Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/UF219i1cnC1OXnn8iuH2OFY4ON8.roa
File: UF219i1cnC1OXnn8iuH2OFY4ON8.roa (raw, json)
Hash identifier: zfFl87cMpS58XwT7GeI6sdlYxWw5uf08fiVAdiHR8hs=
Subject key identifier: 50:5D:B5:F6:2D:5C:9C:2D:4E:5E:79:FC:8A:E1:F6:38:56:38:38:DF
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B0F5151320FFCC29506E53B53D770
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/UF219i1cnC1OXnn8iuH2OFY4ON8.roa
Signing time: Sun 01 Jan 2023 13:35:08 +0000
ROA not before: Sun 01 Jan 2023 13:35:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201870
IP address blocks: 195.65.24.0/24 maxlen: 24
195.65.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:0f:51:51:32:0f:fc:c2:95:06:e5:3b:53:d7:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=505db5f62d5c9c2d4e5e79fc8ae1f638563838df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:25:a1:c4:b0:4b:05:54:55:62:1e:e6:20:25:
97:c5:63:dd:bf:af:7a:81:86:24:b8:7e:4c:62:81:
dd:4b:a9:3f:c9:42:67:6f:0b:9f:90:73:cd:87:02:
4a:77:e8:1f:b0:59:62:ef:65:ab:76:9e:0b:3f:9e:
06:60:48:fc:1d:9f:4b:b3:e8:b2:cd:2a:98:c8:2b:
2f:b7:a4:c8:b5:2b:d2:c0:14:7f:e7:e7:ca:04:5c:
8c:36:93:76:ef:5f:9c:c3:53:ef:d3:68:27:51:92:
57:35:88:5f:b3:20:f2:13:4e:29:87:bf:be:b9:73:
1c:c8:29:d2:d2:d1:3b:6b:cb:a2:0c:85:6b:ac:fa:
58:d3:1f:1d:3f:33:fc:75:24:16:fa:2a:ad:ca:38:
24:fc:c3:fa:94:f0:f1:62:08:14:80:2b:a5:56:6c:
83:6e:69:bd:4d:5f:30:45:79:8d:db:4c:4c:41:30:
c4:db:92:e2:e9:f5:6d:5b:1c:4c:2c:de:f0:97:79:
d0:11:eb:71:3b:ba:ab:a6:cc:82:55:d7:70:38:4b:
73:d3:b5:ce:d1:91:18:aa:3f:dc:56:f4:55:f7:67:
17:2d:f1:a3:19:c9:b9:11:7c:45:15:ed:76:5e:c8:
89:40:f7:87:d0:7e:19:4b:9b:fd:a5:c1:34:20:ac:
e6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:5D:B5:F6:2D:5C:9C:2D:4E:5E:79:FC:8A:E1:F6:38:56:38:38:DF
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/UF219i1cnC1OXnn8iuH2OFY4ON8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.65.24.0/24
195.65.33.0/24
Signature Algorithm: sha256WithRSAEncryption
05:dd:5c:04:8e:dc:ad:ae:33:a7:ec:e9:9f:8a:47:19:8d:81:
fc:b4:c6:cf:35:ca:de:fb:cc:c4:be:a5:1f:f7:dc:89:fc:d4:
16:f6:02:79:c6:8a:15:2b:c8:3c:1f:8b:3a:77:25:81:01:c9:
d3:55:88:be:d0:61:0f:65:30:9a:5c:54:fa:bd:e6:c2:6a:e6:
c4:77:0f:4e:3f:e2:75:92:fa:8b:cf:44:19:d0:82:59:8b:f7:
81:8e:92:d1:7c:10:9c:7b:10:d7:7b:9e:68:4d:97:6b:af:ec:
de:6a:d1:40:40:35:d5:cb:9d:82:9b:ec:10:8d:35:99:04:df:
b9:eb:5f:0e:d3:44:3c:f9:6e:44:30:cd:36:ba:3c:87:b2:0b:
54:fd:d4:86:9a:83:38:46:d4:0e:bf:ca:f9:71:5f:49:e8:16:
83:f3:04:15:d2:e5:c5:ab:84:c8:25:6a:41:b3:05:19:9a:1e:
7a:a0:67:6b:38:dd:5a:88:a3:b6:43:aa:f3:a9:81:38:21:b4:
3c:85:62:b4:f7:39:80:23:1c:ce:8d:d2:a8:4c:fc:83:13:1a:
06:af:6b:ea:85:11:01:70:ab:28:71:99:70:fd:3a:ee:99:ea:
c4:fd:e8:a6:aa:3c:97:63:4a:d8:22:a7:18:c7:ab:cf:d1:13:
cf:8d:b8:2f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtiw9RUTIP/MKVBuU7U9dwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDVkYjVmNjJkNWM5YzJkNGU1ZTc5ZmM4YWUxZjYzODU2MzgzOGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyWhxLBLBVRVYh7mICWXxWPdv696
gYYkuH5MYoHdS6k/yUJnbwufkHPNhwJKd+gfsFli72Wrdp4LP54GYEj8HZ9Ls+iy
zSqYyCsvt6TItSvSwBR/5+fKBFyMNpN271+cw1Pv02gnUZJXNYhfsyDyE04ph7++
uXMcyCnS0tE7a8uiDIVrrPpY0x8dPzP8dSQW+iqtyjgk/MP6lPDxYggUgCulVmyD
bmm9TV8wRXmN20xMQTDE25Li6fVtWxxMLN7wl3nQEetxO7qrpsyCVddwOEtz07XO
0ZEYqj/cVvRV92cXLfGjGcm5EXxFFe12XsiJQPeH0H4ZS5v9pcE0IKzmGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFBdtfYtXJwtTl55/Irh9jhWODjfMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvVUYyMTlpMWNuQzFPWG5uOGl1SDJPRlk0T044LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw0EYAwQA
w0EhMA0GCSqGSIb3DQEBCwUAA4IBAQAF3VwEjtytrjOn7OmfikcZjYH8tMbPNcre
+8zEvqUf99yJ/NQW9gJ5xooVK8g8H4s6dyWBAcnTVYi+0GEPZTCaXFT6vebCaubE
dw9OP+J1kvqLz0QZ0IJZi/eBjpLRfBCcexDXe55oTZdrr+zeatFAQDXVy52Cm+wQ
jTWZBN+5618O00Q8+W5EMM02ujyHsgtU/dSGmoM4RtQOv8r5cV9J6BaD8wQV0uXF
q4TIJWpBswUZmh56oGdrON1aiKO2Q6rzqYE4IbQ8hWK09zmAIxzOjdKoTPyDExoG
r2vqhREBcKsocZlw/TrumerE/eimqjyXY0rYIqcYx6vP0RPPjbgv
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:57:50 2025 by rpki-client