Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/c10911-4022-46fb-9214-7c6857648666/1/xMeETqWRAjpTjVF1QH42zEjoGDY.roa
File: xMeETqWRAjpTjVF1QH42zEjoGDY.roa (raw, json)
Hash identifier: OlKqZ6yEMJKfYFGs5rTOqQbtq3LfgvhRtXwGhrfJwQ4=
Subject key identifier: C4:C7:84:4E:A5:91:02:3A:53:8D:51:75:40:7E:36:CC:48:E8:18:36
Certificate issuer: /CN=1f22c0848d3059e5ae55f68c07079cb9a92c279e
Certificate serial: 01856FD5133E48E18BE558AFA846A08BE13D
Authority key identifier: 1F:22:C0:84:8D:30:59:E5:AE:55:F6:8C:07:07:9C:B9:A9:2C:27:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HyLAhI0wWeWuVfaMBwecuaksJ54.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/c10911-4022-46fb-9214-7c6857648666/1/xMeETqWRAjpTjVF1QH42zEjoGDY.roa
Signing time: Mon 02 Jan 2023 00:15:12 +0000
ROA not before: Mon 02 Jan 2023 00:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60893
IP address blocks: 195.80.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:13:3e:48:e1:8b:e5:58:af:a8:46:a0:8b:e1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f22c0848d3059e5ae55f68c07079cb9a92c279e
Validity
Not Before: Jan 2 00:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4c7844ea591023a538d5175407e36cc48e81836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:62:ff:7a:2a:72:04:44:05:1d:f9:96:30:d7:
35:06:60:22:45:49:68:11:5c:98:a2:ec:6a:9c:31:
76:4c:64:ad:a4:b2:2f:47:2f:af:f7:5a:19:99:63:
29:0f:fc:c3:67:2b:21:55:e6:10:6e:1b:21:8b:7c:
f1:ba:ba:7c:0e:ed:c8:58:7d:8f:48:1a:31:74:7b:
1e:94:30:81:32:d9:ff:62:a7:cb:47:c5:b9:ba:16:
47:b6:3a:23:47:32:e9:04:8f:91:b0:db:f0:07:0b:
40:4f:8b:ea:bc:52:7e:61:3e:54:13:5a:c0:dc:23:
f0:f9:84:18:be:54:37:4f:6e:23:1d:77:97:2e:c5:
70:7d:c8:73:7c:67:b3:cb:c7:67:77:bd:85:cc:5a:
48:22:c7:3a:6f:2c:e9:63:76:50:b5:f3:8a:12:02:
4e:73:4b:08:b6:81:ee:58:67:45:42:b1:13:f3:c2:
7d:75:99:7c:07:c3:37:f9:87:0e:0e:4f:f1:3c:a4:
73:6c:49:e4:65:c1:a2:41:cd:6d:22:ee:ea:48:2d:
9f:02:b7:05:84:0e:31:ec:f2:74:20:0e:5f:2c:ea:
45:25:dc:5c:c3:51:29:f9:53:51:86:10:08:c2:a6:
a4:73:8c:74:4b:0c:39:49:21:d8:82:25:99:3e:29:
d1:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C7:84:4E:A5:91:02:3A:53:8D:51:75:40:7E:36:CC:48:E8:18:36
X509v3 Authority Key Identifier:
keyid:1F:22:C0:84:8D:30:59:E5:AE:55:F6:8C:07:07:9C:B9:A9:2C:27:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyLAhI0wWeWuVfaMBwecuaksJ54.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c10911-4022-46fb-9214-7c6857648666/1/xMeETqWRAjpTjVF1QH42zEjoGDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/c10911-4022-46fb-9214-7c6857648666/1/HyLAhI0wWeWuVfaMBwecuaksJ54.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.80.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:db:03:ef:c8:a4:40:fa:2f:17:d0:ca:ef:f6:ac:14:9e:1b:
