Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/rdlWxbDfeDxIHrHQNQD61RzHO9k.roa
File: rdlWxbDfeDxIHrHQNQD61RzHO9k.roa (raw, json)
Hash identifier: ufcrKGTKoumax16wwM2oaNb1ix846dMsrtYQMp+3aRM=
Subject key identifier: AD:D9:56:C5:B0:DF:78:3C:48:1E:B1:D0:35:00:FA:D5:1C:C7:3B:D9
Certificate issuer: /CN=5c57b61611719ec7c8e0012b1aff7e81fc7689bd
Certificate serial: 01856CF84E311822DF201D17C8980D75A68C
Authority key identifier: 5C:57:B6:16:11:71:9E:C7:C8:E0:01:2B:1A:FF:7E:81:FC:76:89:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XFe2FhFxnsfI4AErGv9-gfx2ib0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/rdlWxbDfeDxIHrHQNQD61RzHO9k.roa
Signing time: Sun 01 Jan 2023 10:54:50 +0000
ROA not before: Sun 01 Jan 2023 10:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28984
IP address blocks: 195.47.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:4e:31:18:22:df:20:1d:17:c8:98:0d:75:a6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c57b61611719ec7c8e0012b1aff7e81fc7689bd
Validity
Not Before: Jan 1 10:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=add956c5b0df783c481eb1d03500fad51cc73bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:34:0a:68:de:69:24:0c:fe:cf:74:27:fd:07:
c3:e0:77:a1:ad:c1:4a:26:68:e7:f0:29:19:8c:be:
23:4d:5e:a9:22:35:69:04:78:f5:35:86:3d:be:2c:
7f:81:f6:1e:77:bf:2e:6a:32:50:0a:d1:5f:ea:96:
bd:bf:0d:f9:c6:06:66:53:6b:60:ac:0d:da:da:80:
76:4b:0d:35:a8:b7:bd:26:28:b2:c7:0b:d8:38:20:
00:2f:28:66:aa:b5:27:4d:90:a3:c4:5d:65:d9:9b:
69:f4:c3:bc:e7:97:16:fe:a2:67:f5:43:61:42:dc:
c0:6e:ae:1e:fb:bd:06:58:bf:91:b6:57:ca:37:22:
16:30:68:76:03:c7:c1:87:5d:8f:d9:5e:45:2a:ba:
d5:d5:ee:72:95:b9:01:42:24:c3:cf:e4:a0:a8:64:
a8:c5:30:63:fc:60:36:04:41:aa:aa:9f:48:84:8c:
eb:6e:0c:a2:54:93:c9:d6:6f:18:90:4e:11:e5:62:
db:98:17:0f:40:4c:ba:0c:55:bc:7e:34:6a:8d:45:
c0:27:9e:85:17:df:83:80:6b:24:01:b9:4f:6d:13:
59:9a:9c:d2:b7:b7:af:2d:7e:11:c2:c2:32:62:82:
dc:15:39:90:12:8f:9d:33:dc:ef:6b:3b:dd:b5:bc:
29:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D9:56:C5:B0:DF:78:3C:48:1E:B1:D0:35:00:FA:D5:1C:C7:3B:D9
X509v3 Authority Key Identifier:
keyid:5C:57:B6:16:11:71:9E:C7:C8:E0:01:2B:1A:FF:7E:81:FC:76:89:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XFe2FhFxnsfI4AErGv9-gfx2ib0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/rdlWxbDfeDxIHrHQNQD61RzHO9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/b7fe75-30ee-4a6f-b528-fa3071c435f1/1/XFe2FhFxnsfI4AErGv9-gfx2ib0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.47.224.0/24
