Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/3ryPrhgOTTsFX7CSDC9KjQdS1Bs.roa
File: 3ryPrhgOTTsFX7CSDC9KjQdS1Bs.roa (raw, json)
Hash identifier: eoZIWSTwGm9HpqaCehf56GkXu7EK6FvYxhw2pkS4ijI=
Subject key identifier: DE:BC:8F:AE:18:0E:4D:3B:05:5F:B0:92:0C:2F:4A:8D:07:52:D4:1B
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 065615
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/3ryPrhgOTTsFX7CSDC9KjQdS1Bs.roa
Signing time: Tue 01 Feb 2022 10:44:50 +0000
ROA not before: Tue 01 Feb 2022 10:44:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50629
IP address blocks: 195.191.196.0/23 maxlen: 23
2a06:d1c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 415253 (0x65615)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Feb 1 10:44:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=debc8fae180e4d3b055fb0920c2f4a8d0752d41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c6:9d:bb:7a:11:ab:6d:01:de:a7:12:47:f9:
5a:b2:ed:24:14:16:ca:f4:b0:a9:d1:b9:40:b0:26:
e7:7f:97:77:ec:2c:49:16:cf:59:13:e1:5e:53:8d:
e1:64:50:94:95:f5:76:28:14:51:d8:37:36:f2:f8:
dd:75:36:dc:36:49:4d:e8:45:67:c0:ef:83:e5:40:
df:d1:dc:c2:df:eb:a9:c3:27:92:83:c2:0f:17:d8:
07:4c:9b:c7:ab:e2:36:2f:49:1f:fe:bc:9f:af:38:
0e:bd:75:57:b3:d1:3e:7c:0f:46:3e:e1:b5:68:77:
15:6f:a3:5f:72:c3:de:12:ec:95:d6:d4:00:d5:c2:
e2:d9:6f:9e:4b:58:cc:71:e3:40:a3:8f:fe:6c:a6:
43:8e:0e:21:ba:cc:a8:1f:5f:82:c6:02:95:e4:ee:
1a:e4:71:ca:9b:95:27:f8:ba:56:36:5b:bd:33:98:
6a:aa:49:a9:85:f2:a9:4a:47:cb:68:44:2b:16:2f:
90:2d:1a:65:4a:b5:e8:a3:70:6a:91:9d:7d:db:c6:
84:25:41:dc:97:16:86:7c:f1:99:28:38:21:37:17:
8d:2f:f9:c1:65:27:7c:f7:09:9c:24:8e:3e:7f:eb:
56:71:c7:f3:ed:3e:04:d8:b3:e4:10:ac:cc:be:1c:
75:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BC:8F:AE:18:0E:4D:3B:05:5F:B0:92:0C:2F:4A:8D:07:52:D4:1B
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/3ryPrhgOTTsFX7CSDC9KjQdS1Bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.196.0/23
IPv6:
2a06:d1c0::/32
Signature Algorithm: sha256WithRSAEncryption
99:08:8a:76:cb:3e:d1:d3:34:72:f5:bf:aa:38:26:8d:91:38:
2d:30:cf:a2:cc:3f:0d:1c:c7:af:4a:fd:8f:d3:5f:1c:b4:66:
80:b3:af:49:1d:68:48:7a:53:92:5a:13:9f:a3:24:a6:7a:1f:
f5:1e:c4:a4:9b:bf:47:50:ef:15:3c:37:4e:c4:ed:04:dd:fc:
53:38:e4:ed:c9:b5:3e:bf:bc:c3:36:3d:92:13:55:08:f4:d6:
94:80:f4:8c:1d:19:d4:80:d6:d9:a1:e4:0d:fa:c0:f6:3c:0d:
86:70:ea:cc:1e:58:d9:e2:d3:18:cd:81:07:89:9f:50:87:30:
98:e3:29:ff:08:52:78:47:d7:c0:7c:89:ea:04:f0:c0:f8:66:
94:c3:c0:65:6a:5c:30:60:8c:73:28:5a:47:83:ad:3e:05:50:
a8:6c:1f:2e:49:0b:92:07:c0:18:84:2c:2c:86:e7:e1:09:09:
f8:d5:16:e7:5f:69:11:45:3f:4c:ca:21:75:8b:c5:30:71:6b:
d5:9a:c6:40:2e:03:ab:cd:b5:71:6b:81:7d:c2:bf:86:76:2a:
d1:b6:d4:d1:47:42:76:97:9f:78:1d:60:a1:3e:d9:f9:3f:26:
3b:7e:6f:8c:75:00:42:f7:13:a0:7a:90:4b:e4:dd:39:a2:3c:
a8:81:02:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDBlYVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM2
NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWViZjQ3NWQwHhcNMjIwMjAx
MTA0NDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZWJjOGZhZTE4MGU0
ZDNiMDU1ZmIwOTIwYzJmNGE4ZDA3NTJkNDFiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlcadu3oRq20B3qcSR/lasu0kFBbK9LCp0blAsCbnf5d37CxJ
Fs9ZE+FeU43hZFCUlfV2KBRR2Dc28vjddTbcNklN6EVnwO+D5UDf0dzC3+upwyeS
g8IPF9gHTJvHq+I2L0kf/ryfrzgOvXVXs9E+fA9GPuG1aHcVb6NfcsPeEuyV1tQA
1cLi2W+eS1jMceNAo4/+bKZDjg4husyoH1+CxgKV5O4a5HHKm5Un+LpWNlu9M5hq
qkmphfKpSkfLaEQrFi+QLRplSrXoo3BqkZ1928aEJUHclxaGfPGZKDghNxeNL/nB
ZSd89wmcJI4+f+tWccfz7T4E2LPkEKzMvhx1zQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFN68j64YDk07BV+wkgwvSo0HUtQbMB8GA1UdIwQYMBaAFMZPoK2JhxSfBVNH
JLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5MzlkLzEv
M3J5UHJoZ09UVHNGWDdDU0RDOUtqUWRTMUJzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8y
NDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5MzlkLzEveGstZ3JZbUhGSjhG
VTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw7/EMA0EAgACMAcDBQAqBtHAMA0G
CSqGSIb3DQEBCwUAA4IBAQCZCIp2yz7R0zRy9b+qOCaNkTgtMM+izD8NHMevSv2P
018ctGaAs69JHWhIelOSWhOfoySmeh/1HsSkm79HUO8VPDdOxO0E3fxTOOTtybU+
v7zDNj2SE1UI9NaUgPSMHRnUgNbZoeQN+sD2PA2GcOrMHljZ4tMYzYEHiZ9QhzCY
4yn/CFJ4R9fAfInqBPDA+GaUw8BlalwwYIxzKFpHg60+BVCobB8uSQuSB8AYhCws
hufhCQn41RbnX2kRRT9MyiF1i8UwcWvVmsZALgOrzbVxa4F9wr+GdirRttTRR0J2
l594HWChPtn5PyY7fm+MdQBC9xOgepBL5N05ojyogQJV
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:05:15 2025 by rpki-client