Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/06hoyW6S_QDo8tLys1qioCMNHYM.roa
File: 06hoyW6S_QDo8tLys1qioCMNHYM.roa (raw, json)
Hash identifier: qLsC74yqC/kfwhNtsufqfM5ZDQXW5vRJ+vGYVuMRtlQ=
Subject key identifier: D3:A8:68:C9:6E:92:FD:00:E8:F2:D2:F2:B3:5A:A2:A0:23:0D:1D:83
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 1C5C5C80
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/06hoyW6S_QDo8tLys1qioCMNHYM.roa
Signing time: Sat 01 Jan 2022 11:57:33 +0000
ROA not before: Sat 01 Jan 2022 11:57:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8430
IP address blocks: 195.49.208.0/21 maxlen: 21
195.49.208.0/22 maxlen: 22
195.49.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 475815040 (0x1c5c5c80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Jan 1 11:57:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3a868c96e92fd00e8f2d2f2b35aa2a0230d1d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2d:24:05:2c:e2:22:22:4c:08:8f:06:68:45:
76:ff:66:95:16:ea:f9:cb:5a:e7:58:9f:d4:89:ab:
13:c6:da:d2:09:b1:f0:c6:8b:4c:ac:3d:28:68:c9:
32:19:59:40:10:1c:f3:ea:c6:aa:ea:13:f6:ba:2e:
32:d0:db:94:57:61:40:d1:b0:83:77:e8:97:d9:19:
3e:ac:d5:b2:ab:ac:dc:2d:df:a0:96:1b:6b:d2:c5:
68:2d:7c:ee:d7:ff:eb:c6:d4:f7:03:1f:24:cd:60:
22:43:a4:51:0f:33:aa:22:fb:db:f6:40:48:eb:18:
b1:9e:38:50:a9:97:b1:d2:37:a7:d3:33:9b:e0:80:
dd:06:cf:7b:28:b6:97:45:1c:da:0f:c7:5c:f5:88:
25:09:09:bd:28:1c:e5:d0:5f:06:c1:1f:68:ff:b0:
cf:42:07:63:2f:05:35:31:b4:eb:ab:64:55:a4:7f:
d1:d9:91:37:6e:80:6e:9b:ff:0f:37:7e:a4:6f:e3:
cc:76:13:a4:40:4a:20:d1:f5:2a:4f:a2:c8:45:26:
9f:32:a8:4f:a4:f3:c5:41:cc:23:ef:63:12:98:33:
8a:7c:f6:10:08:2e:2c:9d:2d:ba:ba:49:00:01:c0:
b7:1f:a2:7b:36:31:c5:01:58:de:a5:16:6b:f6:73:
f9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A8:68:C9:6E:92:FD:00:E8:F2:D2:F2:B3:5A:A2:A0:23:0D:1D:83
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/06hoyW6S_QDo8tLys1qioCMNHYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.49.208.0/21
Signature Algorithm: sha256WithRSAEncryption
65:e5:83:5a:e5:6f:48:72:39:04:58:48:04:95:b5:51:37:40:
3b:d0:8c:f5:2b:ce:39:75:19:03:9b:ed:ba:17:4a:1a:ea:c0:
67:e9:f6:55:4e:d0:8a:c6:04:ce:71:c1:cf:9d:01:f2:d0:5a:
a5:d9:08:70:71:41:84:8f:a0:ae:98:95:59:d5:e6:1b:55:43:
87:df:30:2a:b8:99:04:33:d3:f5:08:10:73:6c:e7:2b:1e:92:
80:c1:00:44:5f:e5:ae:b0:f4:84:1b:e7:95:2e:b3:88:02:ea:
ad:8e:da:9d:c8:56:06:1b:81:2f:27:02:66:25:7d:a9:5c:b1:
f9:62:e4:30:03:05:a2:70:7f:5c:12:1d:54:ea:a0:ab:59:43:
2e:57:05:90:86:11:1e:36:84:c0:9c:46:fd:5f:ad:d4:89:05:
be:bf:bb:7c:5e:24:43:24:d0:5d:fb:9c:5b:53:2d:de:82:d1:
c4:d2:f4:eb:ba:59:c4:e2:db:6f:e0:38:e9:d0:b0:42:ae:3b:
b9:19:10:0e:0c:86:b1:0c:ff:e7:93:a1:48:94:46:a1:f7:e6:
c1:00:e6:fd:cb:0a:c2:7a:e1:71:e5:95:2d:71:16:af:04:a2:
f5:6a:9f:ce:97:61:b9:2b:69:f9:e8:f0:cc:c6:64:99:6e:f5:
c8:11:e6:7e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHFxcgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODQ3YjU5ZDIxZWEzNmIzMDYyZmNhODBjZTc1YzE2MTZhZjUxMTlhMB4XDTIyMDEw
MTExNTczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDNhODY4Yzk2ZTky
ZmQwMGU4ZjJkMmYyYjM1YWEyYTAyMzBkMWQ4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKotJAUs4iIiTAiPBmhFdv9mlRbq+cta51if1ImrE8ba0gmx
8MaLTKw9KGjJMhlZQBAc8+rGquoT9rouMtDblFdhQNGwg3fol9kZPqzVsqus3C3f
oJYba9LFaC187tf/68bU9wMfJM1gIkOkUQ8zqiL72/ZASOsYsZ44UKmXsdI3p9Mz
m+CA3QbPeyi2l0Uc2g/HXPWIJQkJvSgc5dBfBsEfaP+wz0IHYy8FNTG066tkVaR/
0dmRN26Abpv/Dzd+pG/jzHYTpEBKINH1Kk+iyEUmnzKoT6TzxUHMI+9jEpgzinz2
EAguLJ0turpJAAHAtx+iezYxxQFY3qUWa/Zz+SkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTTqGjJbpL9AOjy0vKzWqKgIw0dgzAfBgNVHSMEGDAWgBQYR7WdIeo2swYv
yoDOdcFhavURmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dFZTFuU0hxTnJNR0w4cUF6blhCWVdyMUVaby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWYvMzgyNGNkLWU1MjctNGFkYy1hNDEyLWY5MWJiNTE3OTIxNy8x
LzA2aG95VzZTX1FEbzh0THlzMXFpb0NNTkhZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWYv
MzgyNGNkLWU1MjctNGFkYy1hNDEyLWY5MWJiNTE3OTIxNy8xL0dFZTFuU0hxTnJN
R0w4cUF6blhCWVdyMUVaby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8Mx0DANBgkqhkiG9w0BAQsFAAOC
AQEAZeWDWuVvSHI5BFhIBJW1UTdAO9CM9SvOOXUZA5vtuhdKGurAZ+n2VU7QisYE
znHBz50B8tBapdkIcHFBhI+grpiVWdXmG1VDh98wKriZBDPT9QgQc2znKx6SgMEA
RF/lrrD0hBvnlS6ziALqrY7anchWBhuBLycCZiV9qVyx+WLkMAMFonB/XBIdVOqg
q1lDLlcFkIYRHjaEwJxG/V+t1IkFvr+7fF4kQyTQXfucW1Mt3oLRxNL067pZxOLb
b+A46dCwQq47uRkQDgyGsQz/55OhSJRGoffmwQDm/csKwnrhceWVLXEWrwSi9Wqf
zpdhuStp+ejwzMZkmW71yBHmfg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:03 2025 by rpki-client