Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/fo8YrBH6owEfVYzprBHR0Kxlu_c.roa
File: fo8YrBH6owEfVYzprBHR0Kxlu_c.roa (raw, json)
Hash identifier: /+gvQceeY+MMQ1zFUXL1Mz0LiFGZARMuEURvJYPFKAY=
Subject key identifier: 7E:8F:18:AC:11:FA:A3:01:1F:55:8C:E9:AC:11:D1:D0:AC:65:BB:F7
Certificate issuer: /CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Certificate serial: 01856B379D3CDD3B816FAEA6D69843CAE2BE
Authority key identifier: 39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/fo8YrBH6owEfVYzprBHR0Kxlu_c.roa
Signing time: Sun 01 Jan 2023 02:44:44 +0000
ROA not before: Sun 01 Jan 2023 02:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15576
IP address blocks: 195.189.252.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:37:9d:3c:dd:3b:81:6f:ae:a6:d6:98:43:ca:e2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3979b435a3cfefe7c33a84b22f6033009a5225c7
Validity
Not Before: Jan 1 02:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7e8f18ac11faa3011f558ce9ac11d1d0ac65bbf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d4:c1:72:85:23:5f:7f:93:30:48:93:13:90:
12:3d:6c:b4:26:23:be:af:4c:3b:46:08:4b:27:98:
4c:17:55:c3:96:e9:22:ab:41:2d:f5:e1:a9:93:7f:
db:77:fb:85:65:30:35:8b:cb:90:c0:2d:3e:81:82:
6f:52:4f:b0:c1:89:eb:8d:1a:c6:75:f1:02:a0:33:
cd:13:cf:ee:53:de:06:3c:2b:fe:d5:b3:b2:4e:72:
8e:cd:ed:13:93:77:8e:62:54:38:23:e3:0d:75:25:
0e:15:9a:50:d3:2e:19:c3:c3:db:7f:ca:5c:f9:d9:
66:27:f6:39:6a:c2:2b:eb:62:cb:1c:69:68:c0:59:
97:59:ad:9b:0c:10:1b:a6:cc:80:c5:23:0f:62:26:
a4:a5:8d:5a:6f:8a:aa:47:18:58:78:38:75:a3:56:
d0:66:12:8b:7f:d2:57:05:f8:ce:e2:58:ff:69:32:
cd:a0:d8:f0:54:f9:9d:5d:51:1b:7f:73:25:cf:11:
7d:6e:50:99:1a:be:bb:fa:77:57:95:ac:7d:d9:1b:
70:6e:15:97:4e:45:c3:88:aa:6c:1f:33:19:84:5c:
f5:fe:3a:8f:ff:2a:60:f6:f5:31:57:55:47:7b:1e:
a8:ae:c9:12:89:bf:05:aa:de:bf:87:54:a1:9e:ee:
80:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:8F:18:AC:11:FA:A3:01:1F:55:8C:E9:AC:11:D1:D0:AC:65:BB:F7
X509v3 Authority Key Identifier:
keyid:39:79:B4:35:A3:CF:EF:E7:C3:3A:84:B2:2F:60:33:00:9A:52:25:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OXm0NaPP7-fDOoSyL2AzAJpSJcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/fo8YrBH6owEfVYzprBHR0Kxlu_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/73a71e-446d-41ff-aabf-d5bc239f6a98/1/OXm0NaPP7-fDOoSyL2AzAJpSJcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.189.252.0/23
