Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/m23q0aU-3y3kyKrt9lyagHqbpPc.roa
File: m23q0aU-3y3kyKrt9lyagHqbpPc.roa (raw, json)
Hash identifier: SOzZaomCZItX8hQ9wZ2O2db+1fwNro8/dREZW1G2BzY=
Subject key identifier: 9B:6D:EA:D1:A5:3E:DF:2D:E4:C8:AA:ED:F6:5C:9A:80:7A:9B:A4:F7
Certificate issuer: /CN=6777a62846df4edbe5666b89e8420e919ab08627
Certificate serial: 057026AB
Authority key identifier: 67:77:A6:28:46:DF:4E:DB:E5:66:6B:89:E8:42:0E:91:9A:B0:86:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/m23q0aU-3y3kyKrt9lyagHqbpPc.roa
Signing time: Sat 01 Jan 2022 03:59:13 +0000
ROA not before: Sat 01 Jan 2022 03:59:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34046
IP address blocks: 195.245.80.0/23 maxlen: 23
195.242.112.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91236011 (0x57026ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6777a62846df4edbe5666b89e8420e919ab08627
Validity
Not Before: Jan 1 03:59:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b6dead1a53edf2de4c8aaedf65c9a807a9ba4f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:de:d1:89:f6:28:ee:63:ee:84:89:39:16:a8:
14:af:55:05:46:b6:34:0f:ba:58:16:ee:ac:89:63:
d1:b8:8e:3b:0e:5e:4c:d8:29:60:6a:65:1b:29:68:
b7:ff:53:1e:3c:60:f9:e3:c7:ba:bf:c7:f5:c5:55:
80:e5:6d:29:dd:23:9d:a8:74:7b:11:25:24:a0:47:
a1:86:0b:3c:16:26:9c:2d:75:70:2c:47:f0:b1:14:
91:13:27:ab:96:c1:62:ef:d0:16:dc:23:31:13:8e:
b7:fb:15:07:5a:10:df:ed:99:8d:be:7a:05:44:ca:
a7:2d:2c:90:6b:6a:0f:05:72:e1:62:73:1d:d4:c8:
a6:00:fb:21:42:0e:23:bb:65:b5:f8:d8:ad:cc:7c:
52:3e:42:4f:27:a1:c3:7a:24:db:3e:05:ea:44:9a:
76:41:3c:a0:9a:50:61:0d:0c:e7:3b:fe:a9:25:ed:
a7:ca:1a:59:e0:80:30:74:9e:fa:17:70:ff:a2:b3:
1e:f5:e6:9b:9a:9b:de:c4:1b:3e:31:09:8e:dc:65:
c7:8e:55:5f:91:68:14:ae:60:b1:00:1c:f4:12:40:
96:86:dc:a3:65:81:cc:0c:95:cb:a1:3f:af:d5:b3:
fc:42:0a:5a:da:0b:e0:08:a5:49:82:a1:88:df:03:
69:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:6D:EA:D1:A5:3E:DF:2D:E4:C8:AA:ED:F6:5C:9A:80:7A:9B:A4:F7
X509v3 Authority Key Identifier:
keyid:67:77:A6:28:46:DF:4E:DB:E5:66:6B:89:E8:42:0E:91:9A:B0:86:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/m23q0aU-3y3kyKrt9lyagHqbpPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.112.0/23
195.245.80.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:8b:d9:25:c3:6c:f3:30:b5:a1:96:f7:a6:6e:17:4e:0e:8f:
a3:f6:c1:c7:00:74:43:2f:4e:5a:c0:bf:b8:01:f4:d4:fd:3a:
8c:1b:42:f8:5c:90:55:64:e8:bc:58:f3:dc:c8:6f:60:ee:bb:
97:48:70:f9:1e:31:eb:cf:15:8a:9a:af:0c:1e:e7:b8:b8:bc:
9f:7f:ac:57:ad:45:a3:19:bd:6b:41:9f:aa:cb:93:39:ab:9e:
4f:5a:fa:42:c1:4f:77:a9:0a:33:5d:b3:77:bd:ba:2f:f0:c3:
bc:ab:1d:e9:87:da:a2:93:b7:eb:2e:db:2c:16:0c:31:8c:ad:
fe:6c:36:e3:7c:b0:20:67:ab:75:41:e7:d1:36:2e:34:fb:91:
56:cc:f3:a4:7f:4d:80:66:a6:8f:dc:d7:eb:27:60:60:9b:dc:
c2:32:ec:12:4a:a1:65:0b:61:66:26:82:db:42:d6:09:df:a6:
de:b7:3e:19:d9:70:87:df:0e:40:e1:74:3a:eb:6c:ec:a3:97:
9c:72:0a:15:db:b5:ee:27:f2:76:4d:fa:f4:5a:3d:eb:d8:dc:
0f:fc:0d:8d:ae:ee:7e:56:ca:fd:8a:1a:3e:36:94:0e:b9:f3:
b8:02:96:3a:6f:ad:a7:b8:3e:bb:7c:9c:1a:de:8b:a3:2f:be:
b1:82:1d:d5
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBXAmqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Nzc3YTYyODQ2ZGY0ZWRiZTU2NjZiODllODQyMGU5MTlhYjA4NjI3MB4XDTIyMDEw
MTAzNTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWI2ZGVhZDFhNTNl
ZGYyZGU0YzhhYWVkZjY1YzlhODA3YTliYTRmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXe0Yn2KO5j7oSJORaoFK9VBUa2NA+6WBburIlj0biOOw5e
TNgpYGplGylot/9THjxg+ePHur/H9cVVgOVtKd0jnah0exElJKBHoYYLPBYmnC11
cCxH8LEUkRMnq5bBYu/QFtwjMROOt/sVB1oQ3+2Zjb56BUTKpy0skGtqDwVy4WJz
HdTIpgD7IUIOI7tltfjYrcx8Uj5CTyehw3ok2z4F6kSadkE8oJpQYQ0M5zv+qSXt
p8oaWeCAMHSe+hdw/6KzHvXmm5qb3sQbPjEJjtxlx45VX5FoFK5gsQAc9BJAlobc
o2WBzAyVy6E/r9Wz/EIKWtoL4AilSYKhiN8DacMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSbberRpT7fLeTIqu32XJqAepuk9zAfBgNVHSMEGDAWgBRnd6YoRt9O2+Vm
a4noQg6RmrCGJzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ozZW1LRWJmVHR2bFptdUo2RUlPa1pxd2hpYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvY2IzNzNmLTc2NGQtNDUzMi04MzMzLTYyZDk0YWY4MDFiNS8x
L20yM3EwYVUtM3kza3lLcnQ5bHlhZ0hxYnBQYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
Y2IzNzNmLTc2NGQtNDUzMi04MzMzLTYyZDk0YWY4MDFiNS8xL1ozZW1LRWJmVHR2
bFptdUo2RUlPa1pxd2hpYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcPycAMEAcP1UDANBgkqhkiG9w0B
AQsFAAOCAQEArIvZJcNs8zC1oZb3pm4XTg6Po/bBxwB0Qy9OWsC/uAH01P06jBtC
+FyQVWTovFjz3MhvYO67l0hw+R4x688VipqvDB7nuLi8n3+sV61Foxm9a0GfqsuT
OaueT1r6QsFPd6kKM12zd726L/DDvKsd6YfaopO36y7bLBYMMYyt/mw243ywIGer
dUHn0TYuNPuRVszzpH9NgGamj9zX6ydgYJvcwjLsEkqhZQthZiaC20LWCd+m3rc+
Gdlwh98OQOF0Outs7KOXnHIKFdu17ifydk369Fo969jcD/wNja7uflbK/YoaPjaU
DrnzuAKWOm+tp7g+u3ycGt6Loy++sYId1Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:13 2025 by rpki-client