Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/44e4bb-9bf5-478b-85a1-649311139883/1/gUquuGa2pRa5DPMuNAsp24vzNWM.roa
File: gUquuGa2pRa5DPMuNAsp24vzNWM.roa (raw, json)
Hash identifier: OqtI+6auQ5cyXOpVlUrgIF8ZO0pWZndzmoNgpYbrL30=
Subject key identifier: 81:4A:AE:B8:66:B6:A5:16:B9:0C:F3:2E:34:0B:29:DB:8B:F3:35:63
Certificate issuer: /CN=c25d43dcde10b923179d5b1bd74ea43acc221093
Certificate serial: 018570B98CC6B89CECEA195542717885BAC3
Authority key identifier: C2:5D:43:DC:DE:10:B9:23:17:9D:5B:1B:D7:4E:A4:3A:CC:22:10:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wl1D3N4QuSMXnVsb106kOswiEJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/44e4bb-9bf5-478b-85a1-649311139883/1/gUquuGa2pRa5DPMuNAsp24vzNWM.roa
Signing time: Mon 02 Jan 2023 04:24:46 +0000
ROA not before: Mon 02 Jan 2023 04:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48829
IP address blocks: 195.130.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b9:8c:c6:b8:9c:ec:ea:19:55:42:71:78:85:ba:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c25d43dcde10b923179d5b1bd74ea43acc221093
Validity
Not Before: Jan 2 04:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=814aaeb866b6a516b90cf32e340b29db8bf33563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:64:1e:31:48:fe:fa:bc:3b:dd:3a:f8:c3:61:
14:e1:24:50:64:17:ed:fa:d2:88:f4:47:86:06:0c:
e4:bc:92:e9:13:6b:47:5c:ab:21:35:1a:16:54:bc:
f7:78:fe:a1:39:0e:30:21:5e:a9:50:9c:c8:cd:a5:
c2:67:da:46:1b:1b:b2:75:f1:f8:fa:73:8a:e6:7e:
67:d9:e0:4b:c9:b4:ba:6d:ab:dd:b4:71:59:ee:15:
d7:5b:06:f8:32:9c:39:ab:ba:ba:8c:e3:6c:5a:1a:
2e:f0:b8:8f:79:39:36:2d:f9:5e:b9:24:0d:2b:cb:
43:28:a0:0a:ef:c0:de:21:e2:39:05:e7:97:37:a3:
a0:fa:f7:c8:5d:78:b0:7b:90:d6:94:62:c3:6f:ab:
dd:f0:2a:ec:1c:d7:9d:c4:83:ac:d4:d2:ff:02:f4:
af:1a:ee:c1:7d:68:a8:c5:85:2a:60:8f:bc:f1:e7:
4e:cc:1a:5e:b5:7f:27:1d:ff:2d:69:88:56:32:06:
98:a8:1a:31:97:92:6f:c0:e9:56:fb:36:e2:ad:ff:
61:cb:35:9a:ea:89:13:97:70:80:60:39:18:05:78:
87:e7:4f:db:2f:1f:4c:c3:f6:fe:1f:79:78:2b:8e:
5e:17:e1:90:46:79:a0:dc:c8:b6:0d:ff:24:72:6a:
1c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:4A:AE:B8:66:B6:A5:16:B9:0C:F3:2E:34:0B:29:DB:8B:F3:35:63
X509v3 Authority Key Identifier:
keyid:C2:5D:43:DC:DE:10:B9:23:17:9D:5B:1B:D7:4E:A4:3A:CC:22:10:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wl1D3N4QuSMXnVsb106kOswiEJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/44e4bb-9bf5-478b-85a1-649311139883/1/gUquuGa2pRa5DPMuNAsp24vzNWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/44e4bb-9bf5-478b-85a1-649311139883/1/wl1D3N4QuSMXnVsb106kOswiEJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.130.203.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:c4:79:88:d9:39:9c:97:34:15:2f:51:96:d2:59:78:a2:00:
