Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/679cab-2cf4-40a5-b5ee-246646e9db1e/1/T9iCaffCGFKAeIinug3JIr9g8E0.roa
File: T9iCaffCGFKAeIinug3JIr9g8E0.roa (raw, json)
Hash identifier: UKPzIFx8Tduj36L0SiJjZ3vJNQzoHSKRg4jNG2qsQss=
Subject key identifier: 4F:D8:82:69:F7:C2:18:52:80:78:88:A7:BA:0D:C9:22:BF:60:F0:4D
Certificate issuer: /CN=07743006a8e9d0e1bf20557ad5964078fe8126ef
Certificate serial: 15DF
Authority key identifier: 07:74:30:06:A8:E9:D0:E1:BF:20:55:7A:D5:96:40:78:FE:81:26:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B3QwBqjp0OG_IFV61ZZAeP6BJu8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/679cab-2cf4-40a5-b5ee-246646e9db1e/1/T9iCaffCGFKAeIinug3JIr9g8E0.roa
Signing time: Mon 09 May 2022 12:16:21 +0000
ROA not before: Mon 09 May 2022 12:16:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13236
IP address blocks: 195.234.236.0/22 maxlen: 22
195.234.237.0/24 maxlen: 24
195.234.238.0/24 maxlen: 24
195.234.236.0/24 maxlen: 24
195.234.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5599 (0x15df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07743006a8e9d0e1bf20557ad5964078fe8126ef
Validity
Not Before: May 9 12:16:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fd88269f7c21852807888a7ba0dc922bf60f04d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:9d:43:aa:6f:ac:77:b3:1b:3c:b9:d0:36:4b:
20:00:b6:be:52:ca:62:e0:1a:2f:60:b8:f1:a4:7d:
24:58:a7:b2:68:17:3e:44:72:09:dd:d1:0d:a6:3d:
82:a4:d1:a3:e8:e9:36:36:89:99:fd:d2:3e:97:21:
95:5e:57:6a:0f:e1:d7:20:93:4c:1a:02:f4:8b:df:
8f:2a:e5:e6:8d:21:af:ab:91:4c:61:55:cf:1d:2c:
72:29:9e:53:46:b3:ef:2a:e3:fd:4d:be:b1:75:12:
cf:9e:89:b0:8b:9e:ca:ae:59:9d:b4:88:1c:f5:57:
e4:97:65:d4:58:fb:fe:cd:6c:8f:45:37:ec:00:71:
c7:9e:7b:cc:0b:de:2e:f4:e6:ba:2f:5e:d0:be:8a:
91:c6:04:84:fd:54:df:d4:71:43:20:3c:f1:72:52:
9f:4a:71:92:5f:66:34:f1:6c:02:83:a7:d3:e6:a5:
ca:75:a6:b5:3f:e0:f6:56:71:06:ef:07:1c:06:f4:
be:35:b3:98:10:ad:b2:50:b5:b8:94:00:55:35:c1:
57:1d:59:c7:41:12:ed:e6:6c:98:ef:41:fd:ac:74:
44:64:59:f6:07:23:1f:f6:3e:40:fa:d8:84:a8:41:
8e:04:c4:a9:38:5a:7c:8d:52:7a:4f:35:0a:c2:66:
99:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D8:82:69:F7:C2:18:52:80:78:88:A7:BA:0D:C9:22:BF:60:F0:4D
X509v3 Authority Key Identifier:
keyid:07:74:30:06:A8:E9:D0:E1:BF:20:55:7A:D5:96:40:78:FE:81:26:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B3QwBqjp0OG_IFV61ZZAeP6BJu8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/679cab-2cf4-40a5-b5ee-246646e9db1e/1/T9iCaffCGFKAeIinug3JIr9g8E0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/679cab-2cf4-40a5-b5ee-246646e9db1e/1/B3QwBqjp0OG_IFV61ZZAeP6BJu8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.236.0/22
