Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/6c0680-7c8d-4dec-b2a8-298b5596976a/1/SeLgNACzf0cqtR8dBKsXu_NfkhI.roa
File: SeLgNACzf0cqtR8dBKsXu_NfkhI.roa (raw, json)
Hash identifier: VYfaQuOvS8byWuTkQzEzx7IetrXE9B1bMrf9mkoRz90=
Subject key identifier: 49:E2:E0:34:00:B3:7F:47:2A:B5:1F:1D:04:AB:17:BB:F3:5F:92:12
Certificate issuer: /CN=1aeac0f63257b224ec17106e1bcdefd32c24778b
Certificate serial: 0189DF1345454A11CD3C8D7A734C54AD0430
Authority key identifier: 1A:EA:C0:F6:32:57:B2:24:EC:17:10:6E:1B:CD:EF:D3:2C:24:77:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GurA9jJXsiTsFxBuG83v0ywkd4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/6c0680-7c8d-4dec-b2a8-298b5596976a/1/SeLgNACzf0cqtR8dBKsXu_NfkhI.roa
Signing time: Thu 10 Aug 2023 10:52:09 +0000
ROA not before: Thu 10 Aug 2023 10:52:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29037
IP address blocks: 194.126.195.0/24 maxlen: 24
2001:67c:1950::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:13:45:45:4a:11:cd:3c:8d:7a:73:4c:54:ad:04:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aeac0f63257b224ec17106e1bcdefd32c24778b
Validity
Not Before: Aug 10 10:52:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49e2e03400b37f472ab51f1d04ab17bbf35f9212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:df:24:b0:7b:2d:49:09:23:84:6d:2b:8e:aa:
eb:e0:44:27:bf:b0:09:49:92:41:9d:f4:32:81:cf:
05:c2:99:23:2d:00:99:9e:2d:cd:71:f3:bc:d2:8a:
01:80:df:bf:1f:5e:7a:4b:69:ff:1c:8c:71:25:66:
ff:e6:e9:8f:30:a6:0a:e3:98:99:fb:58:71:68:b6:
78:29:90:6d:05:31:76:1b:e3:d5:3a:b5:89:02:43:
32:b6:13:51:fb:a0:3a:a8:03:1d:27:53:91:2b:fd:
cf:b2:35:40:b8:5b:a6:3b:3e:4f:8d:ed:aa:84:e6:
93:5c:a0:38:21:a0:ae:e8:3c:aa:37:00:23:9a:44:
dd:72:a7:bf:49:83:f0:72:2a:fd:af:84:e8:2d:46:
1f:f7:14:cb:5d:ad:8a:7d:c9:7c:a4:7f:5a:71:35:
52:f3:1b:96:05:6f:57:1c:c1:81:be:82:a0:b8:c2:
90:3c:9b:1f:7f:23:a6:03:b4:f3:05:73:8c:2b:1a:
a7:9e:3d:52:d7:0d:a1:27:09:91:07:34:17:ed:93:
13:e6:94:c4:47:ef:eb:0d:cc:40:9c:23:b3:5c:89:
36:d3:71:67:08:db:88:1d:ae:4e:84:4e:c4:c1:1e:
5a:4a:2d:18:36:18:ba:c3:db:ec:4f:20:cd:8c:a9:
d0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E2:E0:34:00:B3:7F:47:2A:B5:1F:1D:04:AB:17:BB:F3:5F:92:12
X509v3 Authority Key Identifier:
keyid:1A:EA:C0:F6:32:57:B2:24:EC:17:10:6E:1B:CD:EF:D3:2C:24:77:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GurA9jJXsiTsFxBuG83v0ywkd4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/6c0680-7c8d-4dec-b2a8-298b5596976a/1/SeLgNACzf0cqtR8dBKsXu_NfkhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/6c0680-7c8d-4dec-b2a8-298b5596976a/1/GurA9jJXsiTsFxBuG83v0ywkd4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.126.195.0/24
