Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/liBk45Yfz3h38hlyEDrWvuyha-g.roa
File: liBk45Yfz3h38hlyEDrWvuyha-g.roa (raw, json)
Hash identifier: jI3GB85mPR9QpbCNlJrXSGylG07M+X2s4/aMvnRiGYg=
Subject key identifier: 96:20:64:E3:96:1F:CF:78:77:F2:19:72:10:3A:D6:BE:EC:A1:6B:E8
Certificate issuer: /CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Certificate serial: 023245
Authority key identifier: AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/liBk45Yfz3h38hlyEDrWvuyha-g.roa
Signing time: Thu 16 Jun 2022 21:23:44 +0000
ROA not before: Thu 16 Jun 2022 21:23:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207922
IP address blocks: 195.26.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143941 (0x23245)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa5b471d0ba089d9e9f46c291319674fac8128d0
Validity
Not Before: Jun 16 21:23:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=962064e3961fcf7877f21972103ad6beeca16be8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:67:48:1c:4e:c9:97:7d:7f:0c:dc:fd:8d:21:
37:e9:82:f2:63:d7:da:f0:38:5c:84:2e:22:e9:07:
b0:cb:b4:ac:a8:51:dd:f4:b9:2f:67:f0:40:09:55:
6e:49:c2:9f:f1:c2:74:23:95:6d:f2:c4:a2:a1:a5:
b3:ad:23:67:75:e2:e8:68:a8:81:4f:9a:f0:68:b8:
82:a1:e3:7b:0d:25:8e:aa:27:7a:e5:7b:9b:20:3f:
3b:2c:95:2d:b8:ef:6f:e2:46:a7:a2:30:75:86:a2:
e3:5c:23:c6:f9:6f:c9:cc:d0:7c:d1:1e:4d:4f:ff:
bc:1d:b8:39:24:c5:ea:d3:83:67:76:13:08:42:98:
1d:23:93:8f:c6:fc:38:55:dc:11:66:6f:75:94:3f:
05:4d:8e:fd:a4:9f:45:a1:95:64:e2:f4:7a:e1:c4:
90:23:d5:61:71:69:ee:a6:24:5a:65:7c:d1:75:a3:
7b:14:4c:1e:fd:1a:d6:9c:32:1a:f5:f5:0f:f9:5b:
4f:3d:49:06:7f:9d:3f:ee:be:36:1a:20:2f:6b:0e:
05:bd:90:56:7c:c1:49:f2:24:09:ac:ec:ec:56:90:
99:68:ca:9b:e1:b8:bb:db:ac:5b:34:f5:6f:a3:70:
8c:11:02:47:aa:e7:d9:a5:4a:c7:89:a1:13:1b:1e:
33:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:20:64:E3:96:1F:CF:78:77:F2:19:72:10:3A:D6:BE:EC:A1:6B:E8
X509v3 Authority Key Identifier:
keyid:AA:5B:47:1D:0B:A0:89:D9:E9:F4:6C:29:13:19:67:4F:AC:81:28:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qltHHQugidnp9GwpExlnT6yBKNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/liBk45Yfz3h38hlyEDrWvuyha-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/4be027-88e9-47e3-bb88-6f2e2529be82/1/qltHHQugidnp9GwpExlnT6yBKNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.26.8.0/24
Signature Algorithm: sha256WithRSAEncryption
37:e7:6f:ac:5b:1d:c8:de:e1:2f:57:91:45:7d:b6:f9:6a:ec:
