Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Dyalbp6FjX5ydUUzEY4exjgZA5M.roa
File: Dyalbp6FjX5ydUUzEY4exjgZA5M.roa (raw, json)
Hash identifier: kFgsFQoR1+FSFAmIfnxvBzOaeZAn2DHaZU2hxUVUlmA=
Subject key identifier: 0F:26:A5:6E:9E:85:8D:7E:72:75:45:33:11:8E:1E:C6:38:19:03:93
Certificate issuer: /CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Certificate serial: 01857355FCFD3876C4A3370CFA3AE3259409
Authority key identifier: 1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Dyalbp6FjX5ydUUzEY4exjgZA5M.roa
Signing time: Mon 02 Jan 2023 16:34:53 +0000
ROA not before: Mon 02 Jan 2023 16:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29031
IP address blocks: 195.69.200.0/22 maxlen: 22
193.239.24.0/24 maxlen: 24
193.239.26.0/24 maxlen: 24
195.3.132.0/23 maxlen: 23
91.201.108.0/22 maxlen: 22
195.3.134.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:fc:fd:38:76:c4:a3:37:0c:fa:3a:e3:25:94:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Validity
Not Before: Jan 2 16:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0f26a56e9e858d7e72754533118e1ec638190393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:18:72:b6:13:44:49:b5:b8:9f:9f:dc:91:7e:
10:f1:2d:52:67:fe:36:1f:f5:76:a1:9c:77:05:ba:
25:bf:2b:c3:a1:6e:ad:78:92:ad:f8:6e:5f:54:93:
56:ed:e7:df:dc:8d:c7:b2:ab:79:4c:d7:3b:b3:ca:
10:af:9a:c2:96:cb:e2:db:3d:fb:7d:e8:5f:8a:05:
eb:7a:2e:20:36:43:9c:d9:f0:cd:8f:f8:d5:47:e6:
36:bc:03:03:34:81:43:38:eb:7f:72:d3:05:e9:6a:
51:7e:4f:4c:c1:70:4e:6b:c3:3e:69:3e:68:e0:9e:
be:3a:60:a3:53:5c:6f:f5:1c:6f:07:88:03:97:a0:
ee:90:0b:b6:1c:da:cb:e2:ab:92:7e:4c:40:b1:b6:
9a:4e:4f:64:70:9d:3a:e3:ae:aa:0e:e1:4b:90:7c:
56:a6:ab:93:db:72:f6:fd:bd:7c:2f:41:92:95:2d:
68:8b:7f:46:5d:4f:46:d9:a8:fb:d9:d1:65:bf:69:
40:88:1a:a2:50:37:44:a4:3e:ec:75:fa:cd:07:1d:
a9:8d:00:4d:86:a8:2c:89:31:7d:bd:09:7a:86:ef:
3b:30:e2:39:7b:da:d6:0e:6f:a4:72:45:37:af:f6:
63:3d:24:a7:36:63:29:c7:0c:f4:79:f8:93:1b:b2:
3f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:26:A5:6E:9E:85:8D:7E:72:75:45:33:11:8E:1E:C6:38:19:03:93
X509v3 Authority Key Identifier:
keyid:1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Dyalbp6FjX5ydUUzEY4exjgZA5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.108.0/22
193.239.24.0/24
193.239.26.0/24
195.3.132.0/22
195.69.200.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:18:c5:d5:80:24:78:fc:b6:36:24:d6:ce:1c:82:7b:7a:80:
50:2b:95:2f:68:c6:fd:ad:5d:96:71:4b:e9:34:37:e3:0e:aa:
e1:c5:27:84:f3:05:a0:d3:89:00:d8:46:8d:d4:6b:0c:c1:1a:
b0:08:10:3c:11:20:88:60:ea:8d:ea:f0:b7:20:dd:2e:e8:fa:
92:75:bd:af:dd:c0:a3:2b:6a:9f:46:9a:cc:24:f5:8d:25:c2:
e1:66:b0:3e:d7:d4:77:10:10:9c:6e:80:f1:bf:1c:7d:d7:a7:
77:d4:f2:11:cc:00:b2:da:f9:69:43:b6:20:af:a8:47:b8:c3:
8d:e4:1c:1e:8a:6d:ea:9e:89:ca:71:a7:6b:3c:83:11:f7:a7:
37:14:11:b0:ef:e1:0f:d5:2b:fc:f0:41:81:55:e7:63:ef:b1:
47:7d:36:44:22:f9:6b:e0:8f:fc:fb:36:d9:6f:5b:13:fc:56:
b3:ce:08:5f:71:91:28:fa:3a:53:c7:94:74:6d:23:5f:61:09:
b5:fc:7f:3c:8b:0a:1a:62:4c:0c:23:6e:fc:c6:59:00:1f:68:
7c:07:57:7e:44:b5:d1:4a:a7:05:6f:64:ff:fa:20:7e:84:94:
6b:12:f4:e6:a5:8d:1a:3e:af:64:e5:5a:0c:03:e3:fd:68:f5:
bf:ed:4d:e9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVzVfz9OHbEozcM+jrjJZQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNDdlMmJmMzk3NDcyMWVhZmJmYjhjMzFmYzUyNzMwMzlk
NTA1ZjMwHhcNMjMwMTAyMTYzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjI2YTU2ZTllODU4ZDdlNzI3NTQ1MzMxMThlMWVjNjM4MTkwMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBhythNESbW4n5/ckX4Q8S1SZ/42
H/V2oZx3BbolvyvDoW6teJKt+G5fVJNW7eff3I3Hsqt5TNc7s8oQr5rClsvi2z37
fehfigXrei4gNkOc2fDNj/jVR+Y2vAMDNIFDOOt/ctMF6WpRfk9MwXBOa8M+aT5o
4J6+OmCjU1xv9RxvB4gDl6DukAu2HNrL4quSfkxAsbaaTk9kcJ06466qDuFLkHxW
pquT23L2/b18L0GSlS1oi39GXU9G2aj72dFlv2lAiBqiUDdEpD7sdfrNBx2pjQBN
hqgsiTF9vQl6hu87MOI5e9rWDm+kckU3r/ZjPSSnNmMpxwz0efiTG7I/jQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA8mpW6ehY1+cnVFMxGOHsY4GQOTMB8GA1UdIwQY
MBaAFB5H4r85dHIer7+4wx/FJzA51QXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQt
ZTM2OWQ2NjAyZTZmLzEvRHlhbGJwNkZqWDV5ZFVVekVZNGV4amdaQTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQtZTM2OWQ2NjAyZTZm
LzEvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8lsAwQA
we8YAwQAwe8aAwQCwwOEAwQCw0XIMA0GCSqGSIb3DQEBCwUAA4IBAQB/GMXVgCR4
/LY2JNbOHIJ7eoBQK5UvaMb9rV2WcUvpNDfjDqrhxSeE8wWg04kA2EaN1GsMwRqw
CBA8ESCIYOqN6vC3IN0u6PqSdb2v3cCjK2qfRprMJPWNJcLhZrA+19R3EBCcboDx
vxx916d31PIRzACy2vlpQ7Ygr6hHuMON5Bweim3qnonKcadrPIMR96c3FBGw7+EP
1Sv88EGBVedj77FHfTZEIvlr4I/8+zbZb1sT/FazzghfcZEo+jpTx5R0bSNfYQm1
/H88iwoaYkwMI278xlkAH2h8B1d+RLXRSqcFb2T/+iB+hJRrEvTmpY0aPq9k5VoM
A+P9aPW/7U3p
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:35 2025 by rpki-client