Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/oi7-jKEKBtC68NP0h8jQ-HcpnDo.roa
File: oi7-jKEKBtC68NP0h8jQ-HcpnDo.roa (raw, json)
Hash identifier: 02m3QoUi6biDzhM9FKz4hPsVtxqj1PVxFt8Rvts5KIE=
Subject key identifier: A2:2E:FE:8C:A1:0A:06:D0:BA:F0:D3:F4:87:C8:D0:F8:77:29:9C:3A
Certificate issuer: /CN=44f885220f1719f5837cb5a36fa62f3f537e8e3f
Certificate serial: 01856E5D4DEF68B13D321D3247C94EDEEAC4
Authority key identifier: 44:F8:85:22:0F:17:19:F5:83:7C:B5:A3:6F:A6:2F:3F:53:7E:8E:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/oi7-jKEKBtC68NP0h8jQ-HcpnDo.roa
Signing time: Sun 01 Jan 2023 17:24:46 +0000
ROA not before: Sun 01 Jan 2023 17:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51222
IP address blocks: 195.54.37.0/24 maxlen: 24
195.54.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:4d:ef:68:b1:3d:32:1d:32:47:c9:4e:de:ea:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f885220f1719f5837cb5a36fa62f3f537e8e3f
Validity
Not Before: Jan 1 17:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a22efe8ca10a06d0baf0d3f487c8d0f877299c3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d4:e5:54:99:40:9e:44:61:6f:7b:3f:f7:2f:
c3:ea:4b:a6:66:5b:c6:54:d5:f6:36:f1:f8:15:42:
e1:d3:2c:51:9c:f6:e9:0f:18:0f:4d:24:48:b2:ab:
14:4b:4a:47:42:13:2e:a6:98:4e:55:9e:47:81:c4:
7e:e0:e4:57:44:5f:89:82:2e:a8:40:4c:cb:5b:6e:
c4:06:a4:fd:09:3e:61:de:c9:8d:b6:a1:fc:22:43:
c5:75:4c:3b:6f:9b:9b:77:59:57:ca:74:03:31:04:
ec:3c:d4:9f:12:c0:2b:7e:c2:4a:06:50:d6:95:54:
73:bb:4c:52:24:0b:2b:2f:2e:bf:75:81:30:9e:99:
60:df:e6:e3:38:b4:69:72:7b:fb:11:ba:bd:95:0f:
db:28:0f:bc:32:3e:59:d2:e0:9d:a3:de:7f:ed:8e:
d4:d5:76:c2:ea:92:68:03:14:f3:c5:b8:a3:7e:4e:
ae:da:00:05:9a:1a:c0:2a:76:ac:f2:59:c3:d3:a8:
5c:f6:f6:ba:b5:ea:82:d0:18:4b:ff:dc:17:66:9d:
77:e0:dc:20:c6:d7:9d:7a:76:e6:c6:6b:a3:2c:34:
11:d0:a9:ea:f1:da:0d:db:b5:94:42:e2:9b:59:be:
e6:f7:cf:f7:5f:8b:2e:86:37:93:8a:11:89:92:fa:
bb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:2E:FE:8C:A1:0A:06:D0:BA:F0:D3:F4:87:C8:D0:F8:77:29:9C:3A
X509v3 Authority Key Identifier:
keyid:44:F8:85:22:0F:17:19:F5:83:7C:B5:A3:6F:A6:2F:3F:53:7E:8E:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPiFIg8XGfWDfLWjb6YvP1N-jj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/oi7-jKEKBtC68NP0h8jQ-HcpnDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/bab194-5e24-4ead-8f49-37ed99143aae/1/RPiFIg8XGfWDfLWjb6YvP1N-jj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.54.36.0/23
Signature Algorithm: sha256WithRSAEncryption
