Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/419b5d-14aa-4e36-9df7-7526c9f05cd8/1/Im5wtOIQ48yGitXctkITHuZW_jw.roa
File: Im5wtOIQ48yGitXctkITHuZW_jw.roa (raw, json)
Hash identifier: vxc+N/X7v7rb3fhU7bOIRYCRDWH8sgOivppAB7G6aFc=
Subject key identifier: 22:6E:70:B4:E2:10:E3:CC:86:8A:D5:DC:B6:42:13:1E:E6:56:FE:3C
Certificate issuer: /CN=3d8500bcde496899c5d1fa924de4e7827d9916ce
Certificate serial: 01856ECB5B14660C15694954B08F6D4C0457
Authority key identifier: 3D:85:00:BC:DE:49:68:99:C5:D1:FA:92:4D:E4:E7:82:7D:99:16:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYUAvN5JaJnF0fqSTeTngn2ZFs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/419b5d-14aa-4e36-9df7-7526c9f05cd8/1/Im5wtOIQ48yGitXctkITHuZW_jw.roa
Signing time: Sun 01 Jan 2023 19:24:58 +0000
ROA not before: Sun 01 Jan 2023 19:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25241
IP address blocks: 195.234.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:5b:14:66:0c:15:69:49:54:b0:8f:6d:4c:04:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8500bcde496899c5d1fa924de4e7827d9916ce
Validity
Not Before: Jan 1 19:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=226e70b4e210e3cc868ad5dcb642131ee656fe3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:cc:90:58:71:e8:c2:b6:27:93:7e:bf:02:
80:7a:b6:2c:44:2e:d5:fd:37:64:61:ee:3c:08:63:
6a:1c:24:59:b0:6c:99:56:f0:28:0a:34:bc:cd:40:
6c:cc:ea:96:c0:f9:eb:e4:32:e8:d8:3a:b1:1a:02:
60:96:dd:98:f2:43:d3:bc:3c:6b:07:40:64:37:67:
db:5f:b6:69:dd:9f:0c:25:5e:c4:e0:0b:7c:3e:21:
5b:7b:19:8d:fe:c4:3d:d1:40:75:5f:39:a0:53:c8:
02:f8:0c:3a:a3:e6:65:6d:2e:4b:1b:ae:40:df:dc:
a1:fc:4b:62:fa:62:46:8e:94:34:b8:42:5f:ee:f1:
c9:69:31:d4:d3:80:57:5f:6c:69:45:a5:50:eb:56:
ce:63:bc:d5:7e:c4:91:2b:d8:cd:d7:64:4d:d0:30:
cd:58:05:ed:69:50:fc:84:18:56:ec:25:82:75:4f:
9f:98:8b:21:71:65:39:99:33:d9:b1:6b:8a:17:6e:
f9:9e:aa:78:8d:3e:0e:fa:7e:55:29:b7:40:c1:b3:
17:cb:4d:19:cb:58:b2:b0:d0:fb:4e:11:36:1b:eb:
cc:b8:5d:72:5e:1e:75:23:62:46:28:89:a9:63:e0:
fe:9a:0c:87:6e:21:89:53:35:9b:7f:d1:60:ea:3d:
a7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6E:70:B4:E2:10:E3:CC:86:8A:D5:DC:B6:42:13:1E:E6:56:FE:3C
X509v3 Authority Key Identifier:
keyid:3D:85:00:BC:DE:49:68:99:C5:D1:FA:92:4D:E4:E7:82:7D:99:16:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYUAvN5JaJnF0fqSTeTngn2ZFs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/419b5d-14aa-4e36-9df7-7526c9f05cd8/1/Im5wtOIQ48yGitXctkITHuZW_jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/419b5d-14aa-4e36-9df7-7526c9f05cd8/1/PYUAvN5JaJnF0fqSTeTngn2ZFs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.144.0/24
