Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/dhJvtxLe1W277w5NQyItOo91klI.roa
File: dhJvtxLe1W277w5NQyItOo91klI.roa (raw, json)
Hash identifier: iPXRhbgxSIGA6SiIQbB0+9lVklzK/f9umSyp3Ko+7tw=
Subject key identifier: 76:12:6F:B7:12:DE:D5:6D:BB:EF:0E:4D:43:22:2D:3A:8F:75:92:52
Certificate issuer: /CN=87e64170f9d82c51670b9a44f329b20613a8082d
Certificate serial: 0185711E643975011F81911719C170DE1959
Authority key identifier: 87:E6:41:70:F9:D8:2C:51:67:0B:9A:44:F3:29:B2:06:13:A8:08:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-ZBcPnYLFFnC5pE8ymyBhOoCC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/dhJvtxLe1W277w5NQyItOo91klI.roa
Signing time: Mon 02 Jan 2023 06:14:55 +0000
ROA not before: Mon 02 Jan 2023 06:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41887
IP address blocks: 195.72.120.0/23 maxlen: 24
2001:678:56c::/48 maxlen: 49
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:64:39:75:01:1f:81:91:17:19:c1:70:de:19:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87e64170f9d82c51670b9a44f329b20613a8082d
Validity
Not Before: Jan 2 06:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76126fb712ded56dbbef0e4d43222d3a8f759252
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c7:56:86:97:b5:d0:81:28:f3:af:72:e5:1f:
51:62:02:78:df:12:c9:b3:b3:63:ad:12:ac:ee:c8:
4a:06:1a:09:cb:93:ac:dc:d8:2f:4b:16:02:da:3d:
0e:dd:2e:0a:df:1a:db:9a:18:87:33:92:70:02:c8:
b2:0e:35:1f:35:4a:4a:36:8b:55:fc:60:ba:dd:88:
1d:d1:20:9f:7d:31:3c:03:92:16:23:e8:e0:d5:ce:
66:e3:ea:36:c8:c8:8e:2b:9f:76:9c:53:e4:a2:6a:
df:c8:ec:c4:9d:ac:dc:f6:16:e7:c9:63:5f:b8:a1:
e1:7e:1b:d0:33:83:bb:0d:11:8f:19:fc:42:4b:20:
a4:90:33:2a:de:cb:c8:62:74:19:13:e7:65:5b:84:
83:f3:d1:a8:40:db:7b:c0:fe:27:31:ae:ac:96:a6:
21:fe:2f:9a:46:93:b0:dc:64:58:13:64:46:3c:a1:
20:44:35:3c:13:e1:74:ab:fe:ef:c4:cd:77:11:76:
e1:4e:b2:e1:bd:27:5e:65:33:50:89:05:ea:f2:46:
77:2f:99:e8:68:71:ab:da:14:1e:e4:0e:d3:9b:43:
bf:de:5d:e7:f9:90:38:cb:3b:f9:17:b4:3b:5b:9e:
0b:c8:fb:10:bf:29:29:5b:fd:48:9c:14:6f:73:a5:
d8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:12:6F:B7:12:DE:D5:6D:BB:EF:0E:4D:43:22:2D:3A:8F:75:92:52
X509v3 Authority Key Identifier:
keyid:87:E6:41:70:F9:D8:2C:51:67:0B:9A:44:F3:29:B2:06:13:A8:08:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-ZBcPnYLFFnC5pE8ymyBhOoCC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/dhJvtxLe1W277w5NQyItOo91klI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/beb29d-f0ee-407a-9702-6e13ccbf4906/1/h-ZBcPnYLFFnC5pE8ymyBhOoCC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.72.120.0/23
IPv6:
