Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/dyo2YAwY1KzI4hDwzSG8qI0ina4.roa
File: dyo2YAwY1KzI4hDwzSG8qI0ina4.roa (raw, json)
Hash identifier: IRNnxX7xByF6I5LzcLUCDszviDibpP6eZ8dkdCVxtko=
Subject key identifier: 77:2A:36:60:0C:18:D4:AC:C8:E2:10:F0:CD:21:BC:A8:8D:22:9D:AE
Certificate issuer: /CN=88a5ab669fabe72dec2e8378476a7e915c24edcf
Certificate serial: 03E248
Authority key identifier: 88:A5:AB:66:9F:AB:E7:2D:EC:2E:83:78:47:6A:7E:91:5C:24:ED:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKWrZp-r5y3sLoN4R2p-kVwk7c8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/dyo2YAwY1KzI4hDwzSG8qI0ina4.roa
Signing time: Wed 08 Jun 2022 12:35:03 +0000
ROA not before: Wed 08 Jun 2022 12:35:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25536
IP address blocks: 195.245.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254536 (0x3e248)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a5ab669fabe72dec2e8378476a7e915c24edcf
Validity
Not Before: Jun 8 12:35:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=772a36600c18d4acc8e210f0cd21bca88d229dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fb:18:6a:f1:83:2e:98:6c:81:8b:e0:82:f7:
4d:91:fe:e5:0e:fd:24:4a:17:84:84:d6:c8:a6:57:
89:4e:d2:fb:ce:f6:d4:ef:42:3a:30:2a:2f:55:cd:
6f:46:8d:08:ca:16:be:58:b3:1d:e9:c9:9b:a5:92:
86:13:f4:90:3a:2d:37:b0:e3:25:70:d9:db:52:c6:
17:c0:4a:e9:58:4b:50:90:fa:bc:b6:8e:be:70:d1:
53:df:31:65:18:18:8c:be:89:e4:47:e2:14:93:e8:
9f:d7:78:5e:5c:3b:23:3d:84:49:5b:d2:29:8b:44:
fe:fb:d2:5a:2f:33:e0:30:ca:ea:bb:da:80:9a:8d:
3f:ab:1e:b0:23:d6:00:70:4a:7a:a3:e1:fa:b3:d4:
dd:48:ea:5d:94:85:47:f2:6d:5e:78:a7:b5:b6:28:
8c:60:97:7c:41:09:1b:1b:c5:cb:2f:d5:45:f1:6f:
e2:0e:74:24:81:0c:cc:d9:d3:50:0f:46:01:fc:3c:
c7:0a:f1:14:0a:0e:2f:c6:28:c9:e2:2b:6b:1b:c3:
12:d1:6d:28:c2:dc:42:1a:32:16:a6:88:24:c0:67:
b2:a3:df:a6:25:59:eb:3d:6c:e5:07:f5:4d:b8:b2:
a2:15:c2:f7:7f:fa:46:cf:8a:0d:f4:4f:40:66:3e:
f0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:2A:36:60:0C:18:D4:AC:C8:E2:10:F0:CD:21:BC:A8:8D:22:9D:AE
X509v3 Authority Key Identifier:
keyid:88:A5:AB:66:9F:AB:E7:2D:EC:2E:83:78:47:6A:7E:91:5C:24:ED:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKWrZp-r5y3sLoN4R2p-kVwk7c8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/dyo2YAwY1KzI4hDwzSG8qI0ina4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/68cd10-e5cc-4f47-84a9-15a0207d4609/1/iKWrZp-r5y3sLoN4R2p-kVwk7c8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.245.220.0/24
Signature Algorithm: sha256WithRSAEncryption
