:ff:21:f8:ec:b3:c1:e3:dd:0d:53:ba:cf:06:
8d:5c:a4:34:11:cf:08:c6:37:ba:90:28:82:60:42:
5b:c2:86:db:0b:43:bc:c2:e9:63:3f:16:1f:46:b4:
c5:a5:40:3f:7d:59:ef:10:6a:c7:9a:6c:e2:6f:ad:
2b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:0E:D9:59:8A:6E:86:BA:00:A5:06:3A:A4:CC:78:A2:A1:F0:A3:B3
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/EA7ZWYpuhroApQY6pMx4oqHwo7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.54.204.0/22
Signature Algorithm: sha256WithRSAEncryption
88:9a:e3:8c:29:13:b8:b9:56:8c:fc:a6:d1:31:ff:4c:17:44:
1b:61:32:d3:43:16:31:9c:3e:7a:cd:ef:06:1e:04:94:14:b0:
73:a0:09:af:cf:93:eb:6d:14:c4:59:79:2e:bd:ae:d9:79:66:
ed:1b:ae:5b:8e:dd:3b:9c:cd:71:97:9c:83:53:95:d7:5c:7a:
db:16:b6:27:34:4b:3d:de:08:82:4f:5a:7b:8e:bc:c1:16:ce:
fe:77:0a:e0:ec:18:f0:80:cd:69:12:35:8c:ab:b2:2a:ba:23:
b6:69:a4:98:49:b9:7f:b5:94:d1:50:58:12:ed:3d:80:f7:49:
f9:02:67:e2:db:05:19:ce:72:ec:0f:4f:05:db:d2:68:f6:4e:
c5:b2:cb:c6:f6:c1:96:7b:58:5d:9b:1a:d1:6b:4c:64:24:d6:
54:f2:0f:a4:16:c7:57:c6:7f:1e:de:80:b1:cb:9b:2b:2e:51:
66:0f:8d:f8:8d:47:dd:19:a6:5f:c7:47:15:21:b6:d7:46:34:
b7:84:5c:ed:76:28:a8:f3:61:d4:66:39:3f:6b:12:69:3d:7f:
ac:99:8b:43:d8:87:f7:a9:31:ba:e0:21:46:7d:dc:6c:b4:08:
5a:38:03:36:cf:65:92:18:bc:b6:38:19:e2:1a:03:3c:96:26:
d0:8a:1e:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtyuO3DEnVhuDt/oud6pK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjMwMTAxMTQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDBlZDk1OThhNmU4NmJhMDBhNTA2M2FhNGNjNzhhMmExZjBhM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgui3DQzd958U9Az9A1buzIApBZmr
U11asAVU5mDjT6gDzVd/qZ6AFbrOp8iGVYlNuBHwSpz0j+bkFLeewXIe4RLKh7NL
6bOhfvzbevfTHye+PTQNGPcX50mepipQqNQRuJ3demalitdunEm7VhefbP5pSerD
jYg5qwWjc17HYF4mUYodZVIxzs+sUrvlPWW3nrD9XBfTjv1LLVAu82BhXSJC6KJ3
3G15hyzpovJiNEQFsTb7g1g5hFIRRoodRJbeF1r9Rv8h+OyzwePdDVO6zwaNXKQ0
Ec8Ixje6kCiCYEJbwobbC0O8wuljPxYfRrTFpUA/fVnvEGrHmmzib60rTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBAO2VmKboa6AKUGOqTMeKKh8KOzMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvRUE3WldZcHVocm9BcFFZNnBNeDRvcUh3bzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwzbMMA0G
CSqGSIb3DQEBCwUAA4IBAQCImuOMKRO4uVaM/KbRMf9MF0QbYTLTQxYxnD56ze8G
HgSUFLBzoAmvz5PrbRTEWXkuva7ZeWbtG65bjt07nM1xl5yDU5XXXHrbFrYnNEs9
3giCT1p7jrzBFs7+dwrg7BjwgM1pEjWMq7IquiO2aaSYSbl/tZTRUFgS7T2A90n5
Amfi2wUZznLsD08F29Jo9k7FssvG9sGWe1hdmxrRa0xkJNZU8g+kFsdXxn8e3oCx
y5srLlFmD434jUfdGaZfx0cVIbbXRjS3hFztdiio82HUZjk/axJpPX+smYtD2If3
qTG64CFGfdxstAhaOAM2z2WSGLy2OBniGgM8libQih5b
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:03 2025 by rpki-client