Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/82cb3e-8199-4917-a176-e50e1e9bb4b3/1/t4WZncUGuKYgICyEx0Y48faHU_A.roa
File: t4WZncUGuKYgICyEx0Y48faHU_A.roa (raw, json)
Hash identifier: QYtwZrP+Z6+NffJ02W9TUo1EIDJwuMiBCER6k/GQGL0=
Subject key identifier: B7:85:99:9D:C5:06:B8:A6:20:20:2C:84:C7:46:38:F1:F6:87:53:F0
Certificate issuer: /CN=8e622a34c55e39b8fa15a37ba9e370eaafd99774
Certificate serial: 01857203126A8DB211043BE79F115CBC2307
Authority key identifier: 8E:62:2A:34:C5:5E:39:B8:FA:15:A3:7B:A9:E3:70:EA:AF:D9:97:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmIqNMVeObj6FaN7qeNw6q_Zl3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/82cb3e-8199-4917-a176-e50e1e9bb4b3/1/t4WZncUGuKYgICyEx0Y48faHU_A.roa
Signing time: Mon 02 Jan 2023 10:24:41 +0000
ROA not before: Mon 02 Jan 2023 10:24:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198395
IP address blocks: 195.60.169.0/24 maxlen: 24
195.60.168.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:03:12:6a:8d:b2:11:04:3b:e7:9f:11:5c:bc:23:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e622a34c55e39b8fa15a37ba9e370eaafd99774
Validity
Not Before: Jan 2 10:24:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b785999dc506b8a620202c84c74638f1f68753f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f4:b7:10:22:25:db:e1:70:0d:51:27:5f:77:
55:f0:35:b7:f1:fe:c0:73:37:53:b9:9c:43:44:3b:
6f:46:85:f9:6a:98:d2:e7:3f:c4:12:8b:52:f7:73:
ef:cf:b2:28:f8:b2:b5:62:14:27:ee:e4:e9:eb:83:
80:e5:5d:5a:55:27:e7:26:42:89:47:66:ad:bb:ea:
85:83:75:7b:09:c1:cd:91:3e:ca:21:e7:0e:2a:44:
fd:68:53:52:f1:cd:d4:73:6a:68:e8:2d:37:80:d9:
bd:b7:96:f0:9e:00:cd:18:0a:0e:e3:b9:02:d9:e2:
fd:d1:48:f4:5c:3f:80:42:53:a8:7f:6f:c5:61:25:
bc:1d:54:5e:9f:7f:52:85:82:24:bc:4a:37:b0:ba:
c3:dc:ec:ab:4d:ba:57:44:10:64:70:76:7c:fb:35:
3e:9a:2d:e2:29:30:0b:2f:71:20:ab:c0:f1:27:32:
c5:d7:44:80:6e:53:b3:c2:ad:17:35:4d:09:ac:c7:
4e:cd:6e:09:eb:41:5f:ff:cf:47:2a:6a:63:53:c2:
c1:c6:f0:a1:b3:15:05:3a:26:6b:d3:b8:03:ae:a0:
b6:7c:ae:fd:42:8f:8e:91:f7:ec:57:ca:8d:f5:97:
21:87:3a:cc:f4:f3:f8:1f:8f:28:3d:c2:4f:5b:e1:
f7:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:85:99:9D:C5:06:B8:A6:20:20:2C:84:C7:46:38:F1:F6:87:53:F0
X509v3 Authority Key Identifier:
keyid:8E:62:2A:34:C5:5E:39:B8:FA:15:A3:7B:A9:E3:70:EA:AF:D9:97:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmIqNMVeObj6FaN7qeNw6q_Zl3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/82cb3e-8199-4917-a176-e50e1e9bb4b3/1/t4WZncUGuKYgICyEx0Y48faHU_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/82cb3e-8199-4917-a176-e50e1e9bb4b3/1/jmIqNMVeObj6FaN7qeNw6q_Zl3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.168.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:1d:bb:4f:95:fb:02:93:fd:0d:8a:88:b2:55:ef:65:69:ae:
