Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/St0QqzZ3NgIk1OhpfevlItpiI10.roa
File: St0QqzZ3NgIk1OhpfevlItpiI10.roa (raw, json)
Hash identifier: wNveb1eVB2TQPkWq+0WfSmnrBiNdAsIghnYyMkGkI1c=
Subject key identifier: 4A:DD:10:AB:36:77:36:02:24:D4:E8:69:7D:EB:E5:22:DA:62:23:5D
Certificate issuer: /CN=5c57b61611719ec7c8e0012b1aff7e81fc7689bd
Certificate serial: 0154412F
Authority key identifier: 5C:57:B6:16:11:71:9E:C7:C8:E0:01:2B:1A:FF:7E:81:FC:76:89:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XFe2FhFxnsfI4AErGv9-gfx2ib0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/St0QqzZ3NgIk1OhpfevlItpiI10.roa
Signing time: Sat 01 Jan 2022 05:53:02 +0000
ROA not before: Sat 01 Jan 2022 05:53:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28984
IP address blocks: 195.47.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22298927 (0x154412f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c57b61611719ec7c8e0012b1aff7e81fc7689bd
Validity
Not Before: Jan 1 05:53:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4add10ab3677360224d4e8697debe522da62235d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b9:98:c7:85:84:41:98:fe:a7:92:21:a3:68:
e0:88:31:34:ee:be:a3:07:90:20:1f:f3:e8:d1:00:
3d:50:78:64:94:4a:63:d3:13:f5:17:13:17:07:02:
56:b1:c9:10:5f:53:ae:84:d3:9b:c9:13:a1:59:ba:
b9:92:2a:ef:fc:19:af:23:76:18:ea:bf:2e:87:81:
55:81:1f:da:f6:a9:c4:19:27:8d:e2:55:04:b8:59:
14:4c:c5:9d:f6:c7:5b:6c:97:ad:a8:41:58:52:31:
06:6c:85:2e:3d:f0:96:18:ca:08:fc:1f:27:57:18:
04:79:90:f8:fd:17:44:42:ed:67:9b:09:5e:4b:1c:
5f:c6:c9:35:8f:2b:b2:5b:e3:94:62:81:b9:c7:c2:
e9:f9:b9:c0:dd:49:85:a7:76:07:74:5c:38:4f:8f:
0c:e6:e2:5d:67:92:6a:f4:50:9f:9c:55:ac:35:f2:
32:26:84:c5:b2:5d:f5:6d:63:b9:ff:af:c4:51:a0:
c9:ed:d7:68:3d:48:3c:43:01:8f:12:af:79:35:c1:
95:19:72:68:ed:18:9f:0d:95:64:f8:4f:ea:8c:c2:
fe:58:0b:30:ba:2b:7a:16:63:53:9a:2f:d9:50:bd:
2d:f9:3c:79:ef:0f:2c:d4:f6:86:af:4f:0c:6a:86:
69:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:DD:10:AB:36:77:36:02:24:D4:E8:69:7D:EB:E5:22:DA:62:23:5D
X509v3 Authority Key Identifier:
keyid:5C:57:B6:16:11:71:9E:C7:C8:E0:01:2B:1A:FF:7E:81:FC:76:89:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XFe2FhFxnsfI4AErGv9-gfx2ib0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/St0QqzZ3NgIk1OhpfevlItpiI10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/XFe2FhFxnsfI4AErGv9-gfx2ib0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.47.224.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:11:bb:7e:f0:34:35:fa:23:8c:bc:f3:c9:a0:5e:48:73:84:
