Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/AaDvs2Rq2jHoK7dOAdE1Fud9AIA.roa
File: AaDvs2Rq2jHoK7dOAdE1Fud9AIA.roa (raw, json)
Hash identifier: 7LkcvDj4lMAcdNzsM6AbrL4WLS0sEVL0DhdqGwbIB/k=
Subject key identifier: 01:A0:EF:B3:64:6A:DA:31:E8:2B:B7:4E:01:D1:35:16:E7:7D:00:80
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 2CA14FD0
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/AaDvs2Rq2jHoK7dOAdE1Fud9AIA.roa
Signing time: Sat 01 Jan 2022 04:59:35 +0000
ROA not before: Sat 01 Jan 2022 04:59:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34342
IP address blocks: 195.167.156.0/24 maxlen: 24
195.167.157.0/24 maxlen: 24
2001:1a68:19:400::/54 maxlen: 54
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 748769232 (0x2ca14fd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Jan 1 04:59:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01a0efb3646ada31e82bb74e01d13516e77d0080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:af:fa:30:bb:ad:58:68:4b:fc:7e:a5:7b:8d:
4e:44:13:82:a7:d4:87:00:f6:f9:13:b4:58:f0:46:
53:4d:21:8a:d2:da:01:f5:41:73:9d:84:5c:7b:0c:
45:40:cc:e4:ff:a8:41:ba:59:90:21:8c:91:d5:73:
59:15:a7:3d:2a:b8:24:a3:7d:ec:ef:fa:46:9a:b9:
9b:c0:bf:57:69:24:49:34:b2:f4:d9:24:39:74:20:
54:f5:36:6b:e5:60:7b:49:56:f2:32:62:b4:23:89:
49:07:e7:1b:92:66:1c:6b:0a:5e:72:bc:dd:22:cd:
3a:f7:49:0a:93:a9:78:51:8e:27:cf:d4:9b:ee:cd:
74:54:83:90:be:b4:79:11:57:0f:3f:8f:25:4d:d1:
99:ba:2d:04:c1:f3:6c:44:ff:f0:ad:9d:b6:4b:b2:
f1:da:b2:99:7b:0c:85:9e:57:a1:57:41:c2:09:0c:
66:5d:7a:3b:f9:8e:b5:d2:40:8e:b9:1c:52:5a:56:
34:84:75:7b:81:3f:ca:e9:3a:b0:0b:b4:e4:f7:b9:
cc:46:41:03:d7:ff:bb:a3:c4:0e:eb:e8:82:d2:8f:
34:58:2c:99:d9:fd:a7:37:d7:24:2e:7d:e9:32:c0:
f7:f2:f6:24:e5:1e:e4:3f:ce:b6:03:99:5d:f9:10:
a7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A0:EF:B3:64:6A:DA:31:E8:2B:B7:4E:01:D1:35:16:E7:7D:00:80
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/AaDvs2Rq2jHoK7dOAdE1Fud9AIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.167.156.0/23
IPv6:
2001:1a68:19:400::/54
Signature Algorithm: sha256WithRSAEncryption
92:a8:cd:3b:db:15:db:50:45:3d:aa:9c:a6:66:b2:d1:85:36:
4c:ce:c1:89:ae:26:e4:9b:ed:e7:ee:b0:79:45:dc:e9:c2:5c:
94:e0:de:89:4c:34:45:fd:af:82:44:fc:ac:33:85:33:77:3f:
a9:d1:2a:d2:e8:76:7a:37:65:3c:24:35:38:cd:c1:c0:d7:e4:
9b:f8:9b:b2:5d:35:3e:29:1b:6b:4b:1f:6d:1f:47:80:e7:f8:
97:bb:cf:02:59:d1:27:e8:b3:87:e4:cd:44:a9:0f:7b:91:4b:
84:35:81:30:46:0a:35:c9:b5:41:41:0e:52:2f:07:2a:df:a1:
76:0e:6d:f1:57:4f:f2:2c:48:da:85:8f:f6:d6:a4:0b:95:a1:
f6:7b:80:22:ff:a0:aa:b0:12:58:42:fd:be:bb:8d:4b:d8:55:
b5:35:6c:a8:93:7a:9d:22:5c:51:a6:c0:d3:ba:f6:d2:6b:75:
f2:57:dd:c9:18:f4:90:fc:03:96:ea:4f:03:81:9e:21:eb:33:
72:03:0a:25:22:3e:bf:dc:06:a6:9a:00:ea:90:bc:2d:53:ed:
e0:c4:ed:ce:f0:5c:3d:2b:66:e1:77:4a:b1:53:55:60:96:c7:
75:79:bb:15:b7:07:99:a3:4e:8e:e5:d4:68:59:9f:a3:06:16:
b2:ec:0b:f4
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIELKFP0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGM1MTBmYzliODY1ZDk2ZTNhZmM3YzU2MDU2ZWZhZDlhMzMwYzViMB4XDTIyMDEw
MTA0NTkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDFhMGVmYjM2NDZh
ZGEzMWU4MmJiNzRlMDFkMTM1MTZlNzdkMDA4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyv+jC7rVhoS/x+pXuNTkQTgqfUhwD2+RO0WPBGU00hitLa
AfVBc52EXHsMRUDM5P+oQbpZkCGMkdVzWRWnPSq4JKN97O/6Rpq5m8C/V2kkSTSy
9NkkOXQgVPU2a+Vge0lW8jJitCOJSQfnG5JmHGsKXnK83SLNOvdJCpOpeFGOJ8/U
m+7NdFSDkL60eRFXDz+PJU3RmbotBMHzbET/8K2dtkuy8dqymXsMhZ5XoVdBwgkM
Zl16O/mOtdJAjrkcUlpWNIR1e4E/yuk6sAu05Pe5zEZBA9f/u6PEDuvogtKPNFgs
mdn9pzfXJC596TLA9/L2JOUe5D/OtgOZXfkQp50CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQBoO+zZGraMegrt04B0TUW530AgDAfBgNVHSMEGDAWgBRoxRD8m4ZdluOv
x8VgVu+tmjMMWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FNVVFfSnVHWFpianI4ZkZZRmJ2clpvekRGcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8x
L0FhRHZzMlJxMmpIb0s3ZE9BZEUxRnVkOUFJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
ZTBmMmY2LTNhOGEtNGRhYS04MjcxLTVkNjY1ZTk5OGY2YS8xL2FNVVFfSnVHWFpi
anI4ZkZZRmJ2clpvekRGcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwDAQCAAEwBgMEAcOnnDAQBAIAAjAKAwgCIAEaaAAZ
BDANBgkqhkiG9w0BAQsFAAOCAQEAkqjNO9sV21BFPaqcpmay0YU2TM7Bia4m5Jvt
5+6weUXc6cJclODeiUw0Rf2vgkT8rDOFM3c/qdEq0uh2ejdlPCQ1OM3BwNfkm/ib
sl01Pikba0sfbR9HgOf4l7vPAlnRJ+izh+TNRKkPe5FLhDWBMEYKNcm1QUEOUi8H
Kt+hdg5t8VdP8ixI2oWP9takC5Wh9nuAIv+gqrASWEL9vruNS9hVtTVsqJN6nSJc
UabA07r20mt18lfdyRj0kPwDlupPA4GeIeszcgMKJSI+v9wGppoA6pC8LVPt4MTt
zvBcPStm4XdKsVNVYJbHdXm7FbcHmaNOjuXUaFmfowYWsuwL9A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:58 2025 by rpki-client