Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/C1pgm98CIiHCJUdAe3v2_n88FyQ.roa
File: C1pgm98CIiHCJUdAe3v2_n88FyQ.roa (raw, json)
Hash identifier: VQwHjnY7NGuZqvUnjpragqvBTfw4UkTDRMjCi6l4crE=
Subject key identifier: 0B:5A:60:9B:DF:02:22:21:C2:25:47:40:7B:7B:F6:FE:7F:3C:17:24
Certificate issuer: /CN=6c4e7eafe2ffaa90cae9476803034db6da7c1219
Certificate serial: E8D4C2
Authority key identifier: 6C:4E:7E:AF:E2:FF:AA:90:CA:E9:47:68:03:03:4D:B6:DA:7C:12:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bE5-r-L_qpDK6UdoAwNNttp8Ehk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/C1pgm98CIiHCJUdAe3v2_n88FyQ.roa
Signing time: Sat 01 Jan 2022 04:03:09 +0000
ROA not before: Sat 01 Jan 2022 04:03:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8412
IP address blocks: 195.20.132.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15258818 (0xe8d4c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c4e7eafe2ffaa90cae9476803034db6da7c1219
Validity
Not Before: Jan 1 04:03:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b5a609bdf022221c22547407b7bf6fe7f3c1724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b0:ec:05:a6:4f:b0:a5:52:69:06:1d:98:76:
8e:4b:ca:87:65:9f:99:1d:23:0a:3c:2f:d5:c4:d3:
10:86:d9:af:7e:4a:7c:c9:07:8d:f8:bc:d2:e6:80:
f5:48:d6:df:4a:ce:63:41:86:27:06:31:95:77:20:
19:21:46:ec:f1:77:fd:13:80:40:aa:04:e6:97:05:
9a:22:81:e6:e4:09:4b:95:38:f7:d0:aa:a2:3a:c8:
c3:2a:d8:37:5f:c4:4a:d5:ad:51:b4:bb:f4:f3:4b:
88:30:af:bc:cf:c6:e0:8c:56:c9:42:9f:2d:00:f5:
02:e1:cb:40:e8:ff:a5:ab:99:3a:be:ec:0b:d9:12:
86:36:67:91:81:48:88:e0:06:d4:4f:47:23:75:86:
c4:28:7c:ec:71:98:98:c9:6a:67:5c:32:f9:06:cd:
a7:2b:82:81:33:db:6e:32:6b:45:f2:6c:12:47:88:
7e:d7:18:de:d4:64:a3:5c:c5:b3:6b:41:2d:15:56:
4a:4b:4a:c7:97:63:c1:89:38:63:40:37:db:8f:56:
78:41:97:f5:d2:39:17:22:0c:51:18:52:53:08:7a:
5e:83:9c:cf:26:8b:dd:fe:a5:6e:e7:9b:68:25:d8:
40:70:b3:40:92:b3:ed:35:f2:66:72:40:4c:69:16:
11:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:5A:60:9B:DF:02:22:21:C2:25:47:40:7B:7B:F6:FE:7F:3C:17:24
X509v3 Authority Key Identifier:
keyid:6C:4E:7E:AF:E2:FF:AA:90:CA:E9:47:68:03:03:4D:B6:DA:7C:12:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bE5-r-L_qpDK6UdoAwNNttp8Ehk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/C1pgm98CIiHCJUdAe3v2_n88FyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3deae4-720d-4eae-b3d9-b21dd3f68aba/1/bE5-r-L_qpDK6UdoAwNNttp8Ehk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.132.0/24
Signature Algorithm: sha256WithRSAEncryption
