Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/20c7e7-a49f-4031-ba77-63df603161c9/1/_99wBFo1QE0D_2Y18E5rlhl_-GA.roa
File: _99wBFo1QE0D_2Y18E5rlhl_-GA.roa (raw, json)
Hash identifier: BQ2rcqjpFKt3zBsqjXcEWm6CGBsBiqEDC3UP2NrN9Nk=
Subject key identifier: FF:DF:70:04:5A:35:40:4D:03:FF:66:35:F0:4E:6B:96:19:7F:F8:60
Certificate issuer: /CN=82fe7d00e94cd2a7cbf7f9e82cf0992417418df6
Certificate serial: 018A4214A7A7AC64864F9D57E890894D079D
Authority key identifier: 82:FE:7D:00:E9:4C:D2:A7:CB:F7:F9:E8:2C:F0:99:24:17:41:8D:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gv59AOlM0qfL9_noLPCZJBdBjfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/20c7e7-a49f-4031-ba77-63df603161c9/1/_99wBFo1QE0D_2Y18E5rlhl_-GA.roa
Signing time: Tue 29 Aug 2023 16:16:04 +0000
ROA not before: Tue 29 Aug 2023 16:16:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48920
IP address blocks: 195.88.84.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:42:14:a7:a7:ac:64:86:4f:9d:57:e8:90:89:4d:07:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82fe7d00e94cd2a7cbf7f9e82cf0992417418df6
Validity
Not Before: Aug 29 16:16:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffdf70045a35404d03ff6635f04e6b96197ff860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:28:c0:27:2d:ca:35:3a:c1:52:26:1c:ae:74:
0f:19:34:32:3c:c4:51:84:ae:ac:e0:53:e3:99:f5:
11:1e:65:f8:34:be:e4:26:7b:f8:ce:2e:27:00:71:
94:c1:a5:06:54:cf:83:c3:2b:c7:ad:dd:56:85:ea:
f1:89:cb:31:80:fc:a6:f6:93:b1:21:4b:36:21:ce:
76:3b:59:48:de:66:55:8a:f0:7b:d9:82:cb:46:8a:
2d:b1:9a:11:1f:0e:c2:94:a2:83:7a:dd:52:44:2f:
82:66:a4:5d:09:1c:80:6b:a3:58:80:b1:37:e0:ec:
77:e0:eb:70:09:76:eb:20:c1:52:f4:57:ae:f1:77:
93:65:c2:f2:ac:25:7e:86:81:63:9f:a8:ec:99:09:
18:fc:1c:b8:be:c4:5b:66:e6:28:6e:66:2f:86:a4:
17:9f:7e:3b:10:7b:42:0f:a9:3c:3b:1d:12:68:74:
d3:ff:c6:37:ee:6f:60:1d:96:99:4c:6c:7e:86:ad:
38:01:c5:26:57:0a:36:e6:6f:83:a4:e9:b6:76:01:
1d:4e:cb:f3:33:fc:04:ad:23:6e:1c:65:1a:3b:fc:
fa:33:77:3f:4f:6d:33:c6:08:65:bf:3b:79:35:4d:
96:b0:7f:3c:ea:67:55:7c:d4:69:c7:1c:70:65:66:
53:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DF:70:04:5A:35:40:4D:03:FF:66:35:F0:4E:6B:96:19:7F:F8:60
X509v3 Authority Key Identifier:
keyid:82:FE:7D:00:E9:4C:D2:A7:CB:F7:F9:E8:2C:F0:99:24:17:41:8D:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gv59AOlM0qfL9_noLPCZJBdBjfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/20c7e7-a49f-4031-ba77-63df603161c9/1/_99wBFo1QE0D_2Y18E5rlhl_-GA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/20c7e7-a49f-4031-ba77-63df603161c9/1/gv59AOlM0qfL9_noLPCZJBdBjfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.84.0/23
