Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/P3IfAt9Iqf8oxnyPFXBJqfSyn74.roa
File: P3IfAt9Iqf8oxnyPFXBJqfSyn74.roa (raw, json)
Hash identifier: fnmemmg4VJHiZKkNggnRh5tvp0o7ihBYiTynjYz4Q+U=
Subject key identifier: 3F:72:1F:02:DF:48:A9:FF:28:C6:7C:8F:15:70:49:A9:F4:B2:9F:BE
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 50EDFD16
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/P3IfAt9Iqf8oxnyPFXBJqfSyn74.roa
Signing time: Sat 01 Jan 2022 16:02:02 +0000
ROA not before: Sat 01 Jan 2022 16:02:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209494
IP address blocks: 195.65.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1357774102 (0x50edfd16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 16:02:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f721f02df48a9ff28c67c8f157049a9f4b29fbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ce:a1:32:c6:2a:46:1e:66:11:bf:de:6e:ed:
dc:ac:1e:2d:fa:67:bd:57:2b:5f:c4:71:76:33:6e:
65:a3:a0:42:71:d0:98:94:5c:4e:8f:ca:9b:3b:b5:
e1:1e:9a:f4:e4:ef:c6:c8:c0:84:9f:e7:ae:82:af:
0b:e4:c7:14:04:59:ff:d1:76:3a:ec:3f:21:1a:e2:
49:bc:9a:d7:e0:e2:3e:8e:5d:46:53:bc:05:16:a2:
86:89:a8:cc:51:ec:63:cd:bd:67:f2:31:fb:ec:87:
a4:6c:05:66:ee:1e:c1:4e:78:90:43:13:0c:06:6b:
be:1c:e1:78:ec:a3:31:fd:0c:33:51:b5:ab:50:d2:
9a:e7:6a:a2:fd:ee:dc:77:26:22:4c:32:30:8e:c0:
5b:ac:7b:eb:40:35:2a:62:ab:a0:a0:32:11:ad:bb:
be:5f:76:bd:9a:16:ed:5c:93:fe:b1:f8:42:ae:23:
a6:ff:a0:b8:f1:4a:cf:1b:89:49:4e:e0:6d:b5:fa:
e0:5c:25:56:cb:ed:f4:26:92:df:b5:f2:82:11:75:
1d:db:32:2e:55:8b:eb:ef:bc:e2:5a:d7:a3:a0:1f:
e2:42:84:e4:13:ed:ec:ce:9f:3b:a3:c6:80:af:fa:
99:36:b9:2c:51:74:fd:e4:d3:e2:04:9c:a0:93:05:
66:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:72:1F:02:DF:48:A9:FF:28:C6:7C:8F:15:70:49:A9:F4:B2:9F:BE
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/P3IfAt9Iqf8oxnyPFXBJqfSyn74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.65.43.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:88:f5:91:a3:db:2c:d1:fa:a1:ce:11:9f:78:66:af:ef:34:
e5:f4:fe:27:7b:95:8d:02:fd:1b:35:b2:72:bc:2f:f2:fa:85:
d2:87:cc:0e:56:ee:6b:fb:ef:76:3d:ed:a4:09:ca:55:6d:19:
d1:c6:e6:d2:d6:94:73:f5:ae:ef:4b:90:5d:1f:4a:87:ce:e1:
4c:61:b3:24:79:ad:81:99:eb:d6:c5:cb:ea:84:06:da:d7:2c:
f4:20:e7:83:75:de:61:93:66:ac:56:2c:2f:1d:07:c1:76:e9:
fa:03:26:b1:1d:ef:0e:83:04:84:03:16:c6:c9:2d:7d:51:03:
69:c3:47:07:aa:d3:51:9d:6d:97:d4:3a:37:d9:40:1e:3a:24:
11:dc:b9:3a:6e:58:be:3f:e5:2b:86:c3:2f:d2:8c:66:63:77:
33:39:32:c0:2a:6e:cb:86:4c:dc:f7:d1:c0:2b:0b:59:37:9c:
19:b9:07:fe:a4:a7:a9:4e:75:51:2f:c3:72:f8:e3:bc:31:2a:
3e:7e:df:de:24:c6:d3:2e:a1:ee:be:31:a3:72:f7:10:ac:3c:
69:2f:0d:1f:38:95:07:14:cf:3d:30:eb:33:3c:1f:33:e7:ca:
73:12:d1:80:9e:d1:a0:92:f8:66:dc:cc:a9:c7:b2:6c:f6:c8:
c3:e0:53:fb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEUO39FjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjYzZjNkYjE1MmUwNTVhYzE0NWJkYmI0MjllMDE4NjU0MjA0YzhkMB4XDTIyMDEw
MTE2MDIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y3MjFmMDJkZjQ4
YTlmZjI4YzY3YzhmMTU3MDQ5YTlmNGIyOWZiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbOoTLGKkYeZhG/3m7t3KweLfpnvVcrX8RxdjNuZaOgQnHQ
mJRcTo/Kmzu14R6a9OTvxsjAhJ/nroKvC+THFARZ/9F2Ouw/IRriSbya1+DiPo5d
RlO8BRaihomozFHsY829Z/Ix++yHpGwFZu4ewU54kEMTDAZrvhzheOyjMf0MM1G1
q1DSmudqov3u3HcmIkwyMI7AW6x760A1KmKroKAyEa27vl92vZoW7VyT/rH4Qq4j
pv+guPFKzxuJSU7gbbX64FwlVsvt9CaS37XyghF1HdsyLlWL6++84lrXo6Af4kKE
5BPt7M6fO6PGgK/6mTa5LFF0/eTT4gScoJMFZi0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ/ch8C30ip/yjGfI8VcEmp9LKfvjAfBgNVHSMEGDAWgBQmY/PbFS4FWsFF
vbtCngGGVCBMjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8x
L1AzSWZBdDlJcWY4b3hueVBGWEJKcWZTeW43NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2YzliYi8xL0ptUHoyeFV1QlZy
QlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNBKzANBgkqhkiG9w0BAQsFAAOC
AQEAjYj1kaPbLNH6oc4Rn3hmr+805fT+J3uVjQL9GzWycrwv8vqF0ofMDlbua/vv
dj3tpAnKVW0Z0cbm0taUc/Wu70uQXR9Kh87hTGGzJHmtgZnr1sXL6oQG2tcs9CDn
g3XeYZNmrFYsLx0HwXbp+gMmsR3vDoMEhAMWxsktfVEDacNHB6rTUZ1tl9Q6N9lA
HjokEdy5Om5Yvj/lK4bDL9KMZmN3MzkywCpuy4ZM3PfRwCsLWTecGbkH/qSnqU51
US/DcvjjvDEqPn7f3iTG0y6h7r4xo3L3EKw8aS8NHziVBxTPPTDrMzwfM+fKcxLR
gJ7RoJL4ZtzMqceybPbIw+BT+w==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:52:44 2025 by rpki-client