Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/24s1x4MmeDQb-cdxCZA6KRnvBGE.roa
File: 24s1x4MmeDQb-cdxCZA6KRnvBGE.roa (raw, json)
Hash identifier: pjSjzgvQdFkgMd/ORaegkMEBe1PwQSrEiaYuOHrCNTo=
Subject key identifier: DB:8B:35:C7:83:26:78:34:1B:F9:C7:71:09:90:3A:29:19:EF:04:61
Certificate issuer: /CN=bbdcc8c3772174e47bac8b932e5bec7b47b1d92b
Certificate serial: 01856E942F24E39D9245CA124F59747F1896
Authority key identifier: BB:DC:C8:C3:77:21:74:E4:7B:AC:8B:93:2E:5B:EC:7B:47:B1:D9:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9zIw3chdOR7rIuTLlvse0ex2Ss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/24s1x4MmeDQb-cdxCZA6KRnvBGE.roa
Signing time: Sun 01 Jan 2023 18:24:43 +0000
ROA not before: Sun 01 Jan 2023 18:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21269
IP address blocks: 195.95.132.0/24 maxlen: 24
92.118.240.0/22 maxlen: 24
2a09:b240::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:94:2f:24:e3:9d:92:45:ca:12:4f:59:74:7f:18:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbdcc8c3772174e47bac8b932e5bec7b47b1d92b
Validity
Not Before: Jan 1 18:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db8b35c7832678341bf9c77109903a2919ef0461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:93:6d:22:27:52:38:cc:d8:8a:84:63:2b:b3:
20:61:22:7a:b8:b8:75:e5:b3:16:e0:3d:2e:18:83:
27:78:10:5f:f2:4a:2b:3f:e1:88:58:d9:cb:f6:72:
da:94:c4:b6:b1:3a:f3:9b:a3:8e:55:87:3f:a5:45:
f8:87:fd:a4:40:0b:42:17:32:df:f2:55:5f:6b:36:
20:7f:56:4f:21:56:8b:98:04:dd:fb:d1:42:45:21:
b6:3b:10:23:1a:cf:6e:ea:3f:3f:f9:6f:22:b9:c2:
b3:9d:05:ff:7b:89:a8:9d:ec:9d:c2:54:16:58:55:
9b:b6:04:52:58:12:d7:f5:5d:80:66:dc:ee:9d:fb:
da:c8:a8:fc:2f:ac:fd:65:a5:69:26:40:a7:cc:d8:
69:79:96:45:61:74:d3:2e:8d:51:8b:2a:31:e0:47:
39:24:0e:70:35:42:1a:cb:31:1d:12:f7:ac:25:7a:
11:70:13:3b:05:78:ab:92:0b:3a:3e:38:e0:76:70:
82:af:6b:41:37:46:c4:33:de:3b:30:1b:3f:d4:88:
6e:31:03:78:66:a0:04:82:28:a5:d8:21:07:4d:23:
ce:b0:d6:34:ea:01:ae:f4:3f:ac:8f:cb:ef:66:cb:
52:76:97:28:84:cf:ee:d4:92:ff:11:a7:54:bf:be:
19:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:8B:35:C7:83:26:78:34:1B:F9:C7:71:09:90:3A:29:19:EF:04:61
X509v3 Authority Key Identifier:
keyid:BB:DC:C8:C3:77:21:74:E4:7B:AC:8B:93:2E:5B:EC:7B:47:B1:D9:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9zIw3chdOR7rIuTLlvse0ex2Ss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/24s1x4MmeDQb-cdxCZA6KRnvBGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b62c33-cc9c-4baf-a0ee-ed142e464335/1/u9zIw3chdOR7rIuTLlvse0ex2Ss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.240.0/22
195.95.132.0/24
