Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/24f509-ec2c-486d-9b01-09d8e493c1f9/1/KeLOojWAGZQhTXRc3Qu-nLkP-QU.roa
File: KeLOojWAGZQhTXRc3Qu-nLkP-QU.roa (raw, json)
Hash identifier: 58aR0/Cl1XJSU/fnMVHLpfkNH6oO7HhRXDK4hbOzNOY=
Subject key identifier: 29:E2:CE:A2:35:80:19:94:21:4D:74:5C:DD:0B:BE:9C:B9:0F:F9:05
Certificate issuer: /CN=52f941173564a09b7cf8efdd9875614262a7dd61
Certificate serial: 01856D8AFD41C0EE306BBD98B8557F80BD02
Authority key identifier: 52:F9:41:17:35:64:A0:9B:7C:F8:EF:DD:98:75:61:42:62:A7:DD:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UvlBFzVkoJt8-O_dmHVhQmKn3WE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/24f509-ec2c-486d-9b01-09d8e493c1f9/1/KeLOojWAGZQhTXRc3Qu-nLkP-QU.roa
Signing time: Sun 01 Jan 2023 13:35:03 +0000
ROA not before: Sun 01 Jan 2023 13:35:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200987
IP address blocks: 195.189.148.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8a:fd:41:c0:ee:30:6b:bd:98:b8:55:7f:80:bd:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52f941173564a09b7cf8efdd9875614262a7dd61
Validity
Not Before: Jan 1 13:35:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29e2cea235801994214d745cdd0bbe9cb90ff905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1e:ce:f3:15:f6:15:ea:d4:2d:90:29:54:f8:
4c:14:83:ff:20:b7:2b:07:f9:57:b9:d4:87:e2:23:
e3:1e:06:22:21:42:39:78:2f:7d:0b:fa:86:1d:a8:
e7:ab:e4:5f:50:f7:d3:bf:29:89:24:7c:70:86:6e:
96:65:2f:8d:db:43:d9:57:7d:cb:8d:06:c8:5f:91:
10:f2:d1:a2:c5:fe:e7:c5:6f:bc:9a:82:97:b1:db:
93:55:16:93:ae:3e:bc:99:b9:16:7b:4f:e5:dc:d0:
93:a1:d2:d9:31:34:68:0e:0d:56:39:67:3f:85:ac:
75:cf:9f:ff:5a:1e:f6:a4:00:25:e7:f2:7c:a7:33:
8c:7c:f1:6a:34:84:41:e6:e6:fb:99:60:40:10:d0:
74:e9:77:b6:ec:b1:2e:fd:4c:a6:41:83:35:70:72:
8c:cb:da:01:ad:aa:1f:60:1a:4f:51:c2:f7:cc:a1:
2b:d8:1c:53:d8:24:98:cf:6e:19:a4:41:7b:9f:c9:
bb:54:f2:41:8f:de:6a:01:a5:37:f1:72:15:e0:3a:
4f:ea:cd:c3:38:28:d9:9a:14:b8:45:3b:9b:45:bd:
74:88:3a:c1:e4:d1:ee:78:31:08:db:f9:0d:d6:d6:
02:ea:60:5f:dc:92:7e:02:cf:cb:22:b4:5b:5a:39:
9d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E2:CE:A2:35:80:19:94:21:4D:74:5C:DD:0B:BE:9C:B9:0F:F9:05
X509v3 Authority Key Identifier:
keyid:52:F9:41:17:35:64:A0:9B:7C:F8:EF:DD:98:75:61:42:62:A7:DD:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UvlBFzVkoJt8-O_dmHVhQmKn3WE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/24f509-ec2c-486d-9b01-09d8e493c1f9/1/KeLOojWAGZQhTXRc3Qu-nLkP-QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/24f509-ec2c-486d-9b01-09d8e493c1f9/1/UvlBFzVkoJt8-O_dmHVhQmKn3WE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.148.0/23