Signature Algorithm: sha256WithRSAEncryption
13:f3:e5:0b:25:3b:62:db:24:a5:83:dd:b4:38:77:d7:19:02:
f1:7a:cf:0d:d8:4f:1e:e4:45:ef:f7:c1:9f:ca:73:a3:9f:b6:
64:7e:0f:1f:01:d5:2d:b9:49:07:74:4a:92:89:26:fb:c3:56:
4f:eb:45:dd:20:62:b2:a6:d8:34:95:87:22:59:c0:d3:b1:f6:
db:3f:3e:ef:64:b1:b2:f6:c9:1b:26:75:08:eb:03:0e:83:3c:
51:6a:87:0a:27:ce:94:a5:7c:87:fb:bf:1f:60:e2:73:dc:90:
fe:aa:70:e8:70:02:bd:62:95:e0:43:d1:8d:29:7c:2f:6b:a2:
dd:f6:75:98:32:42:ad:fb:50:d1:55:f3:2a:e6:13:98:70:1c:
b9:9e:66:88:2e:1f:a2:6d:17:74:b0:11:51:ef:96:e7:3c:8e:
b5:f1:5a:72:38:94:10:72:5e:70:d4:fc:15:08:a0:ba:69:6e:
b4:88:41:12:a9:e1:38:e4:46:90:0f:58:3f:be:28:f3:ab:48:
16:b2:ca:d0:7a:ec:61:64:0a:ee:f8:c2:d8:50:7c:cc:c4:8f:
ae:38:46:4e:31:02:6e:8c:f3:4d:ec:b5:1b:81:d4:72:29:38:
73:d4:c9:4c:86:a6:46:9d:a3:9a:5f:69:fc:e0:1a:ae:d3:62:
54:3b:85:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuy1sUZgwVaUlUsI9tTARXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkODUwMGJjZGU0OTY4OTljNWQxZmE5MjRkZTRlNzgyN2Q5
OTE2Y2UwHhcNMjMwMTAxMTkyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjZlNzBiNGUyMTBlM2NjODY4YWQ1ZGNiNjQyMTMxZWU2NTZmZTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruXMkFhx6MK2J5N+vwKAerYsRC7V
/TdkYe48CGNqHCRZsGyZVvAoCjS8zUBszOqWwPnr5DLo2DqxGgJglt2Y8kPTvDxr
B0BkN2fbX7Zp3Z8MJV7E4At8PiFbexmN/sQ90UB1XzmgU8gC+Aw6o+ZlbS5LG65A
39yh/Eti+mJGjpQ0uEJf7vHJaTHU04BXX2xpRaVQ61bOY7zVfsSRK9jN12RN0DDN
WAXtaVD8hBhW7CWCdU+fmIshcWU5mTPZsWuKF275nqp4jT4O+n5VKbdAwbMXy00Z
y1iysND7ThE2G+vMuF1yXh51I2JGKImpY+D+mgyHbiGJUzWbf9Fg6j2nkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJucLTiEOPMhorV3LZCEx7mVv48MB8GA1UdIwQY
MBaAFD2FALzeSWiZxdH6kk3k54J9mRbOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFlVQXZONUphSm5GMGZxU1RlVG5nbjJaRnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80MTliNWQtMTRhYS00ZTM2LTlkZjct
NzUyNmM5ZjA1Y2Q4LzEvSW01d3RPSVE0OHlHaXRYY3RrSVRIdVpXX2p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80MTliNWQtMTRhYS00ZTM2LTlkZjctNzUyNmM5ZjA1Y2Q4
LzEvUFlVQXZONUphSm5GMGZxU1RlVG5nbjJaRnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qQMA0G
CSqGSIb3DQEBCwUAA4IBAQAT8+ULJTti2ySlg920OHfXGQLxes8N2E8e5EXv98Gf
ynOjn7Zkfg8fAdUtuUkHdEqSiSb7w1ZP60XdIGKyptg0lYciWcDTsfbbPz7vZLGy
9skbJnUI6wMOgzxRaocKJ86UpXyH+78fYOJz3JD+qnDocAK9YpXgQ9GNKXwva6Ld
9nWYMkKt+1DRVfMq5hOYcBy5nmaILh+ibRd0sBFR75bnPI618VpyOJQQcl5w1PwV
CKC6aW60iEESqeE45EaQD1g/vijzq0gWssrQeuxhZAru+MLYUHzMxI+uOEZOMQJu
jPNN7LUbgdRyKThz1MlMhqZGnaOaX2n84Bqu02JUO4W1
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:33:32 2025 by rpki-client