Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/oQ_tjj6VlhzeKflhM82msBwWvVg.roa
File: oQ_tjj6VlhzeKflhM82msBwWvVg.roa (raw, json)
Hash identifier: FaRbdYkX4ZwyuHLeDo4LVSEtOQhm8M0okDFPDTyfXkc=
Subject key identifier: A1:0F:ED:8E:3E:95:96:1C:DE:29:F9:61:33:CD:A6:B0:1C:16:BD:58
Certificate issuer: /CN=6ab449c198cb96637bac1a5b6d51cb31f258bb2c
Certificate serial: 1279DE27
Authority key identifier: 6A:B4:49:C1:98:CB:96:63:7B:AC:1A:5B:6D:51:CB:31:F2:58:BB:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/arRJwZjLlmN7rBpbbVHLMfJYuyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/oQ_tjj6VlhzeKflhM82msBwWvVg.roa
Signing time: Sat 01 Jan 2022 00:53:45 +0000
ROA not before: Sat 01 Jan 2022 00:53:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13008
IP address blocks: 195.72.132.0/24 maxlen: 24
195.72.133.0/24 maxlen: 24
195.72.135.0/24 maxlen: 24
195.72.134.0/24 maxlen: 24
2001:67c:404::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 309976615 (0x1279de27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ab449c198cb96637bac1a5b6d51cb31f258bb2c
Validity
Not Before: Jan 1 00:53:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a10fed8e3e95961cde29f96133cda6b01c16bd58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f6:c5:eb:d6:34:59:79:8b:07:18:76:0a:96:
f1:37:39:24:94:e7:1f:5b:1b:6c:33:ed:a4:2e:e3:
57:a5:4e:aa:1a:90:4f:5b:f1:93:85:fa:9d:ba:2e:
f6:c4:c4:c7:dc:18:8d:a1:c2:57:47:50:dd:16:32:
c7:31:8d:a9:e2:33:94:c5:33:7d:67:7b:4f:71:a8:
6b:bd:5d:a4:32:cd:3e:9d:43:f1:8c:6f:81:e5:9a:
61:85:02:62:24:66:42:bd:60:17:af:45:3f:90:d6:
87:b0:32:e9:1d:56:79:44:c5:34:0d:8c:6d:9e:46:
e4:6d:cd:3c:32:ec:59:73:45:66:95:b8:48:c2:8b:
c8:19:8c:f2:68:d2:9e:bd:02:15:57:b6:1f:1e:2c:
78:a1:0d:3b:6d:f0:e8:ff:d5:9c:de:ed:ba:cb:21:
4e:04:cd:a4:8b:81:30:f5:9e:a5:34:63:bb:8d:d5:
de:40:14:16:4b:41:65:af:c2:3e:44:fb:94:e5:27:
66:09:bc:1a:f7:ec:2f:6d:3b:4d:de:23:f3:47:44:
98:0b:0e:1a:fb:92:1b:dd:f1:d9:4c:9c:e1:7c:01:
48:89:e2:34:57:d1:75:72:78:95:cb:b5:3c:5a:ae:
5e:9d:80:c0:28:40:34:38:f7:4b:88:a8:12:7b:33:
a9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:0F:ED:8E:3E:95:96:1C:DE:29:F9:61:33:CD:A6:B0:1C:16:BD:58
X509v3 Authority Key Identifier:
keyid:6A:B4:49:C1:98:CB:96:63:7B:AC:1A:5B:6D:51:CB:31:F2:58:BB:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/arRJwZjLlmN7rBpbbVHLMfJYuyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/oQ_tjj6VlhzeKflhM82msBwWvVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2b187d-edd8-40ee-a17c-d67da3c6969b/1/arRJwZjLlmN7rBpbbVHLMfJYuyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.72.132.0/22