7a:c3:a6:de:25:94:88:3d:83:3a:0c:ec:d0:b4:13:4f:07:2a:
f1:31:d8:bf:fe:47:d9:7e:3b:5a:7e:1e:92:1a:09:35:b2:0b:
48:a0:d7:3e:67:ee:5a:e6:a3:85:19:cb:dc:6d:fd:d3:70:9c:
30:e0:2e:72:35:5a:2c:cf:1a:da:16:d3:ff:7e:80:4f:e0:d7:
e8:0a:84:3f:ba:c7:1a:94:cb:eb:e3:54:bc:cb:a8:a0:f1:8a:
02:68:7a:99:69:12:05:eb:e4:fa:56:95:b8:62:fa:03:d8:fa:
c0:4a:da:21:a4:62:30:53:fc:c7:c9:05:26:06:4a:79:94:55:
6b:a2:26:9f:d1:6a:aa:5d:6f:ce:f6:ca:a5:49:73:03:06:60:
75:6a:bc:5e:26:9b:11:e7:49:e7:3b:15:6d:6a:5a:e1:14:6a:
0f:ce:b1:54:8b:05:f6:f2:29:99:0f:d8:2a:99:9a:e0:24:09:
97:7e:85:31:19:60:b4:28:67:86:43:8f:0a:99:6b:13:00:da:
0f:18:1f:4b:9a:2d:3b:70:9d:9d:67:5c:45:1e:b6:d0:8a:8a:
b6:60:6f:42:03:d0:01:fb:9b:bc:d8:05:f2:26:53:d4:3e:2e:
e8:66:f0:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwuYzGuJzs6hlVQnF4hbrDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNWQ0M2RjZGUxMGI5MjMxNzlkNWIxYmQ3NGVhNDNhY2My
MjEwOTMwHhcNMjMwMTAyMDQyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTRhYWViODY2YjZhNTE2YjkwY2YzMmUzNDBiMjlkYjhiZjMzNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGQeMUj++rw73Tr4w2EU4SRQZBft
+tKI9EeGBgzkvJLpE2tHXKshNRoWVLz3eP6hOQ4wIV6pUJzIzaXCZ9pGGxuydfH4
+nOK5n5n2eBLybS6bavdtHFZ7hXXWwb4Mpw5q7q6jONsWhou8LiPeTk2LfleuSQN
K8tDKKAK78DeIeI5BeeXN6Og+vfIXXiwe5DWlGLDb6vd8CrsHNedxIOs1NL/AvSv
Gu7BfWioxYUqYI+88edOzBpetX8nHf8taYhWMgaYqBoxl5JvwOlW+zbirf9hyzWa
6okTl3CAYDkYBXiH50/bLx9Mw/b+H3l4K45eF+GQRnmg3Mi2Df8kcmocPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIFKrrhmtqUWuQzzLjQLKduL8zVjMB8GA1UdIwQY
MBaAFMJdQ9zeELkjF51bG9dOpDrMIhCTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2wxRDNONFF1U01YblZzYjEwNmtPc3dpRUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS80NGU0YmItOWJmNS00NzhiLTg1YTEt
NjQ5MzExMTM5ODgzLzEvZ1VxdXVHYTJwUmE1RFBNdU5Bc3AyNHZ6TldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS80NGU0YmItOWJmNS00NzhiLTg1YTEtNjQ5MzExMTM5ODgz
LzEvd2wxRDNONFF1U01YblZzYjEwNmtPc3dpRUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4LLMA0G
CSqGSIb3DQEBCwUAA4IBAQChxHmI2TmclzQVL1GW0ll4ogB6w6beJZSIPYM6DOzQ
tBNPByrxMdi//kfZfjtafh6SGgk1sgtIoNc+Z+5a5qOFGcvcbf3TcJww4C5yNVos
zxraFtP/foBP4NfoCoQ/uscalMvr41S8y6ig8YoCaHqZaRIF6+T6VpW4YvoD2PrA
StohpGIwU/zHyQUmBkp5lFVroiaf0WqqXW/O9sqlSXMDBmB1arxeJpsR50nnOxVt
alrhFGoPzrFUiwX28imZD9gqmZrgJAmXfoUxGWC0KGeGQ48KmWsTANoPGB9Lmi07
cJ2dZ1xFHrbQioq2YG9CA9AB+5u82AXyJlPUPi7oZvC+
-----END CERTIFICATE-----
Generated at Wed Apr 16 09:10:23 2025 by rpki-client