Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/DxMIhY8QYnty7p992CPQ4WLq30g.roa
File: DxMIhY8QYnty7p992CPQ4WLq30g.roa (raw, json)
Hash identifier: DOYag4ZcaLCMdszh2O2gOfVx4OBJtKsNQ2MGUno+jQQ=
Subject key identifier: 0F:13:08:85:8F:10:62:7B:72:EE:9F:7D:D8:23:D0:E1:62:EA:DF:48
Certificate issuer: /CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Certificate serial: 03E1CF33
Authority key identifier: 20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/DxMIhY8QYnty7p992CPQ4WLq30g.roa
Signing time: Sat 01 Jan 2022 00:56:24 +0000
ROA not before: Sat 01 Jan 2022 00:56:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50114
IP address blocks: 195.245.71.0/24 maxlen: 24
195.245.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65130291 (0x3e1cf33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20cd574284a6018e5b03635e9a5d658fdf5734f0
Validity
Not Before: Jan 1 00:56:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f1308858f10627b72ee9f7dd823d0e162eadf48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c9:e6:df:07:8c:26:ca:9d:51:85:81:14:31:
2e:99:23:d1:9e:88:81:07:84:f8:79:ee:30:7b:03:
11:b5:ca:cc:43:68:ed:9e:9e:29:64:7c:ec:eb:09:
7c:99:ec:d0:16:a5:29:53:db:1e:37:9d:94:69:db:
e4:b4:c5:e9:79:87:b4:83:de:a8:31:68:d0:a4:db:
e8:b6:17:72:a3:a2:31:d8:e1:18:3b:d3:b4:78:ad:
0a:ec:74:53:fd:1d:8e:10:e8:ef:79:d0:e5:83:e4:
8e:ec:1f:cd:b6:c5:91:93:db:f5:13:29:3f:60:66:
e8:1a:2a:1a:98:3a:ea:5c:51:19:bb:6e:2c:67:4a:
08:7d:29:0d:9d:24:03:24:f8:3c:1b:e7:ac:9d:7b:
90:b5:ba:3a:d8:a2:62:bf:93:4d:71:f8:b5:12:c4:
de:53:cb:11:c7:e3:37:1f:65:7c:95:40:91:db:c6:
70:c4:01:e8:c0:68:61:8d:c2:3c:4a:50:88:b5:4e:
21:7f:a5:5a:a7:7e:7f:10:2a:10:88:e9:91:59:fa:
4f:79:94:18:f1:fe:f1:b7:ba:d3:65:80:6d:c6:ed:
ad:a8:0f:d9:bf:8d:d1:eb:d2:b7:f9:5d:70:67:d5:
15:e2:8c:1f:0a:9d:28:14:19:0b:ee:e6:6d:86:7f:
be:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:13:08:85:8F:10:62:7B:72:EE:9F:7D:D8:23:D0:E1:62:EA:DF:48
X509v3 Authority Key Identifier:
keyid:20:CD:57:42:84:A6:01:8E:5B:03:63:5E:9A:5D:65:8F:DF:57:34:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IM1XQoSmAY5bA2Neml1lj99XNPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/DxMIhY8QYnty7p992CPQ4WLq30g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/c216ca-aa9d-4d21-841e-49b5687fee6d/1/IM1XQoSmAY5bA2Neml1lj99XNPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.70.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:05:85:6e:cf:1d:e0:f5:34:0e:8c:d5:17:8f:ac:d6:bc:1c:
46:4a:9f:eb:a2:4b:f6:0b:9f:24:f4:1e:e4:16:ac:6d:cb:91:
9f:e8:39:2a:7c:f3:38:f4:a6:47:63:6f:a5:05:ff:79:f5:c2:
87:35:c2:92:9f:ed:cb:8b:c2:6f:74:0d:3d:54:02:26:80:8c:
a5:41:c9:c2:f0:6d:07:a8:0f:99:4f:c3:bf:66:8b:e0:3e:47:
5d:b2:18:b6:e1:14:18:d3:da:03:a9:f4:d9:18:95:88:3f:e7:
b1:ba:28:ff:3f:99:a4:30:d9:34:d0:75:d9:a4:fa:83:fb:a9:
3a:23:89:55:57:b3:74:dc:7b:12:f6:b6:54:5f:b5:66:65:d9:
d1:ec:17:d4:3d:69:30:23:21:ae:3a:cd:d6:7d:87:1f:e3:2f:
57:02:6c:be:0c:6e:cc:30:45:d5:70:4a:49:74:88:11:6f:34:
c9:6e:e7:ef:57:b7:da:c3:56:24:86:fc:71:df:59:07:21:e5:
7c:64:4f:bc:c9:f7:68:25:aa:73:9f:6e:d9:9f:bd:44:91:0e:
e5:ca:a2:e6:3b:69:9e:07:40:5c:3f:32:97:9a:c4:29:41:32:
d4:ed:22:1c:c1:f1:fd:ec:47:f1:62:aa:45:ca:6b:ce:c3:08:
d5:cb:eb:73
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+HPMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MGNkNTc0Mjg0YTYwMThlNWIwMzYzNWU5YTVkNjU4ZmRmNTczNGYwMB4XDTIyMDEw
MTAwNTYyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGYxMzA4ODU4ZjEw
NjI3YjcyZWU5ZjdkZDgyM2QwZTE2MmVhZGY0ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTJ5t8HjCbKnVGFgRQxLpkj0Z6IgQeE+HnuMHsDEbXKzENo
7Z6eKWR87OsJfJns0BalKVPbHjedlGnb5LTF6XmHtIPeqDFo0KTb6LYXcqOiMdjh
GDvTtHitCux0U/0djhDo73nQ5YPkjuwfzbbFkZPb9RMpP2Bm6BoqGpg66lxRGbtu
LGdKCH0pDZ0kAyT4PBvnrJ17kLW6OtiiYr+TTXH4tRLE3lPLEcfjNx9lfJVAkdvG
cMQB6MBoYY3CPEpQiLVOIX+lWqd+fxAqEIjpkVn6T3mUGPH+8be602WAbcbtragP
2b+N0evSt/ldcGfVFeKMHwqdKBQZC+7mbYZ/voUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQPEwiFjxBie3Lun33YI9DhYurfSDAfBgNVHSMEGDAWgBQgzVdChKYBjlsD
Y16aXWWP31c08DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lNMVhRb1NtQVk1YkEyTmVtbDFsajk5WE5QQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzcvYzIxNmNhLWFhOWQtNGQyMS04NDFlLTQ5YjU2ODdmZWU2ZC8x
L0R4TUloWThRWW50eTdwOTkyQ1BRNFdMcTMwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzcv
YzIxNmNhLWFhOWQtNGQyMS04NDFlLTQ5YjU2ODdmZWU2ZC8xL0lNMVhRb1NtQVk1
YkEyTmVtbDFsajk5WE5QQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcP1RjANBgkqhkiG9w0BAQsFAAOC
AQEAXAWFbs8d4PU0DozVF4+s1rwcRkqf66JL9gufJPQe5BasbcuRn+g5KnzzOPSm
R2NvpQX/efXChzXCkp/ty4vCb3QNPVQCJoCMpUHJwvBtB6gPmU/Dv2aL4D5HXbIY
tuEUGNPaA6n02RiViD/nsboo/z+ZpDDZNNB12aT6g/upOiOJVVezdNx7Eva2VF+1
ZmXZ0ewX1D1pMCMhrjrN1n2HH+MvVwJsvgxuzDBF1XBKSXSIEW80yW7n71e32sNW
JIb8cd9ZByHlfGRPvMn3aCWqc59u2Z+9RJEO5cqi5jtpngdAXD8yl5rEKUEy1O0i
HMHx/exH8WKqRcprzsMI1cvrcw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:14 2025 by rpki-client