Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/zFD4qTojplrrHqj0Was0wy6Aj0E.roa
File: zFD4qTojplrrHqj0Was0wy6Aj0E.roa (raw, json)
Hash identifier: 2BqY06xsQ+8RDFycbScYWlWQyovw3beNE7GlNh8Ipa8=
Subject key identifier: CC:50:F8:A9:3A:23:A6:5A:EB:1E:A8:F4:59:AB:34:C3:2E:80:8F:41
Certificate issuer: /CN=f501b9e20616d686b405da906afa597635063640
Certificate serial: 01856D0AD6A07FAF7D3D7A21B4F46B0409A3
Authority key identifier: F5:01:B9:E2:06:16:D6:86:B4:05:DA:90:6A:FA:59:76:35:06:36:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9QG54gYW1oa0BdqQavpZdjUGNkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/zFD4qTojplrrHqj0Was0wy6Aj0E.roa
Signing time: Sun 01 Jan 2023 11:15:04 +0000
ROA not before: Sun 01 Jan 2023 11:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34204
IP address blocks: 195.95.223.0/24 maxlen: 24
195.95.222.0/23 maxlen: 23
195.95.222.0/24 maxlen: 24
195.135.244.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:d6:a0:7f:af:7d:3d:7a:21:b4:f4:6b:04:09:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f501b9e20616d686b405da906afa597635063640
Validity
Not Before: Jan 1 11:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc50f8a93a23a65aeb1ea8f459ab34c32e808f41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6f:db:26:6c:8f:0f:32:b1:72:74:23:67:c7:
36:db:94:6d:19:ad:79:e5:90:cc:ee:19:6e:ee:85:
91:19:95:33:dc:5f:b8:a2:52:58:da:31:b6:a5:78:
83:38:46:74:16:da:c8:04:c3:33:fc:c3:cf:d8:d9:
ca:61:5f:1e:ff:bb:43:48:ea:6e:99:34:f5:12:e4:
bc:8c:fd:87:a0:f7:44:bf:4a:fe:11:bc:5a:aa:3b:
57:f6:9d:cc:73:82:d5:79:d7:b8:e0:54:bc:7e:3b:
47:3e:c4:48:c4:ac:07:30:e6:f9:82:73:10:25:2d:
f9:dc:11:75:d8:73:df:f3:29:a0:58:2d:13:d6:97:
ef:1c:c2:27:6b:41:10:2d:b7:cc:ee:45:96:8b:8a:
f5:b8:f2:a8:55:ef:26:89:b8:a3:f6:3b:2a:09:88:
d6:98:0f:2e:3d:86:ce:c0:0a:c4:e6:c8:21:1b:dd:
28:3f:3c:c7:91:72:ab:13:e3:f1:4d:5a:f9:60:cc:
1c:82:82:c6:d6:e8:74:27:0e:2c:9c:a3:4b:30:82:
a0:b7:4c:c1:be:40:8b:28:10:61:33:c8:27:a0:45:
6f:35:58:b1:11:61:ca:93:62:2b:a2:26:75:a3:48:
3b:2c:6f:8f:e1:62:e4:94:23:95:2a:0a:5a:e7:86:
42:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:50:F8:A9:3A:23:A6:5A:EB:1E:A8:F4:59:AB:34:C3:2E:80:8F:41
X509v3 Authority Key Identifier:
keyid:F5:01:B9:E2:06:16:D6:86:B4:05:DA:90:6A:FA:59:76:35:06:36:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9QG54gYW1oa0BdqQavpZdjUGNkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/zFD4qTojplrrHqj0Was0wy6Aj0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7afce4-218b-47ed-95ab-75d5843aa489/1/9QG54gYW1oa0BdqQavpZdjUGNkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.222.0/23