30:d7:c6:f3:a1:9b:a8:46:50:f2:c7:e0:67:8f:75:d5:23:9d:
0b:e6:1e:c1:19:32:39:95:2e:b1:f5:73:73:d7:de:fd:e5:45:
ef:5a:29:25:40:03:0d:81:3b:f8:52:26:b2:f4:b4:ef:d8:b4:
e3:77:f8:8f:4e:eb:95:b6:7f:86:6b:f6:61:fc:3d:b0:ce:29:
53:85:f0:f1:88:99:5a:d4:e1:0f:54:42:c6:72:98:ca:91:e4:
d2:cd:03:11:ac:7d:82:f5:b9:00:3c:3a:6f:59:89:aa:ef:8a:
df:d9:6f:4a:a1:ae:05:46:02:22:26:4e:9b:94:f7:59:cc:24:
4c:c6:4b:58:58:ff:d0:77:e0:4f:7e:6e:14:77:8a:68:d9:46:
7c:ba:64:60:73:63:67:53:12:f2:cc:bf:41:ac:37:93:78:2a:
59:be:46:4c:64:d7:96:c7:61:de:5a:93:b5:70:08:68:02:16:
e4:2d:91:d8:13:d8:cb:75:6e:88:70:15:a1:89:81:c9:a4:89:
3b:f6:21:38:63:42:57:9c:a6:cc:89:67:c4:6d:1c:3b:b4:6a:
f6:0e:d4:d1:4b:d3:32:fb:32:8a:c5:b4:41:13:97:04:33:90:
50:8b:1c:31:45:f9:22:ed:38:e0:e4:e5:67:ef:cc:d2:b2:b2:
f9:18:dc:3b
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDA+JIMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg4
YTVhYjY2OWZhYmU3MmRlYzJlODM3ODQ3NmE3ZTkxNWMyNGVkY2YwHhcNMjIwNjA4
MTIzNTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3NzJhMzY2MDBjMThk
NGFjYzhlMjEwZjBjZDIxYmNhODhkMjI5ZGFlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtfsYavGDLphsgYvggvdNkf7lDv0kSheEhNbIpleJTtL7zvbU
70I6MCovVc1vRo0Iyha+WLMd6cmbpZKGE/SQOi03sOMlcNnbUsYXwErpWEtQkPq8
to6+cNFT3zFlGBiMvonkR+IUk+if13heXDsjPYRJW9Ipi0T++9JaLzPgMMrqu9qA
mo0/qx6wI9YAcEp6o+H6s9TdSOpdlIVH8m1eeKe1tiiMYJd8QQkbG8XLL9VF8W/i
DnQkgQzM2dNQD0YB/DzHCvEUCg4vxijJ4itrG8MS0W0owtxCGjIWpogkwGeyo9+m
JVnrPWzlB/VNuLKiFcL3f/pGz4oN9E9AZj7w8QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFHcqNmAMGNSsyOIQ8M0hvKiNIp2uMB8GA1UdIwQYMBaAFIilq2afq+ct7C6D
eEdqfpFcJO3PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
aUtXclpwLXI1eTNzTG9ONFIycC1rVndrN2M4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zYy82OGNkMTAtZTVjYy00ZjQ3LTg0YTktMTVhMDIwN2Q0NjA5LzEv
ZHlvMllBd1kxS3pJNGhEd3pTRzhxSTBpbmE0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy82
OGNkMTAtZTVjYy00ZjQ3LTg0YTktMTVhMDIwN2Q0NjA5LzEvaUtXclpwLXI1eTNz
TG9ONFIycC1rVndrN2M4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/XcMA0GCSqGSIb3DQEBCwUAA4IB
AQAw18bzoZuoRlDyx+Bnj3XVI50L5h7BGTI5lS6x9XNz19795UXvWiklQAMNgTv4
Uiay9LTv2LTjd/iPTuuVtn+Ga/Zh/D2wzilThfDxiJla1OEPVELGcpjKkeTSzQMR
rH2C9bkAPDpvWYmq74rf2W9Koa4FRgIiJk6blPdZzCRMxktYWP/Qd+BPfm4Ud4po
2UZ8umRgc2NnUxLyzL9BrDeTeCpZvkZMZNeWx2HeWpO1cAhoAhbkLZHYE9jLdW6I
cBWhiYHJpIk79iE4Y0JXnKbMiWfEbRw7tGr2DtTRS9My+zKKxbRBE5cEM5BQixwx
Rfki7Tjg5OVn78zSsrL5GNw7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:03 2025 by rpki-client