Signature Algorithm: sha256WithRSAEncryption
06:19:d6:d8:4d:65:30:cc:e3:1b:7d:a9:c6:33:1e:60:d8:9b:
0f:5e:b3:48:5e:b5:43:33:c0:d4:07:02:6c:0c:3f:86:d3:c7:
e5:74:0c:a2:46:2e:bb:2a:5f:26:96:2b:fe:06:76:5e:4f:d5:
4f:e2:8f:5a:3d:6c:70:2d:7d:10:55:2e:1b:3a:3e:5b:9d:f3:
5d:e0:39:c6:d1:38:34:b9:e8:7e:73:f3:21:b2:a1:da:0e:ac:
b2:11:ab:b4:8e:a0:eb:1f:79:e5:7e:f9:cc:dd:dc:52:5c:2f:
f3:e8:79:e1:8e:74:d1:fa:80:26:e5:b6:9b:19:5e:94:e7:e1:
f5:2a:0b:5e:b9:6e:5e:db:9a:85:ac:1a:85:98:ef:b2:fb:c2:
8c:88:04:3c:6e:77:d4:20:fb:d4:8f:ee:ef:53:bb:97:33:68:
44:08:ea:ba:cd:c4:a9:98:f6:ed:3a:49:89:04:0e:77:86:de:
f0:8a:d5:80:96:0f:61:ba:c3:98:f2:48:c9:c5:ef:17:2c:a5:
55:6c:1f:c0:cf:7e:cc:8a:49:e0:15:e0:1c:61:44:e8:ab:bd:
2f:69:93:d4:63:05:6d:7f:2c:44:25:75:13:88:c5:d4:03:4b:
5b:1f:72:d8:f6:4e:56:2f:df:c3:e2:6d:1d:ce:da:ff:02:c4:
52:fb:21:b6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtiv1BwO4wa72YuFV/gL0CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZjk0MTE3MzU2NGEwOWI3Y2Y4ZWZkZDk4NzU2MTQyNjJh
N2RkNjEwHhcNMjMwMTAxMTMzNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWUyY2VhMjM1ODAxOTk0MjE0ZDc0NWNkZDBiYmU5Y2I5MGZmOTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhR7O8xX2FerULZApVPhMFIP/ILcr
B/lXudSH4iPjHgYiIUI5eC99C/qGHajnq+RfUPfTvymJJHxwhm6WZS+N20PZV33L
jQbIX5EQ8tGixf7nxW+8moKXsduTVRaTrj68mbkWe0/l3NCTodLZMTRoDg1WOWc/
hax1z5//Wh72pAAl5/J8pzOMfPFqNIRB5ub7mWBAENB06Xe27LEu/UymQYM1cHKM
y9oBraofYBpPUcL3zKEr2BxT2CSYz24ZpEF7n8m7VPJBj95qAaU38XIV4DpP6s3D
OCjZmhS4RTubRb10iDrB5NHueDEI2/kN1tYC6mBf3JJ+As/LIrRbWjmdlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCnizqI1gBmUIU10XN0Lvpy5D/kFMB8GA1UdIwQY
MBaAFFL5QRc1ZKCbfPjv3Zh1YUJip91hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXZsQkZ6VmtvSnQ4LU9fZG1IVmhRbUtuM1dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8yNGY1MDktZWMyYy00ODZkLTliMDEt
MDlkOGU0OTNjMWY5LzEvS2VMT29qV0FHWlFoVFhSYzNRdS1uTGtQLVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8yNGY1MDktZWMyYy00ODZkLTliMDEtMDlkOGU0OTNjMWY5
LzEvVXZsQkZ6VmtvSnQ4LU9fZG1IVmhRbUtuM1dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw72UMA0G
CSqGSIb3DQEBCwUAA4IBAQAGGdbYTWUwzOMbfanGMx5g2JsPXrNIXrVDM8DUBwJs
DD+G08fldAyiRi67Kl8mliv+BnZeT9VP4o9aPWxwLX0QVS4bOj5bnfNd4DnG0Tg0
ueh+c/MhsqHaDqyyEau0jqDrH3nlfvnM3dxSXC/z6HnhjnTR+oAm5babGV6U5+H1
KgteuW5e25qFrBqFmO+y+8KMiAQ8bnfUIPvUj+7vU7uXM2hECOq6zcSpmPbtOkmJ
BA53ht7witWAlg9husOY8kjJxe8XLKVVbB/Az37MikngFeAcYUToq70vaZPUYwVt
fyxEJXUTiMXUA0tbH3LY9k5WL9/D4m0dztr/AsRS+yG2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:51 2025 by rpki-client