Signature Algorithm: sha256WithRSAEncryption
99:7d:08:3c:1f:27:62:0c:ae:6f:6e:4d:7b:8b:b0:00:bc:af:
17:f8:0f:05:d6:17:d4:15:91:23:9b:75:2d:67:9e:6e:0f:ca:
00:b9:b1:94:57:44:9b:bd:76:8a:9b:22:92:4c:ef:b4:00:71:
e0:78:66:ac:8e:ce:ca:92:80:94:dd:d8:9d:14:37:b7:7f:0f:
d6:73:92:0d:2c:e2:44:f9:cd:7e:89:b2:9b:c9:db:51:cf:a1:
ef:46:01:8d:5c:ff:1c:88:f6:a0:11:52:a4:1b:36:a1:62:7b:
5d:26:fc:c8:94:ab:d9:54:2c:3c:73:33:da:68:e5:00:dc:8a:
66:78:4c:9b:2b:4e:ae:7b:22:a3:51:85:8c:8b:79:8a:be:ee:
a6:67:72:ea:56:4c:1c:84:18:97:aa:73:94:7d:b0:20:6a:d9:
24:1b:1c:93:b7:6d:66:d1:53:e6:79:c0:1f:d9:97:0a:2e:16:
9b:bb:5d:42:89:6c:13:be:29:90:82:73:3d:f7:8e:6d:59:90:
e1:06:3d:fc:a7:a5:5c:e1:45:bb:8d:d0:ab:20:0a:18:e6:02:
df:43:35:23:0c:e6:9d:bc:0e:b2:19:93:fc:25:f2:30:30:57:
3a:68:c8:1b:07:78:d6:c2:7c:a4:84:b7:83:3b:db:e3:95:6d:
37:0b:c9:43
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICFd8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDc3
NDMwMDZhOGU5ZDBlMWJmMjA1NTdhZDU5NjQwNzhmZTgxMjZlZjAeFw0yMjA1MDkx
MjE2MjFaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDRmZDg4MjY5ZjdjMjE4
NTI4MDc4ODhhN2JhMGRjOTIyYmY2MGYwNGQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDynUOqb6x3sxs8udA2SyAAtr5SymLgGi9guPGkfSRYp7JoFz5E
cgnd0Q2mPYKk0aPo6TY2iZn90j6XIZVeV2oP4dcgk0waAvSL348q5eaNIa+rkUxh
Vc8dLHIpnlNGs+8q4/1NvrF1Es+eibCLnsquWZ20iBz1V+SXZdRY+/7NbI9FN+wA
cceee8wL3i705rovXtC+ipHGBIT9VN/UcUMgPPFyUp9KcZJfZjTxbAKDp9Pmpcp1
prU/4PZWcQbvBxwG9L41s5gQrbJQtbiUAFU1wVcdWcdBEu3mbJjvQf2sdERkWfYH
Ix/2PkD62ISoQY4ExKk4WnyNUnpPNQrCZplZAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUT9iCaffCGFKAeIinug3JIr9g8E0wHwYDVR0jBBgwFoAUB3QwBqjp0OG/IFV6
1ZZAeP6BJu8wDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9C
M1F3QnFqcDBPR19JRlY2MVpaQWVQNkJKdTguY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzRjLzY3OWNhYi0yY2Y0LTQwYTUtYjVlZS0yNDY2NDZlOWRiMWUvMS9U
OWlDYWZmQ0dGS0FlSWludWczSklyOWc4RTAucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRjLzY3
OWNhYi0yY2Y0LTQwYTUtYjVlZS0yNDY2NDZlOWRiMWUvMS9CM1F3QnFqcDBPR19J
RlY2MVpaQWVQNkJKdTguY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALD6uwwDQYJKoZIhvcNAQELBQADggEB
AJl9CDwfJ2IMrm9uTXuLsAC8rxf4DwXWF9QVkSObdS1nnm4PygC5sZRXRJu9doqb
IpJM77QAceB4ZqyOzsqSgJTd2J0UN7d/D9Zzkg0s4kT5zX6JspvJ21HPoe9GAY1c
/xyI9qARUqQbNqFie10m/MiUq9lULDxzM9po5QDcimZ4TJsrTq57IqNRhYyLeYq+
7qZncupWTByEGJeqc5R9sCBq2SQbHJO3bWbRU+Z5wB/ZlwouFpu7XUKJbBO+KZCC
cz33jm1ZkOEGPfynpVzhRbuN0KsgChjmAt9DNSMM5p28DrIZk/wl8jAwVzpoyBsH
eNbCfKSEt4M72+OVbTcLyUM=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:17 2025 by rpki-client