87:f7:b7:a5:4e:e5:9a:f7:bd:62:3a:21:bb:ba:9a:24:37:76:
0d:a6:2b:6a:38:7f:2d:11:43:48:0a:a6:8c:2c:e3:db:a3:55:
06:46:24:9e:68:8e:e1:86:e9:c6:cf:67:cb:9c:3b:e0:a4:71:
d8:d4:70:a2:4d:04:43:38:ef:51:1e:a6:91:b7:56:d7:17:4c:
6e:eb:ab:41:be:bb:48:5e:72:c7:d9:e8:b9:1f:cd:ab:ad:38:
af:d6:9d:06:e8:17:c6:ac:fb:02:33:d3:47:6e:c1:ae:3a:b1:
4e:ae:b4:1f:ee:b2:68:20:9f:aa:02:6b:04:20:3e:3b:30:bb:
5a:41:9d:46:a7:d1:86:53:70:0c:54:2f:d2:c4:8f:22:0a:d4:
43:b3:0b:2b:93:64:03:a8:b8:39:c6:d2:86:4c:0c:12:f0:0f:
83:5f:3b:f6:82:3e:84:bf:04:b3:c9:d6:d0:76:b4:2c:4f:3a:
f2:c3:b8:37:7e:c5:f4:19:9d:d5:91:db:b2:91:2c:4d:50:86:
c7:a2:af:01:73:be:62:b2:9f:97:3e:0a:5b:63:08:ce:27:cd:
93:97:b1:1c:bf:62:34:d7:49:ba:89:58:bf:35:f3:82:94:85:
a6:24:19:ae:8f:34:b0:3b:42:ce:62:33:ff:54:8b:3b:1f:94:
b4:f2:f1:1f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOjUwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzRlN2VhZmUyZmZhYTkwY2FlOTQ3NjgwMzAzNGRiNmRhN2MxMjE5MB4XDTIyMDEw
MTA0MDMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGI1YTYwOWJkZjAy
MjIyMWMyMjU0NzQwN2I3YmY2ZmU3ZjNjMTcyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2w7AWmT7ClUmkGHZh2jkvKh2WfmR0jCjwv1cTTEIbZr35K
fMkHjfi80uaA9UjW30rOY0GGJwYxlXcgGSFG7PF3/ROAQKoE5pcFmiKB5uQJS5U4
99CqojrIwyrYN1/EStWtUbS79PNLiDCvvM/G4IxWyUKfLQD1AuHLQOj/pauZOr7s
C9kShjZnkYFIiOAG1E9HI3WGxCh87HGYmMlqZ1wy+QbNpyuCgTPbbjJrRfJsEkeI
ftcY3tRko1zFs2tBLRVWSktKx5djwYk4Y0A3249WeEGX9dI5FyIMURhSUwh6XoOc
zyaL3f6lbuebaCXYQHCzQJKz7TXyZnJATGkWEfECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQLWmCb3wIiIcIlR0B7e/b+fzwXJDAfBgNVHSMEGDAWgBRsTn6v4v+qkMrp
R2gDA0222nwSGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JFNS1yLUxfcXBESzZVZG9Bd05OdHRwOEVoay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvM2RlYWU0LTcyMGQtNGVhZS1iM2Q5LWIyMWRkM2Y2OGFiYS8x
L0MxcGdtOThDSWlIQ0pVZEFlM3YyX244OEZ5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
M2RlYWU0LTcyMGQtNGVhZS1iM2Q5LWIyMWRkM2Y2OGFiYS8xL2JFNS1yLUxfcXBE
SzZVZG9Bd05OdHRwOEVoay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMUhDANBgkqhkiG9w0BAQsFAAOC
AQEAh/e3pU7lmve9Yjohu7qaJDd2DaYrajh/LRFDSAqmjCzj26NVBkYknmiO4Ybp
xs9ny5w74KRx2NRwok0EQzjvUR6mkbdW1xdMbuurQb67SF5yx9nouR/Nq604r9ad
BugXxqz7AjPTR27BrjqxTq60H+6yaCCfqgJrBCA+OzC7WkGdRqfRhlNwDFQv0sSP
IgrUQ7MLK5NkA6i4OcbShkwMEvAPg1879oI+hL8Es8nW0Ha0LE868sO4N37F9Bmd
1ZHbspEsTVCGx6KvAXO+YrKflz4KW2MIzifNk5exHL9iNNdJuolYvzXzgpSFpiQZ
ro80sDtCzmIz/1SLOx+UtPLxHw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:13 2025 by rpki-client