Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d201e6-906e-47d8-8923-6efab9b176d9/1/Cz6kltnoTNHEGMuXTU_4oFT1kJU.roa
File: Cz6kltnoTNHEGMuXTU_4oFT1kJU.roa (raw, json)
Hash identifier: JfcURsaHa6mZ0Scz20Lg1IG7Nji4bJ3lcwATlDalcgA=
Subject key identifier: 0B:3E:A4:96:D9:E8:4C:D1:C4:18:CB:97:4D:4F:F8:A0:54:F5:90:95
Certificate issuer: /CN=ecccc2b909c7c815caccb5fce531c32526fadd5a
Certificate serial: 01856E26726C514AE5F3DEC6C3C09D803069
Authority key identifier: EC:CC:C2:B9:09:C7:C8:15:CA:CC:B5:FC:E5:31:C3:25:26:FA:DD:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7MzCuQnHyBXKzLX85THDJSb63Vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/d201e6-906e-47d8-8923-6efab9b176d9/1/Cz6kltnoTNHEGMuXTU_4oFT1kJU.roa
Signing time: Sun 01 Jan 2023 16:24:51 +0000
ROA not before: Sun 01 Jan 2023 16:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29044
IP address blocks: 195.68.196.0/24 maxlen: 24
195.68.196.0/23 maxlen: 23
195.68.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:72:6c:51:4a:e5:f3:de:c6:c3:c0:9d:80:30:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecccc2b909c7c815caccb5fce531c32526fadd5a
Validity
Not Before: Jan 1 16:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b3ea496d9e84cd1c418cb974d4ff8a054f59095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:9d:1e:a9:73:a9:3a:79:4d:e6:07:25:1e:
a1:de:96:8e:65:e0:f1:76:bc:ae:36:37:64:b6:98:
c2:a8:6b:88:1e:f4:aa:42:94:dc:c9:69:dd:c9:56:
3a:16:85:ab:a0:44:fa:42:1d:cd:66:2c:93:aa:eb:
68:9a:3c:50:f9:8e:dd:d6:68:d2:0d:6e:d3:02:0d:
f1:06:e4:57:fa:b2:e8:58:5b:bf:ef:00:90:69:4f:
36:62:30:ae:af:5f:97:d8:76:17:67:fb:8d:7f:97:
d8:cd:e7:8f:85:25:ed:eb:d4:07:a7:d7:d4:f8:d7:
3f:1e:2f:1d:ca:12:99:6a:ce:31:fb:1a:09:70:94:
73:74:cb:7c:b4:05:8a:2b:4c:39:21:35:11:20:4d:
b2:17:5a:b8:68:36:d9:82:f9:42:18:85:a9:ee:30:
20:60:b3:f8:bf:c3:6d:3c:a8:ff:85:37:62:41:c1:
06:ea:53:44:69:b7:62:65:14:b5:80:45:2b:0d:8c:
2a:bb:d6:c7:e5:d0:42:44:a5:d6:d7:c3:9f:7a:55:
dd:aa:52:a3:3a:1f:9b:b1:d2:50:41:87:30:4a:aa:
3e:17:c6:c1:35:4b:08:ba:55:99:56:c4:c9:ef:96:
ab:f6:29:9a:c2:98:17:6d:5d:3d:12:de:59:c6:15:
ea:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3E:A4:96:D9:E8:4C:D1:C4:18:CB:97:4D:4F:F8:A0:54:F5:90:95
X509v3 Authority Key Identifier:
keyid:EC:CC:C2:B9:09:C7:C8:15:CA:CC:B5:FC:E5:31:C3:25:26:FA:DD:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7MzCuQnHyBXKzLX85THDJSb63Vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d201e6-906e-47d8-8923-6efab9b176d9/1/Cz6kltnoTNHEGMuXTU_4oFT1kJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d201e6-906e-47d8-8923-6efab9b176d9/1/7MzCuQnHyBXKzLX85THDJSb63Vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.68.196.0/23