ec:60:78:29:dc:8f:48:62:50:59:5d:4a:be:79:a6:54:9d:33:
21:c4:46:9a:5e:a7:45:4f:36:6c:b3:b5:6c:5c:ee:70:52:99:
62:35:40:f9:95:22:e5:64:ca:ea:fb:08:ca:d1:87:e7:07:ad:
90:81:3c:93:5e:4a:2f:03:02:0f:f9:5b:8c:61:28:08:6a:7c:
33:97:02:78:b5:98:c9:22:3a:f6:51:a5:73:bb:5b:c9:dc:24:
87:16:ea:38:d4:af:b9:22:e2:ae:89:67:17:14:a0:05:07:c3:
5d:e4:c3:a0:ed:0f:d8:12:f2:40:8b:44:70:5b:49:50:a9:72:
bb:35:13:71:c8:4c:b5:d5:4a:b9:b9:81:8e:28:30:ad:9f:31:
2d:67:29:ea:2e:87:21:e7:34:93:d1:65:54:78:c1:a0:78:ff:
cf:4a:6d:63:00:33:db:2d:3a:bd:d2:2e:95:2f:db:0e:91:cc:
7a:cc:d1:5c:fc:37:f5:4f:2a:1e:21:fd:34:e0:2a:91:ba:67:
ac:27:c6:c0:40:aa:6a:09:f4:1e:e8:61:b2:5a:4c:a1:82:79:
08:f8:9f:44:8a:be:62:98:65:8c:e4:0d:c9:f8:ff:33:f1:9e:
40:af:d2:9c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAVRBLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YzU3YjYxNjExNzE5ZWM3YzhlMDAxMmIxYWZmN2U4MWZjNzY4OWJkMB4XDTIyMDEw
MTA1NTMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGFkZDEwYWIzNjc3
MzYwMjI0ZDRlODY5N2RlYmU1MjJkYTYyMjM1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMC5mMeFhEGY/qeSIaNo4IgxNO6+oweQIB/z6NEAPVB4ZJRK
Y9MT9RcTFwcCVrHJEF9TroTTm8kToVm6uZIq7/wZryN2GOq/LoeBVYEf2vapxBkn
jeJVBLhZFEzFnfbHW2yXrahBWFIxBmyFLj3wlhjKCPwfJ1cYBHmQ+P0XRELtZ5sJ
XkscX8bJNY8rslvjlGKBucfC6fm5wN1Jhad2B3RcOE+PDObiXWeSavRQn5xVrDXy
MiaExbJd9W1juf+vxFGgye3XaD1IPEMBjxKveTXBlRlyaO0Ynw2VZPhP6ozC/lgL
MLorehZjU5ov2VC9Lfk8ee8PLNT2hq9PDGqGabsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRK3RCrNnc2AiTU6Gl96+Ui2mIjXTAfBgNVHSMEGDAWgBRcV7YWEXGex8jg
ASsa/36B/HaJvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hGZTJGaEZ4bnNmSTRBRXJHdjktZ2Z4MmliMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvYjdmZTc1LTMwZWUtNGE2Zi1iNTI4LWZhMzA3MWM0MzVmMS8x
L1N0MFFxelozTmdJazFPaHBmZXZsSXRwaUkxMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
YjdmZTc1LTMwZWUtNGE2Zi1iNTI4LWZhMzA3MWM0MzVmMS8xL1hGZTJGaEZ4bnNm
STRBRXJHdjktZ2Z4MmliMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMv4DANBgkqhkiG9w0BAQsFAAOC
AQEAWhG7fvA0NfojjLzzyaBeSHOE7GB4KdyPSGJQWV1KvnmmVJ0zIcRGml6nRU82
bLO1bFzucFKZYjVA+ZUi5WTK6vsIytGH5wetkIE8k15KLwMCD/lbjGEoCGp8M5cC
eLWYySI69lGlc7tbydwkhxbqONSvuSLirolnFxSgBQfDXeTDoO0P2BLyQItEcFtJ
UKlyuzUTcchMtdVKubmBjigwrZ8xLWcp6i6HIec0k9FlVHjBoHj/z0ptYwAz2y06
vdIulS/bDpHMeszRXPw39U8qHiH9NOAqkbpnrCfGwECqagn0HuhhslpMoYJ5CPif
RIq+YphljOQNyfj/M/GeQK/SnA==
-----END CERTIFICATE-----
Generated at Sat Apr 12 23:45:02 2025 by rpki-client