Signature Algorithm: sha256WithRSAEncryption
82:87:05:07:82:df:cc:da:a4:9b:84:d9:8b:66:93:b2:2e:0f:
24:98:4e:26:77:5a:97:0f:b3:b2:50:1a:7b:6a:9e:5a:cc:93:
58:d1:9a:af:ff:1a:31:02:15:1a:66:b8:0b:f3:12:74:63:d6:
b5:9d:d7:49:2e:e2:1e:68:0b:4c:45:4f:e9:7b:45:5e:20:28:
fe:0e:a5:82:0a:4b:25:29:01:1f:73:3e:c0:1e:75:ee:b3:22:
7b:2a:c7:d9:86:00:b2:cb:07:14:a0:ce:9d:98:c7:ff:55:14:
d1:a6:83:cb:6d:2a:75:3c:b2:d5:03:00:fd:97:28:e1:a9:6e:
c3:85:00:4f:1e:14:7f:32:e6:49:f5:e0:74:63:12:da:4a:85:
b8:27:fa:2b:cb:0e:ef:00:8e:be:3b:e9:53:3d:2c:72:b1:64:
f1:11:b6:14:74:e2:3c:31:9b:dd:4d:d5:8b:61:11:a1:44:58:
0d:69:13:6c:f1:2a:b5:af:e6:54:71:05:f6:54:91:6d:cf:cb:
bd:43:44:01:5b:f9:46:ca:91:4a:14:08:3d:d5:f5:0b:4f:27:
51:88:7d:1f:08:c6:30:41:d4:1a:37:4f:93:22:1a:17:30:b5:
f5:2e:69:35:78:92:b1:49:6d:62:a0:59:b3:72:49:f5:be:6a:
f9:1b:0c:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpCFKenrGSGT51X6JCJTQedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZmU3ZDAwZTk0Y2QyYTdjYmY3ZjllODJjZjA5OTI0MTc0
MThkZjYwHhcNMjMwODI5MTYxNjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRmNzAwNDVhMzU0MDRkMDNmZjY2MzVmMDRlNmI5NjE5N2ZmODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CjAJy3KNTrBUiYcrnQPGTQyPMRR
hK6s4FPjmfURHmX4NL7kJnv4zi4nAHGUwaUGVM+DwyvHrd1WherxicsxgPym9pOx
IUs2Ic52O1lI3mZVivB72YLLRootsZoRHw7ClKKDet1SRC+CZqRdCRyAa6NYgLE3
4Ox34OtwCXbrIMFS9Feu8XeTZcLyrCV+hoFjn6jsmQkY/By4vsRbZuYobmYvhqQX
n347EHtCD6k8Ox0SaHTT/8Y37m9gHZaZTGx+hq04AcUmVwo25m+DpOm2dgEdTsvz
M/wErSNuHGUaO/z6M3c/T20zxghlvzt5NU2WsH886mdVfNRpxxxwZWZTIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP/fcARaNUBNA/9mNfBOa5YZf/hgMB8GA1UdIwQY
MBaAFIL+fQDpTNKny/f56CzwmSQXQY32MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3Y1OUFPbE0wcWZMOV9ub0xQQ1pKQmRCamZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy8yMGM3ZTctYTQ5Zi00MDMxLWJhNzct
NjNkZjYwMzE2MWM5LzEvXzk5d0JGbzFRRTBEXzJZMThFNXJsaGxfLUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy8yMGM3ZTctYTQ5Zi00MDMxLWJhNzctNjNkZjYwMzE2MWM5
LzEvZ3Y1OUFPbE0wcWZMOV9ub0xQQ1pKQmRCamZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1hUMA0G
CSqGSIb3DQEBCwUAA4IBAQCChwUHgt/M2qSbhNmLZpOyLg8kmE4md1qXD7OyUBp7
ap5azJNY0Zqv/xoxAhUaZrgL8xJ0Y9a1nddJLuIeaAtMRU/pe0VeICj+DqWCCksl
KQEfcz7AHnXusyJ7KsfZhgCyywcUoM6dmMf/VRTRpoPLbSp1PLLVAwD9lyjhqW7D
hQBPHhR/MuZJ9eB0YxLaSoW4J/oryw7vAI6+O+lTPSxysWTxEbYUdOI8MZvdTdWL
YRGhRFgNaRNs8Sq1r+ZUcQX2VJFtz8u9Q0QBW/lGypFKFAg91fULTydRiH0fCMYw
QdQaN0+TIhoXMLX1Lmk1eJKxSW1ioFmzckn1vmr5Gwzc
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:43:47 2025 by rpki-client