Signature Algorithm: sha256WithRSAEncryption
40:8c:81:a8:ac:67:b8:e5:ec:c4:cc:e5:e9:14:cc:1f:ca:b3:
57:b8:01:00:01:31:ae:18:c4:f3:90:aa:b8:e6:26:90:86:aa:
27:99:cf:c3:86:a5:e3:4e:1e:c5:66:ad:ae:e2:6e:e0:e1:02:
db:70:80:67:a5:15:f9:45:b5:ce:82:6c:70:27:fa:e9:f2:e3:
c4:f9:11:1b:6e:01:97:1f:a6:d2:01:3e:5e:7f:a8:e5:85:99:
2a:ec:4c:4b:79:aa:5d:7e:f9:5c:03:98:a6:a0:49:af:e8:36:
fc:39:d5:46:1a:da:85:a2:db:d6:53:63:96:a9:88:30:52:7a:
ae:ac:09:71:64:02:71:b1:d1:87:12:20:38:86:df:cf:36:c1:
28:8b:52:8a:da:fe:b4:38:5c:3b:a2:5f:77:b2:42:1d:ed:64:
0d:07:5d:7c:2b:35:92:7a:ff:4f:fa:eb:75:4f:ac:35:17:ec:
31:66:d9:8b:b1:66:0e:5d:c2:e7:1d:39:71:74:5c:30:13:b7:
8a:a4:39:8e:ac:3c:2a:5a:17:03:38:96:89:b6:dc:03:47:05:
92:f9:41:8f:ef:86:2b:53:e1:26:af:e8:e2:7e:79:f7:64:86:
52:76:de:b7:0e:a5:37:77:10:1c:7a:90:68:00:aa:4b:23:d9:
90:f8:98:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuJnJsUUrl897Gw8CdgDBpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjY2NjMmI5MDljN2M4MTVjYWNjYjVmY2U1MzFjMzI1MjZm
YWRkNWEwHhcNMjMwMTAxMTYyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNlYTQ5NmQ5ZTg0Y2QxYzQxOGNiOTc0ZDRmZjhhMDU0ZjU5MDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHydHqlzqTp5TeYHJR6h3paOZeDx
dryuNjdktpjCqGuIHvSqQpTcyWndyVY6FoWroET6Qh3NZiyTqutomjxQ+Y7d1mjS
DW7TAg3xBuRX+rLoWFu/7wCQaU82YjCur1+X2HYXZ/uNf5fYzeePhSXt69QHp9fU
+Nc/Hi8dyhKZas4x+xoJcJRzdMt8tAWKK0w5ITURIE2yF1q4aDbZgvlCGIWp7jAg
YLP4v8NtPKj/hTdiQcEG6lNEabdiZRS1gEUrDYwqu9bH5dBCRKXW18OfelXdqlKj
Oh+bsdJQQYcwSqo+F8bBNUsIulWZVsTJ75ar9imawpgXbV09Et5ZxhXqiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAs+pJbZ6EzRxBjLl01P+KBU9ZCVMB8GA1UdIwQY
MBaAFOzMwrkJx8gVysy1/OUxwyUm+t1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN016Q3VRbkh5QlhLekxYODVUSERKU2I2M1ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjAxZTYtOTA2ZS00N2Q4LTg5MjMt
NmVmYWI5YjE3NmQ5LzEvQ3o2a2x0bm9UTkhFR011WFRVXzRvRlQxa0pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjAxZTYtOTA2ZS00N2Q4LTg5MjMtNmVmYWI5YjE3NmQ5
LzEvN016Q3VRbkh5QlhLekxYODVUSERKU2I2M1ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw0TEMA0G
CSqGSIb3DQEBCwUAA4IBAQBAjIGorGe45ezEzOXpFMwfyrNXuAEAATGuGMTzkKq4
5iaQhqonmc/DhqXjTh7FZq2u4m7g4QLbcIBnpRX5RbXOgmxwJ/rp8uPE+REbbgGX
H6bSAT5ef6jlhZkq7ExLeapdfvlcA5imoEmv6Db8OdVGGtqFotvWU2OWqYgwUnqu
rAlxZAJxsdGHEiA4ht/PNsEoi1KK2v60OFw7ol93skId7WQNB118KzWSev9P+ut1
T6w1F+wxZtmLsWYOXcLnHTlxdFwwE7eKpDmOrDwqWhcDOJaJttwDRwWS+UGP74Yr
U+Emr+jifnn3ZIZSdt63DqU3dxAcepBoAKpLI9mQ+Jgw
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:57 2025 by rpki-client