IPv6:
2001:67c:404::/48
Signature Algorithm: sha256WithRSAEncryption
79:3b:67:76:a7:26:01:b2:eb:6a:b5:07:3c:2e:88:7f:05:11:
48:01:ca:0e:c4:c7:f5:68:00:86:15:07:08:af:5a:d9:51:7c:
e0:1d:cd:da:f4:04:2c:0b:07:32:31:77:28:0f:7f:05:17:97:
bc:0d:79:47:0a:6e:0f:f9:d7:2a:b9:f3:89:33:eb:ec:df:c3:
4b:7b:bc:72:b1:06:c0:cb:be:64:97:c3:f0:a5:5a:93:40:6e:
62:97:16:4a:fb:5f:9f:3c:da:b0:66:ad:06:9f:e5:bb:f4:f9:
3b:c8:ce:e5:f8:e5:11:d8:7f:7f:6a:2a:f9:2f:3a:28:56:aa:
01:0d:42:3b:7b:b7:d2:dc:ca:dc:d6:26:b9:ef:86:6a:e0:2f:
d3:fd:4a:c7:e8:3d:21:c3:94:04:af:68:53:d2:7b:01:13:2e:
1e:07:20:a6:62:47:32:24:ff:82:d5:fd:84:bd:ed:ee:6d:d1:
c1:f1:9e:90:aa:dd:32:37:8b:72:97:16:f3:69:d0:41:3e:1a:
e1:7e:9a:72:6c:5d:7b:10:d9:59:c4:54:ff:0d:45:5c:42:5c:
85:94:9d:13:6c:4f:95:be:47:ef:dc:3d:cf:94:85:26:47:c8:
4b:23:36:b5:2b:ad:93:eb:b6:71:b2:a0:f0:59:ee:8e:77:4d:
f7:18:cc:ab
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEEnneJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YWI0NDljMTk4Y2I5NjYzN2JhYzFhNWI2ZDUxY2IzMWYyNThiYjJjMB4XDTIyMDEw
MTAwNTM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTEwZmVkOGUzZTk1
OTYxY2RlMjlmOTYxMzNjZGE2YjAxYzE2YmQ1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/2xevWNFl5iwcYdgqW8Tc5JJTnH1sbbDPtpC7jV6VOqhqQ
T1vxk4X6nbou9sTEx9wYjaHCV0dQ3RYyxzGNqeIzlMUzfWd7T3Goa71dpDLNPp1D
8YxvgeWaYYUCYiRmQr1gF69FP5DWh7Ay6R1WeUTFNA2MbZ5G5G3NPDLsWXNFZpW4
SMKLyBmM8mjSnr0CFVe2Hx4seKENO23w6P/VnN7tusshTgTNpIuBMPWepTRju43V
3kAUFktBZa/CPkT7lOUnZgm8GvfsL207Td4j80dEmAsOGvuSG93x2Uyc4XwBSIni
NFfRdXJ4lcu1PFquXp2AwChANDj3S4ioEnszqXsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBShD+2OPpWWHN4p+WEzzaawHBa9WDAfBgNVHSMEGDAWgBRqtEnBmMuWY3us
GlttUcsx8li7LDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FyUkp3WmpMbG1ON3JCcGJiVkhMTWZKWXV5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvMmIxODdkLWVkZDgtNDBlZS1hMTdjLWQ2N2RhM2M2OTY5Yi8x
L29RX3RqajZWbGh6ZUtmbGhNODJtc0J3V3ZWZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
MmIxODdkLWVkZDgtNDBlZS1hMTdjLWQ2N2RhM2M2OTY5Yi8xL2FyUkp3WmpMbG1O
N3JCcGJiVkhMTWZKWXV5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAsNIhDAPBAIAAjAJAwcAIAEGfAQE
MA0GCSqGSIb3DQEBCwUAA4IBAQB5O2d2pyYBsutqtQc8Loh/BRFIAcoOxMf1aACG
FQcIr1rZUXzgHc3a9AQsCwcyMXcoD38FF5e8DXlHCm4P+dcqufOJM+vs38NLe7xy
sQbAy75kl8PwpVqTQG5ilxZK+1+fPNqwZq0Gn+W79Pk7yM7l+OUR2H9/air5Lzoo
VqoBDUI7e7fS3Mrc1ia574Zq4C/T/UrH6D0hw5QEr2hT0nsBEy4eByCmYkcyJP+C
1f2Eve3ubdHB8Z6Qqt0yN4tylxbzadBBPhrhfppybF17ENlZxFT/DUVcQlyFlJ0T
bE+Vvkfv3D3PlIUmR8hLIza1K62T67ZxsqDwWe6Od033GMyr
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:49 2025 by rpki-client