IPv6:
2001:67c:1950::/48
Signature Algorithm: sha256WithRSAEncryption
71:3b:a6:6a:b8:69:6e:c0:e9:74:63:85:d7:d8:52:d8:1b:8a:
86:87:f4:31:a5:3c:aa:8b:5b:fd:d4:7e:6a:8e:8b:e5:07:da:
0d:32:a9:f8:19:d0:16:9b:50:0a:1b:b4:38:a6:29:a4:7f:bb:
59:91:1d:ba:dc:fd:9d:53:25:4d:1d:e2:eb:93:4e:2e:c7:71:
80:29:ad:49:1b:97:4a:c8:c0:e2:62:35:2f:56:4e:3d:f6:8f:
0b:eb:f8:e4:bf:4d:17:fe:cf:1b:2b:42:e4:e4:22:2f:01:e4:
4a:af:eb:dc:a8:7e:3c:e1:39:3e:6f:1e:cf:e3:ff:65:1b:ef:
54:c7:45:df:09:4d:a5:66:40:89:2f:af:31:11:ec:60:01:e8:
ce:27:b6:8d:38:b7:76:1f:6a:90:2c:d7:0f:fe:29:39:65:4d:
3d:f1:83:99:d8:bf:58:96:70:d2:01:ab:e7:77:82:35:b7:51:
c8:37:ca:0e:2b:ab:83:cd:d6:02:ff:68:e6:80:39:8c:cd:2d:
05:33:29:44:fe:1e:0f:94:d2:32:b4:1c:58:9b:ce:5c:c9:e2:
b6:8e:84:29:cf:a3:f6:0f:2d:f9:83:bc:08:fe:4d:b3:7a:72:
91:09:17:56:31:78:5b:ad:10:9d:4d:6b:f7:69:80:b0:22:5b:
94:81:90:a4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYnfE0VFShHNPI16c0xUrQQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZWFjMGY2MzI1N2IyMjRlYzE3MTA2ZTFiY2RlZmQzMmMy
NDc3OGIwHhcNMjMwODEwMTA1MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWUyZTAzNDAwYjM3ZjQ3MmFiNTFmMWQwNGFiMTdiYmYzNWY5MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid8ksHstSQkjhG0rjqrr4EQnv7AJ
SZJBnfQygc8FwpkjLQCZni3NcfO80ooBgN+/H156S2n/HIxxJWb/5umPMKYK45iZ
+1hxaLZ4KZBtBTF2G+PVOrWJAkMythNR+6A6qAMdJ1ORK/3PsjVAuFumOz5Pje2q
hOaTXKA4IaCu6DyqNwAjmkTdcqe/SYPwcir9r4ToLUYf9xTLXa2Kfcl8pH9acTVS
8xuWBW9XHMGBvoKguMKQPJsffyOmA7TzBXOMKxqnnj1S1w2hJwmRBzQX7ZMT5pTE
R+/rDcxAnCOzXIk203FnCNuIHa5OhE7EwR5aSi0YNhi6w9vsTyDNjKnQDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEni4DQAs39HKrUfHQSrF7vzX5ISMB8GA1UdIwQY
MBaAFBrqwPYyV7Ik7BcQbhvN79MsJHeLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3VyQTlqSlhzaVRzRnhCdUc4M3YweXdrZDRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni82YzA2ODAtN2M4ZC00ZGVjLWIyYTgt
Mjk4YjU1OTY5NzZhLzEvU2VMZ05BQ3pmMGNxdFI4ZEJLc1h1X05ma2hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni82YzA2ODAtN2M4ZC00ZGVjLWIyYTgtMjk4YjU1OTY5NzZh
LzEvR3VyQTlqSlhzaVRzRnhCdUc4M3YweXdrZDRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwn7DMA8E
AgACMAkDBwAgAQZ8GVAwDQYJKoZIhvcNAQELBQADggEBAHE7pmq4aW7A6XRjhdfY
UtgbioaH9DGlPKqLW/3UfmqOi+UH2g0yqfgZ0BabUAobtDimKaR/u1mRHbrc/Z1T
JU0d4uuTTi7HcYAprUkbl0rIwOJiNS9WTj32jwvr+OS/TRf+zxsrQuTkIi8B5Eqv
69yofjzhOT5vHs/j/2Ub71THRd8JTaVmQIkvrzER7GAB6M4nto04t3YfapAs1w/+
KTllTT3xg5nYv1iWcNIBq+d3gjW3Ucg3yg4rq4PN1gL/aOaAOYzNLQUzKUT+Hg+U
0jK0HFibzlzJ4raOhCnPo/YPLfmDvAj+TbN6cpEJF1YxeFutEJ1Na/dpgLAiW5SB
kKQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:22:27 2025 by rpki-client