Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/oXSwILfEfh7DFV3OjLgJ3HgxM4I.roa
File: oXSwILfEfh7DFV3OjLgJ3HgxM4I.roa (raw, json)
Hash identifier: 52SvnM+z4E544AgwcjSkKSUkdgQuGIUr8imxphsCCvs=
Subject key identifier: A1:74:B0:20:B7:C4:7E:1E:C3:15:5D:CE:8C:B8:09:DC:78:31:33:82
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 0AB40775
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/oXSwILfEfh7DFV3OjLgJ3HgxM4I.roa
Signing time: Sat 01 Jan 2022 12:00:27 +0000
ROA not before: Sat 01 Jan 2022 12:00:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200006
IP address blocks: 195.214.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179570549 (0xab40775)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 12:00:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a174b020b7c47e1ec3155dce8cb809dc78313382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ba:cd:2c:89:98:b8:ee:39:70:ef:f1:4c:9f:
da:18:17:d5:33:04:50:25:3b:72:52:03:9d:54:3d:
18:c3:99:fb:8c:a1:49:50:b6:c1:e8:4d:e3:f5:f1:
2b:ec:97:46:8b:a1:17:4a:f7:2e:a0:77:2f:58:ed:
de:04:c6:1c:51:ee:b0:db:68:21:a1:ad:c1:55:c6:
c1:ee:6d:ba:75:f0:e4:50:eb:d1:6b:c8:19:e8:24:
1d:45:1d:5f:3c:41:f2:e3:33:05:d6:2d:6b:80:eb:
c4:ee:c5:9d:ba:1a:cc:9a:6b:cf:ee:2e:5a:e2:d8:
c9:a6:3b:39:0d:ba:e6:5e:ae:c1:ef:05:ef:4c:89:
7d:40:c8:ca:14:77:a0:38:dd:03:65:40:91:d2:2e:
e9:f5:70:1a:a4:59:10:11:6b:cd:88:3f:07:55:a7:
4d:11:9e:08:9f:dc:b5:a1:8e:52:f0:ab:c9:dd:f9:
7d:f1:fd:c8:52:f0:23:01:be:1c:c4:9d:fe:63:ea:
7f:3c:28:f6:88:78:6d:41:22:18:16:e3:1c:3d:9c:
72:6b:37:43:c6:00:88:dd:ff:60:f7:a9:0e:93:d8:
e9:c6:e7:70:23:dc:cd:76:b1:15:cb:19:82:a5:89:
22:df:ae:38:26:41:00:17:ac:56:f8:06:1d:57:c9:
f0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:74:B0:20:B7:C4:7E:1E:C3:15:5D:CE:8C:B8:09:DC:78:31:33:82
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/oXSwILfEfh7DFV3OjLgJ3HgxM4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.214.152.0/24
Signature Algorithm: sha256WithRSAEncryption
82:ec:e2:0b:b0:87:60:6a:80:9b:48:30:2b:9f:2c:46:e2:b1:
ef:b3:36:d5:f9:b9:65:96:4b:f6:7d:6a:cb:ba:82:20:96:cd:
55:3a:86:89:71:9e:9a:6a:fa:12:96:b6:84:43:1c:ad:05:05:
97:fb:2d:3b:29:9a:25:73:93:5b:68:dd:cb:70:f3:e7:82:72:
ad:36:39:1f:f8:f4:86:31:0d:8a:4e:f3:d4:eb:02:38:b9:4b:
1d:2a:d1:2e:42:b9:08:ac:49:15:68:74:11:ae:a8:0d:1d:57:
c7:ed:d4:65:b2:95:9f:dc:5e:50:f5:0b:3d:66:ed:b4:9b:7a:
03:05:c9:35:b7:f1:64:f8:9d:51:b4:87:56:ba:9c:1f:53:2d:
54:b8:d1:ba:b7:db:04:00:f8:9c:27:17:23:d8:fe:82:cb:8a:
a8:13:13:9c:bd:1d:57:6c:e8:ab:2a:e3:8d:f3:5f:88:f4:ff:
91:79:10:21:5b:f7:43:76:2b:d8:60:79:2d:69:3c:02:62:c0:
ce:2c:79:0b:aa:6e:26:bb:99:7c:1c:03:3f:b3:e7:7e:3c:f9:
0c:ee:09:8a:4a:91:c7:d7:7d:de:d7:68:d8:af:11:eb:f2:ac:
f4:b6:25:9d:aa:ba:d3:27:08:c7:c7:d8:4f:53:12:cc:94:b9:
f3:74:04:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECrQHdTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTlkMzBlNjAzNWJlOGI4Mzg2MDYxZjI3MTQ4MWM3MDdlMDRjZTJiMB4XDTIyMDEw
MTEyMDAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE3NGIwMjBiN2M0
N2UxZWMzMTU1ZGNlOGNiODA5ZGM3ODMxMzM4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJa6zSyJmLjuOXDv8Uyf2hgX1TMEUCU7clIDnVQ9GMOZ+4yh
SVC2wehN4/XxK+yXRouhF0r3LqB3L1jt3gTGHFHusNtoIaGtwVXGwe5tunXw5FDr
0WvIGegkHUUdXzxB8uMzBdYta4DrxO7FnboazJprz+4uWuLYyaY7OQ265l6uwe8F
70yJfUDIyhR3oDjdA2VAkdIu6fVwGqRZEBFrzYg/B1WnTRGeCJ/ctaGOUvCryd35
ffH9yFLwIwG+HMSd/mPqfzwo9oh4bUEiGBbjHD2ccms3Q8YAiN3/YPepDpPY6cbn
cCPczXaxFcsZgqWJIt+uOCZBABesVvgGHVfJ8OMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBShdLAgt8R+HsMVXc6MuAnceDEzgjAfBgNVHSMEGDAWgBS6nTDmA1vouDhg
YfJxSBxwfgTOKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VwMHc1Z05iNkxnNFlHSHljVWdjY0g0RXppcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8x
L29YU3dJTGZFZmg3REZWM09qTGdKM0hneE00SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YWM5YzMyLTdkYmMtNGQ2Yy1iYzA4LTVkNTg0ZmJjNWQyNy8xL3VwMHc1Z05iNkxn
NFlHSHljVWdjY0g0RXppcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPWmDANBgkqhkiG9w0BAQsFAAOC
AQEAguziC7CHYGqAm0gwK58sRuKx77M21fm5ZZZL9n1qy7qCIJbNVTqGiXGemmr6
Epa2hEMcrQUFl/stOymaJXOTW2jdy3Dz54JyrTY5H/j0hjENik7z1OsCOLlLHSrR
LkK5CKxJFWh0Ea6oDR1Xx+3UZbKVn9xeUPULPWbttJt6AwXJNbfxZPidUbSHVrqc
H1MtVLjRurfbBAD4nCcXI9j+gsuKqBMTnL0dV2zoqyrjjfNfiPT/kXkQIVv3Q3Yr
2GB5LWk8AmLAzix5C6puJruZfBwDP7Pnfjz5DO4JikqRx9d93tdo2K8R6/Ks9LYl
naq60ycIx8fYT1MSzJS583QEgg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:38:31 2025 by rpki-client