Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/DN7pwGDP1QX8w4BeZ3RHVioi3HE.roa
File: DN7pwGDP1QX8w4BeZ3RHVioi3HE.roa (raw, json)
Hash identifier: 07HbJDEnCBXlhK8X5+GiP7Hw0qXSOk1n7hUxKe0zCjY=
Subject key identifier: 0C:DE:E9:C0:60:CF:D5:05:FC:C3:80:5E:67:74:47:56:2A:22:DC:71
Certificate issuer: /CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Certificate serial: 0A332E33
Authority key identifier: 36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/DN7pwGDP1QX8w4BeZ3RHVioi3HE.roa
Signing time: Sat 01 Jan 2022 02:58:46 +0000
ROA not before: Sat 01 Jan 2022 02:58:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5459
IP address blocks: 195.66.224.0/19 maxlen: 19
195.66.232.0/22 maxlen: 22
195.66.240.0/22 maxlen: 22
195.66.248.0/22 maxlen: 22
2a01:40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171126323 (0xa332e33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36eaa00ea777098b1bf036756d640e9d31d63b3b
Validity
Not Before: Jan 1 02:58:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0cdee9c060cfd505fcc3805e677447562a22dc71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bc:a6:5a:2d:37:2b:ee:2c:21:de:f0:3f:e7:
f7:93:f3:0a:41:66:3e:fb:12:db:80:0a:75:45:a5:
d9:95:69:34:80:0a:54:5b:f8:e6:3a:c2:ee:c7:3d:
85:22:62:ac:23:c5:aa:ae:13:a1:46:3f:82:24:b8:
cb:34:b8:3f:83:1c:30:3d:47:4b:7d:1f:f4:d6:4d:
00:16:40:a9:c6:a9:b3:3a:46:72:dc:47:b3:d9:dc:
43:b6:9e:6f:ba:0b:7c:19:6e:b8:36:cb:fe:91:c6:
4f:6e:10:25:49:09:67:9b:87:62:41:85:34:d0:ce:
c7:3c:66:43:03:16:56:94:d2:be:9f:44:fb:6c:79:
61:37:bb:bc:a5:f3:66:c2:e7:40:be:7f:1e:b8:9f:
cb:02:82:db:b1:a8:49:12:6a:90:72:86:b5:14:c1:
9c:e3:49:fb:76:ff:6d:78:c4:b5:ab:a1:50:17:b6:
76:29:78:57:e7:d5:d2:ea:04:72:e4:af:43:45:c5:
ea:8d:29:7e:21:a6:45:35:42:a9:db:ab:a5:c0:13:
d6:3d:09:f7:34:bf:29:e5:97:3d:ee:30:ef:bb:0b:
45:92:cb:b8:4a:84:9d:c6:d7:b8:a2:9f:fa:8e:92:
3b:2f:a3:d1:2f:fe:bb:47:3f:d0:a4:9e:d3:75:af:
ee:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DE:E9:C0:60:CF:D5:05:FC:C3:80:5E:67:74:47:56:2A:22:DC:71
X509v3 Authority Key Identifier:
keyid:36:EA:A0:0E:A7:77:09:8B:1B:F0:36:75:6D:64:0E:9D:31:D6:3B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/DN7pwGDP1QX8w4BeZ3RHVioi3HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/410232-b1fd-4137-832d-bdb21313c3ec/1/NuqgDqd3CYsb8DZ1bWQOnTHWOzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.224.0/19
IPv6:
2a01:40::/32
Signature Algorithm: sha256WithRSAEncryption
86:b7:4b:95:b2:e3:c1:d2:4d:e8:cb:37:23:1c:b5:7c:0f:c4:
66:55:ed:c2:1e:e5:ca:10:91:2a:04:44:f5:0a:d1:78:1f:52:
04:3a:4c:2c:87:65:93:4c:ed:ac:20:dd:37:bd:bb:74:2a:85:
a2:8d:b8:ec:bd:10:04:50:fc:fe:0c:42:b4:c7:e8:bf:69:bc:
32:0e:26:4a:b3:50:8f:a9:9a:fe:61:be:8e:d0:f3:fa:93:e4:
8a:1a:04:59:a2:e3:ec:d8:ed:67:cc:cd:c0:68:27:dd:86:80:
91:d2:7f:08:4e:57:e3:35:56:09:2a:8a:92:eb:b0:8e:8a:e8:
c8:fe:99:06:0b:e0:56:07:55:e2:d0:38:b9:fb:82:09:26:b0:
03:7e:2b:7f:0e:4f:79:7e:8e:77:ff:fc:9c:86:b4:cc:90:35:
39:d5:a0:4a:dc:43:82:41:aa:90:11:fc:8b:5b:85:04:92:bf:
6e:1b:a8:5c:34:d5:96:e1:e6:b7:6c:e3:80:da:64:63:b6:49:
70:b8:cb:36:8c:aa:de:8b:00:4e:05:37:45:70:53:64:b9:3b:
6d:0a:f5:9a:14:be:a7:14:76:8c:29:fb:92:12:cf:8a:0c:cb:
09:c3:ae:97:b0:fd:3f:4d:3a:7d:b0:e2:70:d6:c2:a8:50:91:
0b:4e:64:b5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECjMuMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmVhYTAwZWE3NzcwOThiMWJmMDM2NzU2ZDY0MGU5ZDMxZDYzYjNiMB4XDTIyMDEw
MTAyNTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGNkZWU5YzA2MGNm
ZDUwNWZjYzM4MDVlNjc3NDQ3NTYyYTIyZGM3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALW8plotNyvuLCHe8D/n95PzCkFmPvsS24AKdUWl2ZVpNIAK
VFv45jrC7sc9hSJirCPFqq4ToUY/giS4yzS4P4McMD1HS30f9NZNABZAqcapszpG
ctxHs9ncQ7aeb7oLfBluuDbL/pHGT24QJUkJZ5uHYkGFNNDOxzxmQwMWVpTSvp9E
+2x5YTe7vKXzZsLnQL5/HrifywKC27GoSRJqkHKGtRTBnONJ+3b/bXjEtauhUBe2
dil4V+fV0uoEcuSvQ0XF6o0pfiGmRTVCqdurpcAT1j0J9zS/KeWXPe4w77sLRZLL
uEqEncbXuKKf+o6SOy+j0S/+u0c/0KSe03Wv7mMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQM3unAYM/VBfzDgF5ndEdWKiLccTAfBgNVHSMEGDAWgBQ26qAOp3cJixvw
NnVtZA6dMdY7OzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L051cWdEcWQzQ1lzYjhEWjFiV1FPblRIV096cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvNDEwMjMyLWIxZmQtNDEzNy04MzJkLWJkYjIxMzEzYzNlYy8x
L0RON3B3R0RQMVFYOHc0QmVaM1JIVmlvaTNIRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
NDEwMjMyLWIxZmQtNDEzNy04MzJkLWJkYjIxMzEzYzNlYy8xL051cWdEcWQzQ1lz
YjhEWjFiV1FPblRIV096cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBcNC4DANBAIAAjAHAwUAKgEAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAhrdLlbLjwdJN6Ms3Ixy1fA/EZlXtwh7lyhCRKgRE
9QrReB9SBDpMLIdlk0ztrCDdN727dCqFoo247L0QBFD8/gxCtMfov2m8Mg4mSrNQ
j6ma/mG+jtDz+pPkihoEWaLj7NjtZ8zNwGgn3YaAkdJ/CE5X4zVWCSqKkuuwjoro
yP6ZBgvgVgdV4tA4ufuCCSawA34rfw5PeX6Od//8nIa0zJA1OdWgStxDgkGqkBH8
i1uFBJK/bhuoXDTVluHmt2zjgNpkY7ZJcLjLNoyq3osATgU3RXBTZLk7bQr1mhS+
pxR2jCn7khLPigzLCcOul7D9P006fbDicNbCqFCRC05ktQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:05 2025 by rpki-client