IPv6:
2a09:b240::/29
Signature Algorithm: sha256WithRSAEncryption
28:67:cb:b3:56:ed:da:6e:03:60:ea:6f:7f:07:6d:fe:c0:ad:
67:c0:bc:5c:2f:60:90:50:94:3d:ab:58:bc:6a:cd:6f:66:51:
bb:f9:54:83:4d:a0:69:83:39:81:4d:e5:d0:7c:84:d9:2a:fb:
ef:32:c4:47:78:d1:f7:de:ec:25:39:85:ab:fd:09:47:64:70:
49:12:a3:c7:9f:84:d0:17:05:cf:80:63:15:f3:9b:cf:a0:63:
cd:24:41:ca:02:70:14:d8:ce:01:fd:6a:4c:46:90:f0:60:1a:
0d:7a:e7:7a:88:2c:88:51:30:84:72:2c:07:bd:f8:a1:9e:18:
df:e9:76:a0:24:59:50:dc:1b:fa:9c:65:4e:71:76:01:e9:f6:
4e:ad:e2:1a:b1:ef:cf:82:e2:c0:1b:e5:8a:66:ae:21:08:a7:
88:4d:a6:c8:09:5b:87:b2:dd:ab:06:3f:fb:1a:eb:b6:56:da:
e8:2c:2d:89:33:50:11:b4:22:44:ef:64:1e:a4:43:ec:cf:d6:
db:08:ac:43:f9:cc:0f:ee:b4:5c:ac:de:6e:48:cd:07:4a:70:
5f:8d:20:91:78:1b:d1:c3:bb:ea:9e:a7:04:5c:eb:ca:6c:d3:
bc:db:12:8d:96:56:9f:ca:82:b2:be:58:0e:7e:0d:3c:31:3b:
3f:2e:21:cd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVulC8k452SRcoST1l0fxiWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZGNjOGMzNzcyMTc0ZTQ3YmFjOGI5MzJlNWJlYzdiNDdi
MWQ5MmIwHhcNMjMwMTAxMTgyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjhiMzVjNzgzMjY3ODM0MWJmOWM3NzEwOTkwM2EyOTE5ZWYwNDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZNtIidSOMzYioRjK7MgYSJ6uLh1
5bMW4D0uGIMneBBf8korP+GIWNnL9nLalMS2sTrzm6OOVYc/pUX4h/2kQAtCFzLf
8lVfazYgf1ZPIVaLmATd+9FCRSG2OxAjGs9u6j8/+W8iucKznQX/e4moneydwlQW
WFWbtgRSWBLX9V2AZtzunfvayKj8L6z9ZaVpJkCnzNhpeZZFYXTTLo1Riyox4Ec5
JA5wNUIayzEdEvesJXoRcBM7BXirkgs6PjjgdnCCr2tBN0bEM947MBs/1IhuMQN4
ZqAEgiil2CEHTSPOsNY06gGu9D+sj8vvZstSdpcohM/u1JL/EadUv74Z5QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNuLNceDJng0G/nHcQmQOikZ7wRhMB8GA1UdIwQY
MBaAFLvcyMN3IXTke6yLky5b7HtHsdkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTl6SXczY2hkT1I3ckl1VExsdnNlMGV4MlNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iNjJjMzMtY2M5Yy00YmFmLWEwZWUt
ZWQxNDJlNDY0MzM1LzEvMjRzMXg0TW1lRFFiLWNkeENaQTZLUm52QkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iNjJjMzMtY2M5Yy00YmFmLWEwZWUtZWQxNDJlNDY0MzM1
LzEvdTl6SXczY2hkT1I3ckl1VExsdnNlMGV4MlNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCXHbwAwQA
w1+EMA0EAgACMAcDBQMqCbJAMA0GCSqGSIb3DQEBCwUAA4IBAQAoZ8uzVu3abgNg
6m9/B23+wK1nwLxcL2CQUJQ9q1i8as1vZlG7+VSDTaBpgzmBTeXQfITZKvvvMsRH
eNH33uwlOYWr/QlHZHBJEqPHn4TQFwXPgGMV85vPoGPNJEHKAnAU2M4B/WpMRpDw
YBoNeud6iCyIUTCEciwHvfihnhjf6XagJFlQ3Bv6nGVOcXYB6fZOreIase/PguLA
G+WKZq4hCKeITabICVuHst2rBj/7Guu2VtroLC2JM1ARtCJE72QepEPsz9bbCKxD
+cwP7rRcrN5uSM0HSnBfjSCReBvRw7vqnqcEXOvKbNO82xKNllafyoKyvlgOfg08
MTs/LiHN
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:47 2025 by rpki-client