Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/703f00-7f39-4d95-8c58-4bbb838a2779/1/CBHWCEakoRzs-oIkeelDTAHDVVw.roa
File: CBHWCEakoRzs-oIkeelDTAHDVVw.roa (raw, json)
Hash identifier: Ps4OazySiW67gD9UAX5y9FFVsB3rtbHgrNY+qoUBuxM=
Subject key identifier: 08:11:D6:08:46:A4:A1:1C:EC:FA:82:24:79:E9:43:4C:01:C3:55:5C
Certificate issuer: /CN=c31bb44ede2afe0bfa9d78ba29324955f7fc6091
Certificate serial: 01856F14D7FEB5203498C872F820806BE764
Authority key identifier: C3:1B:B4:4E:DE:2A:FE:0B:FA:9D:78:BA:29:32:49:55:F7:FC:60:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wxu0Tt4q_gv6nXi6KTJJVff8YJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/703f00-7f39-4d95-8c58-4bbb838a2779/1/CBHWCEakoRzs-oIkeelDTAHDVVw.roa
Signing time: Sun 01 Jan 2023 20:45:14 +0000
ROA not before: Sun 01 Jan 2023 20:45:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39635
IP address blocks: 195.246.241.0/24 maxlen: 24
195.246.240.0/23 maxlen: 23
195.246.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:d7:fe:b5:20:34:98:c8:72:f8:20:80:6b:e7:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c31bb44ede2afe0bfa9d78ba29324955f7fc6091
Validity
Not Before: Jan 1 20:45:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0811d60846a4a11cecfa822479e9434c01c3555c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e3:70:1f:a0:ac:f2:b0:0e:d3:7b:88:6c:7e:
1b:2c:1a:b5:9a:0f:14:ee:fa:d9:f9:23:b5:49:22:
54:8f:61:09:dc:a4:10:f8:1a:40:0d:33:a8:f0:a0:
08:5c:86:ee:89:14:e7:9d:96:23:2d:59:03:7a:b1:
3f:90:d6:da:75:80:34:fc:d6:6e:fd:85:e0:9e:bc:
79:10:7b:89:14:2f:e7:5b:7f:3a:c5:be:9e:f8:c3:
69:c6:bc:0a:74:5f:8e:85:3a:95:a7:dc:1b:3a:d9:
9f:c4:38:20:d1:64:d7:83:fc:38:7f:ef:1b:67:60:
f1:c2:d8:f6:23:fa:eb:5e:86:10:56:e5:fa:84:ca:
2f:c9:6c:aa:cb:0a:32:c6:f4:b1:4a:1f:d7:a0:2b:
a2:69:13:fd:ac:fa:12:4d:e4:8f:e2:45:3c:f7:31:
b8:3d:ac:4f:b8:77:e8:b6:75:12:cb:e1:cf:4a:0f:
c2:5c:40:37:81:3e:f1:6c:9c:10:b0:3c:12:53:c6:
80:62:b8:fd:3e:7b:2e:26:56:12:c8:db:d8:d4:52:
6b:05:2e:94:b8:d3:fa:ea:28:f6:f3:49:58:1e:10:
05:fd:0c:50:3e:ce:a1:6c:47:53:8d:53:f6:ee:9b:
05:27:a9:12:be:d2:b4:26:b0:ed:72:a4:f3:49:9f:
c6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:11:D6:08:46:A4:A1:1C:EC:FA:82:24:79:E9:43:4C:01:C3:55:5C
X509v3 Authority Key Identifier:
keyid:C3:1B:B4:4E:DE:2A:FE:0B:FA:9D:78:BA:29:32:49:55:F7:FC:60:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wxu0Tt4q_gv6nXi6KTJJVff8YJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/703f00-7f39-4d95-8c58-4bbb838a2779/1/CBHWCEakoRzs-oIkeelDTAHDVVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/703f00-7f39-4d95-8c58-4bbb838a2779/1/wxu0Tt4q_gv6nXi6KTJJVff8YJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.240.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:79:08:9e:c2:9e:a5:a2:95:4a:b1:d7:7f:6c:88:38:92:3d:
