Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/AEwOGKdM4VFoxhzn-iTcKGc08dU.roa
File: AEwOGKdM4VFoxhzn-iTcKGc08dU.roa (raw, json)
Hash identifier: xO3YMLxD3Kh16y7MESaH36SaW3liJ+h57sbM1wBoJIA=
Subject key identifier: 00:4C:0E:18:A7:4C:E1:51:68:C6:1C:E7:FA:24:DC:28:67:34:F1:D5
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018572280FADEF473AB72DF5576AF9A40ABE
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/AEwOGKdM4VFoxhzn-iTcKGc08dU.roa
Signing time: Mon 02 Jan 2023 11:05:06 +0000
ROA not before: Mon 02 Jan 2023 11:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207479
IP address blocks: 81.95.43.0/24 maxlen: 24
82.194.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:0f:ad:ef:47:3a:b7:2d:f5:57:6a:f9:a4:0a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 11:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=004c0e18a74ce15168c61ce7fa24dc286734f1d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:86:75:28:98:03:cf:3a:5e:e5:23:ad:fc:77:
22:71:c0:9d:72:27:41:6d:1c:4c:d9:13:52:75:61:
be:05:98:b6:d2:80:64:54:b1:c6:64:b7:8b:db:5d:
dc:2d:ea:bf:00:df:57:fa:b3:1f:22:57:b0:c6:92:
d1:5a:b8:73:ee:c1:9d:8f:81:99:47:51:b3:55:27:
15:ec:ee:29:3e:94:9c:9b:8a:e7:09:8e:38:4f:57:
b9:1e:b7:8c:64:0d:7a:60:bb:3d:03:d2:13:88:b5:
cf:e3:18:bd:e5:81:7c:c0:72:4a:7c:6e:c2:fe:38:
be:da:be:d0:19:a3:7e:a8:25:6b:c6:e9:42:a0:50:
d6:b3:ce:80:6b:98:f2:66:56:57:f6:29:80:36:69:
67:4b:27:d2:b4:ec:ee:73:b0:d4:a2:44:03:0c:1f:
90:70:4e:2a:d0:7a:e6:5a:8d:d5:a1:99:a2:90:c2:
d2:6f:fe:f4:a3:a6:31:13:e5:a9:84:b8:fd:ab:2d:
7a:73:83:33:64:d6:b9:1f:c6:e2:bb:7d:15:62:2e:
f2:29:63:cf:03:70:a0:b3:37:63:24:4e:6d:47:f0:
66:f0:2d:5a:86:14:28:1b:9b:f1:51:ec:27:29:a4:
a3:3b:cc:34:3b:47:de:01:21:27:61:d7:fd:f4:2d:
05:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4C:0E:18:A7:4C:E1:51:68:C6:1C:E7:FA:24:DC:28:67:34:F1:D5
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/AEwOGKdM4VFoxhzn-iTcKGc08dU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.43.0/24
82.194.248.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:b9:f5:e1:fa:f8:37:58:a1:42:ee:bf:f2:17:4c:a9:a6:08:
b3:06:e9:69:f4:0d:97:4a:3a:60:79:9c:4e:b0:bf:a5:c8:85:
15:05:13:68:d4:39:83:ad:27:33:71:38:e3:a7:27:4e:6d:e9:
fd:69:5e:0f:01:12:4a:e1:d6:51:74:4e:86:23:25:52:ad:b0:
ee:e6:7c:f0:73:bf:1b:80:7c:91:db:63:d1:e5:92:b1:f1:30:
18:72:aa:1a:72:32:f4:e1:bd:e8:f6:7b:61:94:5a:81:bc:13:
3c:e7:7f:c9:5f:1a:3a:34:0a:2f:b6:c3:ff:20:22:88:57:47:
e4:f1:3f:bd:01:2d:0e:2d:62:c1:51:79:cc:06:ad:6f:72:e5:
01:2c:30:b7:6d:ac:c6:c0:d5:6c:a8:9a:a1:c7:24:bd:e5:34:
41:01:10:57:d2:b9:02:5e:70:a8:20:ee:5f:83:d6:74:7e:36:
ee:87:e3:c1:cc:5d:97:dc:d0:3c:53:bd:77:1b:f8:91:7e:bc:
e3:8f:3a:2d:29:06:87:7d:a1:9c:2e:85:0a:2c:fd:77:d5:3d:
05:e9:a6:8a:b3:c5:41:c5:2e:21:b6:b6:a5:7d:1b:db:16:69:
79:25:d8:43:d6:00:79:20:fc:8a:a4:cc:5c:c8:31:68:d2:9d:
8c:75:ff:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyKA+t70c6ty31V2r5pAq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjMwMTAyMTEwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDRjMGUxOGE3NGNlMTUxNjhjNjFjZTdmYTI0ZGMyODY3MzRmMWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4Z1KJgDzzpe5SOt/HciccCdcidB
bRxM2RNSdWG+BZi20oBkVLHGZLeL213cLeq/AN9X+rMfIlewxpLRWrhz7sGdj4GZ
R1GzVScV7O4pPpScm4rnCY44T1e5HreMZA16YLs9A9ITiLXP4xi95YF8wHJKfG7C
/ji+2r7QGaN+qCVrxulCoFDWs86Aa5jyZlZX9imANmlnSyfStOzuc7DUokQDDB+Q
cE4q0HrmWo3VoZmikMLSb/70o6YxE+WphLj9qy16c4MzZNa5H8biu30VYi7yKWPP
A3CgszdjJE5tR/Bm8C1ahhQoG5vxUewnKaSjO8w0O0feASEnYdf99C0FzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFABMDhinTOFRaMYc5/ok3ChnNPHVMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvQUV3T0dLZE00VkZveGh6bi1pVGNLR2MwOGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUV8rAwQA
UsL4MA0GCSqGSIb3DQEBCwUAA4IBAQB6ufXh+vg3WKFC7r/yF0yppgizBulp9A2X
SjpgeZxOsL+lyIUVBRNo1DmDrSczcTjjpydOben9aV4PARJK4dZRdE6GIyVSrbDu
5nzwc78bgHyR22PR5ZKx8TAYcqoacjL04b3o9nthlFqBvBM853/JXxo6NAovtsP/
ICKIV0fk8T+9AS0OLWLBUXnMBq1vcuUBLDC3bazGwNVsqJqhxyS95TRBARBX0rkC
XnCoIO5fg9Z0fjbuh+PBzF2X3NA8U713G/iRfrzjjzotKQaHfaGcLoUKLP131T0F
6aaKs8VBxS4htralfRvbFml5JdhD1gB5IPyKpMxcyDFo0p2Mdf/c
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:17:28 2025 by rpki-client