Signature Algorithm: sha256WithRSAEncryption
92:e1:63:e6:b6:7b:e4:63:e9:3a:1b:de:44:fc:37:76:fd:b1:
c3:65:ab:59:de:1d:72:6c:42:cb:02:db:6c:cb:39:ed:39:c6:
88:2a:58:c0:72:d6:f9:11:75:59:33:ab:56:49:10:7d:0d:50:
5f:53:32:66:91:fd:37:dc:26:c0:6d:be:55:e4:d9:ea:f1:32:
9b:05:3b:7d:b9:05:eb:47:23:9c:7f:a1:4e:bd:9a:f6:cd:d2:
df:59:8d:5e:77:61:06:95:a7:e6:d7:fb:9c:df:36:da:ef:2e:
d1:49:c6:14:f6:8b:7a:e9:6c:c1:73:d4:2a:b1:53:13:0a:d8:
3f:f9:ae:0d:1b:04:e7:82:0f:91:91:83:81:8b:44:a9:9b:08:
7e:d6:c3:0b:e2:4a:2d:1c:bc:b8:82:be:97:9f:11:5a:5f:a3:
85:7b:a9:4b:ce:12:0f:29:5a:34:84:f2:5c:1b:f9:21:e8:e4:
1b:39:eb:e0:a9:90:39:7c:2a:c0:33:c5:83:22:d0:89:80:86:
78:28:26:36:51:08:56:c4:cb:08:6b:1d:b5:1a:29:85:68:d9:
e2:74:87:34:c6:ac:b2:ec:4e:10:a5:4b:f5:5a:d6:2b:07:7d:
41:fa:72:b7:d3:56:fe:54:8a:35:b9:5e:44:01:04:88:0c:b5:
f1:28:c3:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+E4xGCLfIB0XyJgNdaaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNTdiNjE2MTE3MTllYzdjOGUwMDEyYjFhZmY3ZTgxZmM3
Njg5YmQwHhcNMjMwMTAxMTA1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQ5NTZjNWIwZGY3ODNjNDgxZWIxZDAzNTAwZmFkNTFjYzczYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTQKaN5pJAz+z3Qn/QfD4HehrcFK
Jmjn8CkZjL4jTV6pIjVpBHj1NYY9vix/gfYed78uajJQCtFf6pa9vw35xgZmU2tg
rA3a2oB2Sw01qLe9JiiyxwvYOCAALyhmqrUnTZCjxF1l2Ztp9MO855cW/qJn9UNh
QtzAbq4e+70GWL+RtlfKNyIWMGh2A8fBh12P2V5FKrrV1e5ylbkBQiTDz+SgqGSo
xTBj/GA2BEGqqp9IhIzrbgyiVJPJ1m8YkE4R5WLbmBcPQEy6DFW8fjRqjUXAJ56F
F9+DgGskAblPbRNZmpzSt7evLX4RwsIyYoLcFTmQEo+dM9zvazvdtbwp3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK3ZVsWw33g8SB6x0DUA+tUcxzvZMB8GA1UdIwQY
MBaAFFxXthYRcZ7HyOABKxr/foH8dom9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEZlMkZoRnhuc2ZJNEFFckd2OS1nZngyaWIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9iN2ZlNzUtMzBlZS00YTZmLWI1Mjgt
ZmEzMDcxYzQzNWYxLzEvcmRsV3hiRGZlRHhJSHJIUU5RRDYxUnpITzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9iN2ZlNzUtMzBlZS00YTZmLWI1MjgtZmEzMDcxYzQzNWYx
LzEvWEZlMkZoRnhuc2ZJNEFFckd2OS1nZngyaWIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwy/gMA0G
CSqGSIb3DQEBCwUAA4IBAQCS4WPmtnvkY+k6G95E/Dd2/bHDZatZ3h1ybELLAtts
yzntOcaIKljActb5EXVZM6tWSRB9DVBfUzJmkf033CbAbb5V5Nnq8TKbBTt9uQXr
RyOcf6FOvZr2zdLfWY1ed2EGlafm1/uc3zba7y7RScYU9ot66WzBc9QqsVMTCtg/
+a4NGwTngg+RkYOBi0Spmwh+1sML4kotHLy4gr6XnxFaX6OFe6lLzhIPKVo0hPJc
G/kh6OQbOevgqZA5fCrAM8WDItCJgIZ4KCY2UQhWxMsIax21GimFaNnidIc0xqyy
7E4QpUv1WtYrB31B+nK301b+VIo1uV5EAQSIDLXxKMPF
-----END CERTIFICATE-----
Generated at Sat Apr 12 23:45:03 2025 by rpki-client