Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/406rCV8LyRjgDxhvMyh34Qo48ZM.roa
File: 406rCV8LyRjgDxhvMyh34Qo48ZM.roa (raw, json)
Hash identifier: a8AYcRykPjNYsRHpJySiFp5aKASgckVsP7eSLL1lgH0=
Subject key identifier: E3:4E:AB:09:5F:0B:C9:18:E0:0F:18:6F:33:28:77:E1:0A:38:F1:93
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8AFF3AFE750CE05DA97B7F88A92049
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/406rCV8LyRjgDxhvMyh34Qo48ZM.roa
Signing time: Sun 01 Jan 2023 13:35:03 +0000
ROA not before: Sun 01 Jan 2023 13:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 195.65.17.0/24 maxlen: 24
194.209.178.0/24 maxlen: 24
194.6.190.0/24 maxlen: 24
195.65.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:ff:3a:fe:75:0c:e0:5d:a9:7b:7f:88:a9:20:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e34eab095f0bc918e00f186f332877e10a38f193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:31:31:00:06:fd:3f:a6:41:7e:fb:ac:c3:94:
4b:a6:d2:b2:f8:b3:c1:15:55:a3:59:a2:9d:ba:b9:
97:8e:ee:f3:95:d3:3f:e9:9b:28:13:7a:99:97:31:
97:c2:10:a0:4a:74:f6:89:4c:bd:48:55:36:2c:72:
7e:d7:ba:c6:5e:34:a1:0e:52:75:cf:f9:a8:48:89:
9e:35:a9:25:bd:a4:2b:af:b5:5f:aa:80:7e:b0:61:
91:51:b8:1b:bc:54:fb:90:8c:e7:3e:12:03:b3:3e:
fb:fd:53:87:43:6d:cf:73:17:7f:50:1e:ec:f1:8d:
b8:5a:6f:ae:65:3a:2d:9f:49:fd:ee:a5:b1:5a:15:
df:85:26:1b:8f:4e:be:70:17:c3:91:94:3e:10:05:
f1:58:2a:c6:c1:b2:86:1c:8d:f3:b6:ae:a1:ab:d4:
58:f6:ef:12:4a:ed:2f:f5:cf:e9:05:52:15:f3:d7:
cb:e1:c0:cd:a2:03:7d:56:5d:ac:4a:16:08:07:fd:
80:c4:d9:6c:67:88:c7:0b:dd:83:39:b4:53:d5:97:
11:f2:95:35:8e:77:ef:35:8e:63:40:69:58:d5:2c:
20:1c:08:c3:b5:7a:6c:d3:5b:73:56:29:46:7d:9f:
52:94:b9:01:64:ef:57:04:07:14:40:8b:52:1c:a6:
99:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4E:AB:09:5F:0B:C9:18:E0:0F:18:6F:33:28:77:E1:0A:38:F1:93
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/406rCV8LyRjgDxhvMyh34Qo48ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.6.190.0/24
194.209.178.0/24
195.65.17.0/24
195.65.208.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:ce:8c:69:7b:9c:76:82:ff:89:57:39:45:3a:8f:0f:9e:cc:
4f:30:28:12:af:4c:75:15:55:3e:4d:4c:7b:e1:23:c6:e1:da:
c5:24:a7:d4:d9:d9:ab:4f:cd:32:5a:29:e3:4e:f8:ec:71:63:
cd:d4:82:1e:cf:86:80:32:04:62:6b:25:48:e2:67:c8:e5:32:
a8:91:55:1d:af:4f:5e:38:d2:f4:9c:aa:bf:08:35:aa:7c:7d:
52:ff:e7:e6:25:5f:b0:8d:fc:42:ac:27:59:9e:81:57:b5:0c:
7c:b2:87:5c:6d:a6:9d:26:11:e7:af:c2:ab:46:23:c4:95:4a:
42:dd:bf:3b:e5:48:60:b8:31:2e:2a:02:30:a9:8c:96:7d:b1:
23:01:fc:5f:57:fd:32:e6:e7:8f:e8:80:38:dc:de:b6:68:ac:
b1:20:64:d7:a0:a4:8d:29:5b:ce:81:85:bf:4c:52:2a:33:76:
0b:96:f3:03:d5:d0:b4:1d:a1:a8:ac:80:e4:47:b6:ae:5b:9d:
2c:fc:26:de:67:f5:72:22:2e:b4:89:0f:bb:ee:b3:3a:de:0e:
67:09:7c:aa:1c:e3:56:4b:4d:8b:10:40:f1:cf:4e:5a:0a:40:
b1:5f:75:13:ec:c4:11:94:4a:0e:90:10:cc:72:79:92:ce:a3:
f7:13:6a:e6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVtiv86/nUM4F2pe3+IqSBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzRlYWIwOTVmMGJjOTE4ZTAwZjE4NmYzMzI4NzdlMTBhMzhmMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzExAAb9P6ZBfvusw5RLptKy+LPB
FVWjWaKdurmXju7zldM/6ZsoE3qZlzGXwhCgSnT2iUy9SFU2LHJ+17rGXjShDlJ1
z/moSImeNaklvaQrr7VfqoB+sGGRUbgbvFT7kIznPhIDsz77/VOHQ23Pcxd/UB7s
8Y24Wm+uZTotn0n97qWxWhXfhSYbj06+cBfDkZQ+EAXxWCrGwbKGHI3ztq6hq9RY
9u8SSu0v9c/pBVIV89fL4cDNogN9Vl2sShYIB/2AxNlsZ4jHC92DObRT1ZcR8pU1
jnfvNY5jQGlY1SwgHAjDtXps01tzVilGfZ9SlLkBZO9XBAcUQItSHKaZ8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFONOqwlfC8kY4A8YbzMod+EKOPGTMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvNDA2ckNWOEx5UmpnRHhodk15aDM0UW80OFpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwga+AwQA
wtGyAwQAw0ERAwQAw0HQMA0GCSqGSIb3DQEBCwUAA4IBAQChzoxpe5x2gv+JVzlF
Oo8PnsxPMCgSr0x1FVU+TUx74SPG4drFJKfU2dmrT80yWinjTvjscWPN1IIez4aA
MgRiayVI4mfI5TKokVUdr09eONL0nKq/CDWqfH1S/+fmJV+wjfxCrCdZnoFXtQx8
sodcbaadJhHnr8KrRiPElUpC3b875UhguDEuKgIwqYyWfbEjAfxfV/0y5ueP6IA4
3N62aKyxIGTXoKSNKVvOgYW/TFIqM3YLlvMD1dC0HaGorIDkR7auW50s/CbeZ/Vy
Ii60iQ+77rM63g5nCXyqHONWS02LEEDxz05aCkCxX3UT7MQRlEoOkBDMcnmSzqP3
E2rm
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:03:26 2025 by rpki-client