fb:7f:b5:8b:ab:02:f2:01:08:a0:1f:f7:64:55:dc:4e:3b:a0:
bd:97:7e:0a:10:67:f6:b1:3d:64:59:d8:3e:b7:97:bb:0f:dd:
72:0a:0b:3a:8b:39:fc:25:26:b1:3b:69:6c:a5:a4:b6:71:12:
be:00:d1:96:88:9e:b7:62:50:9c:57:20:9e:ea:07:46:d4:fd:
3b:4d:34:87:8c:fb:b9:b9:25:be:cb:5d:21:f1:00:00:fa:45:
aa:c8:dd:1c:06:c8:46:44:dd:52:f7:30:e5:73:2a:68:b4:d9:
9e:3f:65:39:9a:cc:83:a9:a0:58:8b:f3:88:45:ff:04:b2:d3:
14:17:31:ff:f2:7b:6b:de:d5:21:0d:0e:ad:35:1c:be:8f:ca:
ed:4d:b6:8f:ef:fe:a5:5f:68:da:d0:11:75:01:88:63:b9:61:
6e:1d:ba:d1:b3:a9:11:51:40:12:9a:8d:c8:9e:69:9b:a0:6e:
d9:c6:2a:61:65:cc:9f:28:f4:ca:20:bc:47:c8:e5:7a:56:a6:
0d:92:2e:1b:81:5d:fb:0d:9f:85:c6:50:e0:b1:f9:2f:61:c9:
ca:d0:e3:13:45:e5:7d:02:49:3b:f7:ee:73:a7:9e:f9:01:32:
6b:07:ba:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVv1RM+SOGL5VivqEagi+E9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMjJjMDg0OGQzMDU5ZTVhZTU1ZjY4YzA3MDc5Y2I5YTky
YzI3OWUwHhcNMjMwMTAyMDAxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGM3ODQ0ZWE1OTEwMjNhNTM4ZDUxNzU0MDdlMzZjYzQ4ZTgxODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2L/eipyBEQFHfmWMNc1BmAiRUlo
EVyYouxqnDF2TGStpLIvRy+v91oZmWMpD/zDZyshVeYQbhshi3zxurp8Du3IWH2P
SBoxdHselDCBMtn/YqfLR8W5uhZHtjojRzLpBI+RsNvwBwtAT4vqvFJ+YT5UE1rA
3CPw+YQYvlQ3T24jHXeXLsVwfchzfGezy8dnd72FzFpIIsc6byzpY3ZQtfOKEgJO
c0sItoHuWGdFQrET88J9dZl8B8M3+YcODk/xPKRzbEnkZcGiQc1tIu7qSC2fArcF
hA4x7PJ0IA5fLOpFJdxcw1Ep+VNRhhAIwqakc4x0Sww5SSHYgiWZPinRMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMTHhE6lkQI6U41RdUB+NsxI6Bg2MB8GA1UdIwQY
MBaAFB8iwISNMFnlrlX2jAcHnLmpLCeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHlMQWhJMHdXZVd1VmZhTUJ3ZWN1YWtzSjU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jMTA5MTEtNDAyMi00NmZiLTkyMTQt
N2M2ODU3NjQ4NjY2LzEveE1lRVRxV1JBanBUalZGMVFINDJ6RWpvR0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9jMTA5MTEtNDAyMi00NmZiLTkyMTQtN2M2ODU3NjQ4NjY2
LzEvSHlMQWhJMHdXZVd1VmZhTUJ3ZWN1YWtzSjU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw1AoMA0G
CSqGSIb3DQEBCwUAA4IBAQAa2wPvyKRA+i8X0Mrv9qwUnhv7f7WLqwLyAQigH/dk
VdxOO6C9l34KEGf2sT1kWdg+t5e7D91yCgs6izn8JSaxO2lspaS2cRK+ANGWiJ63
YlCcVyCe6gdG1P07TTSHjPu5uSW+y10h8QAA+kWqyN0cBshGRN1S9zDlcypotNme
P2U5msyDqaBYi/OIRf8EstMUFzH/8ntr3tUhDQ6tNRy+j8rtTbaP7/6lX2ja0BF1
AYhjuWFuHbrRs6kRUUASmo3InmmboG7ZxiphZcyfKPTKILxHyOV6VqYNki4bgV37
DZ+FxlDgsfkvYcnK0OMTReV9Akk79+5zp575ATJrB7rR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:49 2025 by rpki-client