33:4a:f1:37:18:86:39:7e:04:fd:8f:b7:4a:01:12:ab:e4:70:
a5:d1:3b:34:1e:fb:32:86:df:92:40:b2:65:61:b6:9f:bc:e9:
bf:e1:45:dd:bb:59:39:19:26:1e:81:28:7a:45:41:d8:43:09:
e8:22:7a:c0:0d:33:65:b1:11:69:57:81:96:e7:68:fa:41:7c:
2b:24:2c:d1:8e:48:5e:f3:f1:e7:c4:bf:13:90:1c:54:c3:84:
07:14:b5:7d:a0:54:b2:ae:d2:f3:5f:2d:bd:0b:37:0d:40:bb:
40:99:4e:f5:ec:98:28:60:ff:e8:14:2d:75:d5:5a:40:65:e4:
c2:28:5e:79:ee:fa:0b:7e:7b:5c:e7:4a:4f:fd:0e:63:3d:2c:
87:04:80:4c:55:72:6e:d3:bb:c3:fd:2c:e1:79:57:75:04:5b:
d2:83:d9:8f:84:66:f4:b7:82:99:a7:e8:ab:c7:97:2a:5e:50:
2e:a1:32:57:d7:9d:bf:66:bf:f8:d0:a7:41:4a:38:76:5a:b4:
8a:bf:2b:63:80:f6:52:1e:9c:65:26:9c:ed:87:38:d2:38:26:
44:78:ab:9f:d2:b8:18:30:ed:bb:02:04:2f:a5:26:12:3d:b6:
91:e9:fa:27
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAjJFMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFh
NWI0NzFkMGJhMDg5ZDllOWY0NmMyOTEzMTk2NzRmYWM4MTI4ZDAwHhcNMjIwNjE2
MjEyMzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NjIwNjRlMzk2MWZj
Zjc4NzdmMjE5NzIxMDNhZDZiZWVjYTE2YmU4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuGdIHE7Jl31/DNz9jSE36YLyY9fa8DhchC4i6Qewy7SsqFHd
9LkvZ/BACVVuScKf8cJ0I5Vt8sSioaWzrSNndeLoaKiBT5rwaLiCoeN7DSWOqid6
5XubID87LJUtuO9v4kanojB1hqLjXCPG+W/JzNB80R5NT/+8Hbg5JMXq04NndhMI
QpgdI5OPxvw4VdwRZm91lD8FTY79pJ9FoZVk4vR64cSQI9VhcWnupiRaZXzRdaN7
FEwe/RrWnDIa9fUP+VtPPUkGf50/7r42GiAvaw4FvZBWfMFJ8iQJrOzsVpCZaMqb
4bi726xbNPVvo3CMEQJHqufZpUrHiaETGx4zEQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJYgZOOWH894d/IZchA61r7soWvoMB8GA1UdIwQYMBaAFKpbRx0LoInZ6fRs
KRMZZ0+sgSjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cWx0SEhRdWdpZG5wOUd3cEV4bG5UNnlCS05BLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zNS80YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgyLzEv
bGlCazQ1WWZ6M2gzOGhseUVEcld2dXloYS1nLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS80
YmUwMjctODhlOS00N2UzLWJiODgtNmYyZTI1MjliZTgyLzEvcWx0SEhRdWdpZG5w
OUd3cEV4bG5UNnlCS05BLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxoIMA0GCSqGSIb3DQEBCwUAA4IB
AQA352+sWx3I3uEvV5FFfbb5auwzSvE3GIY5fgT9j7dKARKr5HCl0Ts0Hvsyht+S
QLJlYbafvOm/4UXdu1k5GSYegSh6RUHYQwnoInrADTNlsRFpV4GW52j6QXwrJCzR
jkhe8/HnxL8TkBxUw4QHFLV9oFSyrtLzXy29CzcNQLtAmU717JgoYP/oFC111VpA
ZeTCKF557voLfntc50pP/Q5jPSyHBIBMVXJu07vD/SzheVd1BFvSg9mPhGb0t4KZ
p+irx5cqXlAuoTJX152/Zr/40KdBSjh2WrSKvytjgPZSHpxlJpzthzjSOCZEeKuf
0rgYMO27AgQvpSYSPbaR6fon
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:28:04 2025 by rpki-client