195.135.244.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:6a:bf:bf:ee:af:e9:3d:80:00:52:06:90:5e:d4:28:e3:e2:
b9:3c:31:db:f2:10:17:4e:a3:1a:88:51:96:8c:ba:66:7f:1a:
bb:f7:bc:fc:94:10:8a:7f:a8:37:0d:81:2c:3d:52:4b:20:f1:
34:a3:d5:64:ee:92:ae:db:35:81:d3:f5:94:e1:01:50:c4:d6:
06:47:5a:60:81:3e:17:a2:1f:8d:e2:fd:0c:58:5b:7e:cd:83:
72:72:5d:2f:a4:83:74:69:fe:9a:75:b8:1b:73:12:ef:81:b5:
f5:fe:9a:ce:8a:64:40:b4:02:ba:13:70:49:41:42:c0:25:7e:
0d:a5:b1:6b:47:9b:7a:5a:44:12:d9:21:ff:86:d9:62:14:ed:
fe:cb:8b:3f:65:ff:46:0f:71:5b:4c:6b:e5:c5:50:50:e0:34:
5f:72:89:ed:63:ca:e8:87:e6:bf:d6:74:f1:b4:93:24:d0:91:
b1:46:91:29:7d:b5:85:fb:06:f0:a0:94:f4:0b:fd:11:52:d2:
9c:cb:47:ab:9d:a3:92:d3:24:15:73:8b:31:4f:e8:d3:fd:40:
b2:94:28:98:6c:df:61:83:6e:ca:a7:2d:57:02:70:87:a1:ad:
a2:f8:16:ca:ed:26:56:de:82:9b:4f:ce:6c:02:cf:94:07:19:
51:fb:57:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtCtagf699PXohtPRrBAmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MDFiOWUyMDYxNmQ2ODZiNDA1ZGE5MDZhZmE1OTc2MzUw
NjM2NDAwHhcNMjMwMTAxMTExNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzUwZjhhOTNhMjNhNjVhZWIxZWE4ZjQ1OWFiMzRjMzJlODA4ZjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2/bJmyPDzKxcnQjZ8c225RtGa15
5ZDM7hlu7oWRGZUz3F+4olJY2jG2pXiDOEZ0FtrIBMMz/MPP2NnKYV8e/7tDSOpu
mTT1EuS8jP2HoPdEv0r+EbxaqjtX9p3Mc4LVede44FS8fjtHPsRIxKwHMOb5gnMQ
JS353BF12HPf8ymgWC0T1pfvHMIna0EQLbfM7kWWi4r1uPKoVe8mibij9jsqCYjW
mA8uPYbOwArE5sghG90oPzzHkXKrE+PxTVr5YMwcgoLG1uh0Jw4snKNLMIKgt0zB
vkCLKBBhM8gnoEVvNVixEWHKk2IroiZ1o0g7LG+P4WLklCOVKgpa54ZC7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMxQ+Kk6I6Za6x6o9FmrNMMugI9BMB8GA1UdIwQY
MBaAFPUBueIGFtaGtAXakGr6WXY1BjZAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVFHNTRnWVcxb2EwQmRxUWF2cFpkalVHTmtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83YWZjZTQtMjE4Yi00N2VkLTk1YWIt
NzVkNTg0M2FhNDg5LzEvekZENHFUb2pwbHJySHFqMFdhczB3eTZBajBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83YWZjZTQtMjE4Yi00N2VkLTk1YWItNzVkNTg0M2FhNDg5
LzEvOVFHNTRnWVcxb2EwQmRxUWF2cFpkalVHTmtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw1/eAwQC
w4f0MA0GCSqGSIb3DQEBCwUAA4IBAQB7ar+/7q/pPYAAUgaQXtQo4+K5PDHb8hAX
TqMaiFGWjLpmfxq797z8lBCKf6g3DYEsPVJLIPE0o9Vk7pKu2zWB0/WU4QFQxNYG
R1pggT4Xoh+N4v0MWFt+zYNycl0vpIN0af6adbgbcxLvgbX1/prOimRAtAK6E3BJ
QULAJX4NpbFrR5t6WkQS2SH/htliFO3+y4s/Zf9GD3FbTGvlxVBQ4DRfcontY8ro
h+a/1nTxtJMk0JGxRpEpfbWF+wbwoJT0C/0RUtKcy0ernaOS0yQVc4sxT+jT/UCy
lCiYbN9hg27Kpy1XAnCHoa2i+BbK7SZW3oKbT85sAs+UBxlR+1fp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:25 2025 by rpki-client