7c:ba:fc:9a:d2:d1:48:90:df:f2:23:bc:a1:92:b3:4e:38:21:
b9:a0:78:7f:bb:e6:20:ca:16:17:79:cf:79:f8:8e:60:df:c8:
61:38:a0:49:db:ea:c9:9e:9b:35:2c:bd:88:6d:01:9b:13:b4:
ce:83:e0:a3:b5:76:96:4c:5c:39:7d:c5:12:17:b1:8f:f4:dd:
c4:76:a6:e9:27:68:b9:9b:f7:27:0e:cf:1c:c3:59:11:54:8c:
bf:0d:b1:fa:bf:2c:d2:2b:ce:78:bb:85:00:fe:8b:68:56:a2:
52:5a:d6:ad:12:f4:0c:eb:54:e6:df:21:5b:7a:14:dd:d8:61:
64:f6:02:b9:dc:45:f7:df:f6:4b:c1:ee:ee:9f:f8:ed:ee:76:
0a:fc:fa:29:3b:d3:0d:7b:52:62:28:b9:19:56:28:7c:52:da:
f9:7e:0b:0a:6b:a3:2d:be:19:27:d3:8f:c1:60:f9:d4:f1:6d:
ae:bf:d0:45:49:3a:6f:59:dc:67:b0:cc:cc:08:89:a5:12:a0:
2e:ea:02:d6:26:cc:ad:14:48:a6:1f:72:d6:bb:a4:06:e4:da:
eb:b7:88:5c:19:fd:f7:ad:5a:c7:4f:dd:ec:34:3e:fa:1b:96:
bb:69:fb:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyAxJqjbIRBDvnnxFcvCMHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjIyYTM0YzU1ZTM5YjhmYTE1YTM3YmE5ZTM3MGVhYWZk
OTk3NzQwHhcNMjMwMTAyMTAyNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzg1OTk5ZGM1MDZiOGE2MjAyMDJjODRjNzQ2MzhmMWY2ODc1M2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/S3ECIl2+FwDVEnX3dV8DW38f7A
czdTuZxDRDtvRoX5apjS5z/EEotS93Pvz7Io+LK1YhQn7uTp64OA5V1aVSfnJkKJ
R2atu+qFg3V7CcHNkT7KIecOKkT9aFNS8c3Uc2po6C03gNm9t5bwngDNGAoO47kC
2eL90Uj0XD+AQlOof2/FYSW8HVRen39ShYIkvEo3sLrD3OyrTbpXRBBkcHZ8+zU+
mi3iKTALL3Egq8DxJzLF10SAblOzwq0XNU0JrMdOzW4J60Ff/89HKmpjU8LBxvCh
sxUFOiZr07gDrqC2fK79Qo+OkffsV8qN9ZchhzrM9PP4H48oPcJPW+H3GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLeFmZ3FBrimICAshMdGOPH2h1PwMB8GA1UdIwQY
MBaAFI5iKjTFXjm4+hWje6njcOqv2Zd0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1JcU5NVmVPYmo2RmFON3FlTnc2cV9abDNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84MmNiM2UtODE5OS00OTE3LWExNzYt
ZTUwZTFlOWJiNGIzLzEvdDRXWm5jVUd1S1lnSUN5RXgwWTQ4ZmFIVV9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84MmNiM2UtODE5OS00OTE3LWExNzYtZTUwZTFlOWJiNGIz
LzEvam1JcU5NVmVPYmo2RmFON3FlTnc2cV9abDNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzyoMA0G
CSqGSIb3DQEBCwUAA4IBAQB+HbtPlfsCk/0NioiyVe9laa58uvya0tFIkN/yI7yh
krNOOCG5oHh/u+YgyhYXec95+I5g38hhOKBJ2+rJnps1LL2IbQGbE7TOg+CjtXaW
TFw5fcUSF7GP9N3EdqbpJ2i5m/cnDs8cw1kRVIy/DbH6vyzSK854u4UA/otoVqJS
WtatEvQM61Tm3yFbehTd2GFk9gK53EX33/ZLwe7un/jt7nYK/PopO9MNe1JiKLkZ
Vih8Utr5fgsKa6Mtvhkn04/BYPnU8W2uv9BFSTpvWdxnsMzMCImlEqAu6gLWJsyt
FEimH3LWu6QG5Nrrt4hcGf33rVrHT93sND76G5a7aftk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:36 2025 by rpki-client