63:79:fc:5b:26:ff:7d:e3:15:84:54:bb:64:3f:03:0f:6f:44:
6d:ce:3d:c4:5f:b4:9e:f9:9a:df:6e:b7:2c:bd:dc:01:22:36:
83:96:4e:b5:a9:5f:3b:25:72:1d:c6:28:d6:3e:86:6d:eb:9e:
cf:0c:dd:20:2f:c3:5e:cf:0c:f8:bf:a7:44:f7:a4:ad:aa:c8:
64:1f:23:c1:04:de:fc:de:18:87:df:86:c7:af:18:cf:da:b9:
e8:c4:86:c1:c5:45:36:a2:67:09:62:7e:5c:f8:9f:56:73:ca:
bb:01:79:c6:ad:45:fc:df:e6:60:9f:81:83:aa:d8:b6:7d:71:
01:b3:e9:eb:8e:33:9e:49:d9:22:f0:f8:9c:0b:f9:19:2f:8a:
e6:aa:a8:25:5b:e3:77:a9:b7:7f:b8:bb:f6:07:35:c2:e5:bc:
4e:c7:57:b2:95:18:8a:71:37:af:16:f7:25:35:ee:d9:dd:53:
70:b3:4a:9c:cf:92:cf:2e:61:f2:a2:ae:6c:8d:67:25:3a:fa:
66:95:05:f8:d8:32:f8:47:53:e6:4a:75:1c:f5:a4:ea:60:9c:
21:97:01:e6:60:2b:6f:8e:06:0d:78:93:1f:3b:5b:1a:da:df:
93:0a:71:be:e9:7d:fd:28:89:09:0a:6f:7f:91:ac:2b:dc:8c:
8c:56:2b:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXU3vaLE9Mh0yR8lO3urEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0Zjg4NTIyMGYxNzE5ZjU4MzdjYjVhMzZmYTYyZjNmNTM3
ZThlM2YwHhcNMjMwMTAxMTcyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjJlZmU4Y2ExMGEwNmQwYmFmMGQzZjQ4N2M4ZDBmODc3Mjk5YzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNTlVJlAnkRhb3s/9y/D6kumZlvG
VNX2NvH4FULh0yxRnPbpDxgPTSRIsqsUS0pHQhMupphOVZ5HgcR+4ORXRF+Jgi6o
QEzLW27EBqT9CT5h3smNtqH8IkPFdUw7b5ubd1lXynQDMQTsPNSfEsArfsJKBlDW
lVRzu0xSJAsrLy6/dYEwnplg3+bjOLRpcnv7Ebq9lQ/bKA+8Mj5Z0uCdo95/7Y7U
1XbC6pJoAxTzxbijfk6u2gAFmhrAKnas8lnD06hc9va6teqC0BhL/9wXZp134Nwg
xtedenbmxmujLDQR0Knq8doN27WUQuKbWb7m98/3X4suhjeTihGJkvq7TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKIu/oyhCgbQuvDT9IfI0Ph3KZw6MB8GA1UdIwQY
MBaAFET4hSIPFxn1g3y1o2+mLz9Tfo4/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBpRklnOFhHZldEZkxXamI2WXZQMU4tamo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iYWIxOTQtNWUyNC00ZWFkLThmNDkt
MzdlZDk5MTQzYWFlLzEvb2k3LWpLRUtCdEM2OE5QMGg4alEtSGNwbkRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iYWIxOTQtNWUyNC00ZWFkLThmNDktMzdlZDk5MTQzYWFl
LzEvUlBpRklnOFhHZldEZkxXamI2WXZQMU4tamo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzYkMA0G
CSqGSIb3DQEBCwUAA4IBAQBjefxbJv994xWEVLtkPwMPb0Rtzj3EX7Se+Zrfbrcs
vdwBIjaDlk61qV87JXIdxijWPoZt657PDN0gL8Nezwz4v6dE96StqshkHyPBBN78
3hiH34bHrxjP2rnoxIbBxUU2omcJYn5c+J9Wc8q7AXnGrUX83+Zgn4GDqti2fXEB
s+nrjjOeSdki8PicC/kZL4rmqqglW+N3qbd/uLv2BzXC5bxOx1eylRiKcTevFvcl
Ne7Z3VNws0qcz5LPLmHyoq5sjWclOvpmlQX42DL4R1PmSnUc9aTqYJwhlwHmYCtv
jgYNeJMfO1sa2t+TCnG+6X39KIkJCm9/kawr3IyMVitl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:58 2025 by rpki-client