Signature Algorithm: sha256WithRSAEncryption
85:58:10:bc:ae:ae:b5:e9:78:58:63:c4:7a:04:19:cc:29:71:
fd:b7:e2:52:41:8c:3f:1f:ed:1e:c2:11:38:83:c0:02:92:ad:
b9:38:35:ee:29:3f:1c:40:5a:db:a8:84:66:44:3f:50:d5:f6:
60:27:79:3c:44:b1:fa:b3:88:ee:49:1a:f8:b9:fd:13:ad:c8:
51:da:0a:10:f8:63:56:7b:4e:65:ad:05:1f:66:ba:ec:b8:50:
32:a6:11:77:ed:8b:be:35:6f:be:da:b3:fb:07:c3:1d:ef:89:
d7:46:93:19:db:dd:cb:58:7c:8f:49:31:27:21:d5:8a:c0:93:
9c:75:66:c4:b7:0e:42:87:f5:b3:02:fd:34:a0:7a:24:3b:61:
af:76:8f:ec:f1:08:d4:5f:fa:18:66:bf:58:61:ed:0f:21:fb:
31:f0:e7:80:74:1f:6b:49:e0:ab:ef:4e:2c:40:65:ea:41:85:
1a:78:8f:f3:d2:cd:16:73:39:2f:be:c0:cc:f4:a1:e1:fa:19:
1b:9c:ed:a0:56:e2:34:e3:18:ce:7f:11:69:72:8b:b7:ba:ba:
52:27:0d:2c:c4:96:7a:e4:3e:b1:25:d7:cc:c5:69:49:10:e4:
18:19:dc:bf:f9:a1:f5:b7:21:87:4a:93:7b:d0:03:0d:e3:e8:
ac:b4:b6:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrN5083TuBb66m1phDyuK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5NzliNDM1YTNjZmVmZTdjMzNhODRiMjJmNjAzMzAwOWE1
MjI1YzcwHhcNMjMwMTAxMDI0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZThmMThhYzExZmFhMzAxMWY1NThjZTlhYzExZDFkMGFjNjViYmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNTBcoUjX3+TMEiTE5ASPWy0JiO+
r0w7RghLJ5hMF1XDlukiq0Et9eGpk3/bd/uFZTA1i8uQwC0+gYJvUk+wwYnrjRrG
dfECoDPNE8/uU94GPCv+1bOyTnKOze0Tk3eOYlQ4I+MNdSUOFZpQ0y4Zw8Pbf8pc
+dlmJ/Y5asIr62LLHGlowFmXWa2bDBAbpsyAxSMPYiakpY1ab4qqRxhYeDh1o1bQ
ZhKLf9JXBfjO4lj/aTLNoNjwVPmdXVEbf3MlzxF9blCZGr67+ndXlax92RtwbhWX
TkXDiKpsHzMZhFz1/jqP/ypg9vUxV1VHex6orskSib8Fqt6/h1Shnu6ABQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH6PGKwR+qMBH1WM6awR0dCsZbv3MB8GA1UdIwQY
MBaAFDl5tDWjz+/nwzqEsi9gMwCaUiXHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYt
ZDViYzIzOWY2YTk4LzEvZm84WXJCSDZvd0VmVll6cHJCSFIwS3hsdV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83M2E3MWUtNDQ2ZC00MWZmLWFhYmYtZDViYzIzOWY2YTk4
LzEvT1htME5hUFA3LWZET29TeUwyQXpBSnBTSmNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw738MA0G
CSqGSIb3DQEBCwUAA4IBAQCFWBC8rq616XhYY8R6BBnMKXH9t+JSQYw/H+0ewhE4
g8ACkq25ODXuKT8cQFrbqIRmRD9Q1fZgJ3k8RLH6s4juSRr4uf0TrchR2goQ+GNW
e05lrQUfZrrsuFAyphF37Yu+NW++2rP7B8Md74nXRpMZ293LWHyPSTEnIdWKwJOc
dWbEtw5Ch/WzAv00oHokO2Gvdo/s8QjUX/oYZr9YYe0PIfsx8OeAdB9rSeCr704s
QGXqQYUaeI/z0s0WczkvvsDM9KHh+hkbnO2gVuI04xjOfxFpcou3urpSJw0sxJZ6
5D6xJdfMxWlJEOQYGdy/+aH1tyGHSpN70AMN4+istLb+
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:45 2025 by rpki-client