be:53:76:e3:c6:df:9c:d3:16:97:0f:55:9d:83:27:f5:50:88:
67:c4:7c:2b:87:6a:36:be:05:98:bf:50:e1:a8:f7:08:2c:d6:
dd:45:d3:9b:1f:5b:19:6d:9f:66:3a:07:be:ec:8c:13:f6:c5:
59:33:58:8d:6a:0e:c1:86:53:f8:1d:a5:28:d0:d8:f7:93:04:
61:0f:14:1c:ac:42:af:17:74:da:32:ac:89:6a:ba:14:bf:dc:
40:6f:89:d6:3f:ae:19:16:8e:84:d6:c6:4e:e1:a5:0a:7e:86:
55:21:74:48:9a:8b:80:70:6c:21:30:8b:d9:00:86:84:5b:eb:
64:b6:ef:6a:8d:9d:03:11:05:e1:3c:20:dc:0b:09:9c:b4:a4:
49:88:a9:c0:01:20:68:c5:e8:a3:37:78:3a:17:bc:9f:68:7f:
3c:50:91:36:b1:3f:75:95:f0:bb:f6:2e:9f:01:63:c0:1e:e5:
dd:ff:3f:95:dc:ff:0e:d7:80:1d:ca:21:f6:7f:f9:72:59:73:
54:c3:50:8a:d0:87:70:aa:4a:6e:48:76:36:9f:e1:f5:3c:44:
86:56:93:32:ea:d0:54:7e:3e:63:2c:c3:27:a1:de:01:85:d6:
38:af:3a:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvFNf+tSA0mMhy+CCAa+dkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMWJiNDRlZGUyYWZlMGJmYTlkNzhiYTI5MzI0OTU1Zjdm
YzYwOTEwHhcNMjMwMTAxMjA0NTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODExZDYwODQ2YTRhMTFjZWNmYTgyMjQ3OWU5NDM0YzAxYzM1NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnONwH6Cs8rAO03uIbH4bLBq1mg8U
7vrZ+SO1SSJUj2EJ3KQQ+BpADTOo8KAIXIbuiRTnnZYjLVkDerE/kNbadYA0/NZu
/YXgnrx5EHuJFC/nW386xb6e+MNpxrwKdF+OhTqVp9wbOtmfxDgg0WTXg/w4f+8b
Z2Dxwtj2I/rrXoYQVuX6hMovyWyqywoyxvSxSh/XoCuiaRP9rPoSTeSP4kU89zG4
PaxPuHfotnUSy+HPSg/CXEA3gT7xbJwQsDwSU8aAYrj9PnsuJlYSyNvY1FJrBS6U
uNP66ij280lYHhAF/QxQPs6hbEdTjVP27psFJ6kSvtK0JrDtcqTzSZ/GdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAgR1ghGpKEc7PqCJHnpQ0wBw1VcMB8GA1UdIwQY
MBaAFMMbtE7eKv4L+p14uikySVX3/GCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3h1MFR0NHFfZ3Y2blhpNktUSkpWZmY4WUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS83MDNmMDAtN2YzOS00ZDk1LThjNTgt
NGJiYjgzOGEyNzc5LzEvQ0JIV0NFYWtvUnpzLW9Ja2VlbERUQUhEVlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS83MDNmMDAtN2YzOS00ZDk1LThjNTgtNGJiYjgzOGEyNzc5
LzEvd3h1MFR0NHFfZ3Y2blhpNktUSkpWZmY4WUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/bwMA0G
CSqGSIb3DQEBCwUAA4IBAQAKeQiewp6lopVKsdd/bIg4kj2+U3bjxt+c0xaXD1Wd
gyf1UIhnxHwrh2o2vgWYv1DhqPcILNbdRdObH1sZbZ9mOge+7IwT9sVZM1iNag7B
hlP4HaUo0Nj3kwRhDxQcrEKvF3TaMqyJaroUv9xAb4nWP64ZFo6E1sZO4aUKfoZV
IXRImouAcGwhMIvZAIaEW+tktu9qjZ0DEQXhPCDcCwmctKRJiKnAASBoxeijN3g6
F7yfaH88UJE2sT91lfC79i6fAWPAHuXd/z+V3P8O14AdyiH2f/lyWXNUw1CK0Idw
qkpuSHY2n+H1PESGVpMy6tBUfj5jLMMnod4BhdY4rzqa
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:10 2025 by rpki-client