2001:678:56c::/48
Signature Algorithm: sha256WithRSAEncryption
07:16:ba:42:60:70:79:1f:2c:da:2d:0f:08:6d:2a:e6:d8:de:
5e:04:4e:ba:39:65:1d:64:01:1a:e6:83:ce:36:ae:32:77:c9:
2d:24:b3:d4:75:a6:83:d8:8a:53:10:fa:35:30:47:91:63:02:
42:be:6e:ca:60:ba:f0:c9:ea:72:5a:44:bf:88:f0:48:11:ca:
ad:0b:34:97:41:58:c6:b8:33:5d:ca:bc:02:69:b8:81:b3:1e:
59:8a:f9:52:7f:fa:80:65:54:04:06:9f:0b:01:5c:ed:8a:46:
41:9b:99:a9:fd:60:48:91:3b:99:2f:25:44:1e:b4:bc:34:6f:
ba:22:31:09:0d:fe:c1:2a:bf:12:2a:c1:d5:49:e7:7d:c4:9f:
30:14:d1:68:8e:84:11:5c:e3:7c:7f:b5:47:a6:d2:bd:0a:b7:
5a:e1:02:65:1b:39:39:90:bf:a0:7f:ba:87:a4:ff:8d:31:9a:
e7:3d:c9:f5:63:ff:c1:9b:04:e0:d8:78:cc:58:60:45:94:e2:
a5:c1:16:e8:64:71:07:8c:58:85:99:ce:5c:be:f7:57:b6:6c:
b0:66:75:86:f7:06:ba:87:12:a4:46:fd:7d:5f:87:0f:b5:f7:
1a:2e:c8:df:0d:88:ae:40:f3:26:21:14:b1:e3:18:df:5a:87:
05:3b:81:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxHmQ5dQEfgZEXGcFw3hlZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZTY0MTcwZjlkODJjNTE2NzBiOWE0NGYzMjliMjA2MTNh
ODA4MmQwHhcNMjMwMTAyMDYxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjEyNmZiNzEyZGVkNTZkYmJlZjBlNGQ0MzIyMmQzYThmNzU5MjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMdWhpe10IEo869y5R9RYgJ43xLJ
s7NjrRKs7shKBhoJy5Os3NgvSxYC2j0O3S4K3xrbmhiHM5JwAsiyDjUfNUpKNotV
/GC63Ygd0SCffTE8A5IWI+jg1c5m4+o2yMiOK592nFPkomrfyOzEnazc9hbnyWNf
uKHhfhvQM4O7DRGPGfxCSyCkkDMq3svIYnQZE+dlW4SD89GoQNt7wP4nMa6slqYh
/i+aRpOw3GRYE2RGPKEgRDU8E+F0q/7vxM13EXbhTrLhvSdeZTNQiQXq8kZ3L5no
aHGr2hQe5A7Tm0O/3l3n+ZA4yzv5F7Q7W54LyPsQvykpW/1InBRvc6XYqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHYSb7cS3tVtu+8OTUMiLTqPdZJSMB8GA1UdIwQY
MBaAFIfmQXD52CxRZwuaRPMpsgYTqAgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC1aQmNQbllMRkZuQzVwRTh5bXlCaE9vQ0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9iZWIyOWQtZjBlZS00MDdhLTk3MDIt
NmUxM2NjYmY0OTA2LzEvZGhKdnR4TGUxVzI3N3c1TlF5SXRPbzkxa2xJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9iZWIyOWQtZjBlZS00MDdhLTk3MDItNmUxM2NjYmY0OTA2
LzEvaC1aQmNQbllMRkZuQzVwRTh5bXlCaE9vQ0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw0h4MA8E
AgACMAkDBwAgAQZ4BWwwDQYJKoZIhvcNAQELBQADggEBAAcWukJgcHkfLNotDwht
KubY3l4ETro5ZR1kARrmg842rjJ3yS0ks9R1poPYilMQ+jUwR5FjAkK+bspguvDJ
6nJaRL+I8EgRyq0LNJdBWMa4M13KvAJpuIGzHlmK+VJ/+oBlVAQGnwsBXO2KRkGb
man9YEiRO5kvJUQetLw0b7oiMQkN/sEqvxIqwdVJ533EnzAU0WiOhBFc43x/tUem
0r0Kt1rhAmUbOTmQv6B/uoek/40xmuc9yfVj/8GbBODYeMxYYEWU4qXBFuhkcQeM
WIWZzly+91e2bLBmdYb3BrqHEqRG/X1fhw+19xouyN8NiK5A8yYhFLHjGN9ahwU7
gYk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:25 2025 by rpki-client