Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/5471a8-aedf-4d86-a46d-788c6306bb3f/1/ltpX3Hq47328EVWprIoO2MFl8Yw.roa
File: ltpX3Hq47328EVWprIoO2MFl8Yw.roa (raw, json)
Hash identifier: 2Z9z3tgp37yiKRHYxn76zRMX/CslW7m7wqXPPsl6obo=
Subject key identifier: 96:DA:57:DC:7A:B8:EF:7D:BC:11:55:A9:AC:8A:0E:D8:C1:65:F1:8C
Certificate issuer: /CN=f98dfff7f3cdaa79aa8c51f5ce12b23870644081
Certificate serial: 018BD83433029FF8D8B9D4ADBF1F4150BCB3
Authority key identifier: F9:8D:FF:F7:F3:CD:AA:79:AA:8C:51:F5:CE:12:B2:38:70:64:40:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Y3_9_PNqnmqjFH1zhKyOHBkQIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/5471a8-aedf-4d86-a46d-788c6306bb3f/1/ltpX3Hq47328EVWprIoO2MFl8Yw.roa
Signing time: Thu 16 Nov 2023 12:56:21 +0000
ROA not before: Thu 16 Nov 2023 12:56:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202561
IP address blocks: 195.62.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:34:33:02:9f:f8:d8:b9:d4:ad:bf:1f:41:50:bc:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98dfff7f3cdaa79aa8c51f5ce12b23870644081
Validity
Not Before: Nov 16 12:56:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96da57dc7ab8ef7dbc1155a9ac8a0ed8c165f18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b3:6b:fe:83:ab:ce:50:f1:4c:0d:74:e4:30:
b4:34:b4:67:17:11:25:8d:27:01:30:62:c0:74:f9:
35:f5:d3:97:5e:c4:19:5c:3f:08:b6:ce:55:3c:cf:
f1:5b:9d:61:76:93:dc:f8:7b:06:ab:19:19:4d:e8:
7a:48:f1:04:92:62:1c:68:af:21:da:b4:ad:70:2a:
be:77:7d:48:0e:f6:58:b3:64:90:b8:fe:0d:22:7b:
58:97:5c:4e:64:7d:b1:4f:91:a8:bb:b1:00:2c:34:
b0:52:f0:0c:c9:61:c5:23:f3:32:1b:c9:80:d8:6a:
d0:1f:59:69:7e:38:69:e8:29:a1:9c:ab:e8:c2:05:
47:b3:70:f1:58:f1:d9:4c:e1:e7:51:1e:6b:e6:9d:
39:f2:a0:19:8a:5c:6a:09:c9:1a:79:70:b4:1c:29:
18:b1:b0:9f:dd:31:c4:56:3e:c0:4a:af:e4:10:49:
b3:1d:dd:8b:ba:e3:e7:6a:de:06:ee:9e:b0:f1:42:
a4:d4:c4:dd:45:ea:cb:f8:ac:06:a7:51:1d:b6:0e:
17:4d:c7:6d:d9:92:e9:48:fb:08:d0:1d:ce:be:2a:
be:6e:6a:8d:88:52:b3:c1:de:e8:40:71:57:48:d5:
b5:82:a1:d9:bd:55:6a:98:30:e3:39:2a:e8:82:9f:
ef:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DA:57:DC:7A:B8:EF:7D:BC:11:55:A9:AC:8A:0E:D8:C1:65:F1:8C
X509v3 Authority Key Identifier:
keyid:F9:8D:FF:F7:F3:CD:AA:79:AA:8C:51:F5:CE:12:B2:38:70:64:40:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Y3_9_PNqnmqjFH1zhKyOHBkQIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/5471a8-aedf-4d86-a46d-788c6306bb3f/1/ltpX3Hq47328EVWprIoO2MFl8Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/5471a8-aedf-4d86-a46d-788c6306bb3f/1/1-Y3_9_PNqnmqjFH1zhKyOHBkQIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.62.50.0/24
Signature Algorithm: sha256WithRSAEncryption
34:22:a4:ae:66:3c:f6:3f:f3:c5:a2:2b:5d:32:57:10:11:88:
9d:5d:52:0a:a4:3f:15:39:75:7e:ef:0f:64:ec:40:8c:b3:af:
0d:64:1f:b8:eb:08:24:2c:13:44:19:fc:b9:3c:65:52:66:9b:
33:d8:86:c0:55:b8:99:30:ad:d6:c2:e7:8b:12:eb:eb:6e:e8:
21:be:55:13:0b:86:32:d2:9a:57:c4:1c:af:d6:98:c2:a9:e4:
0d:50:d7:bf:b6:2e:09:81:f8:fe:c9:5e:14:14:7f:c1:94:f6:
6c:42:45:e7:5f:52:94:e8:e4:0b:3a:9d:c6:f4:43:99:4a:37:
de:05:2f:1e:7c:bf:16:d5:fd:ed:da:ff:f5:84:d1:b9:32:45:
0b:42:b2:2b:d3:5a:17:9e:f8:b5:67:fd:9c:81:2d:d0:d7:91:
9c:35:ce:5a:d5:31:a5:87:3f:5b:06:b9:a9:c6:eb:12:82:39:
6f:b4:f5:10:0e:43:3e:66:0c:1b:98:be:93:cd:53:f8:d7:b8:
a3:90:c2:c1:74:dd:db:1e:54:ca:b8:9b:4f:97:ac:89:77:df:
98:ca:99:55:21:53:d5:86:ef:5e:b0:83:69:39:57:5a:99:18:
1e:e2:68:13:b3:19:c8:58:dc:66:08:c3:3d:8e:65:f9:fb:80:
01:63:b5:55
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYvYNDMCn/jYudStvx9BULyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGRmZmY3ZjNjZGFhNzlhYThjNTFmNWNlMTJiMjM4NzA2
NDQwODEwHhcNMjMxMTE2MTI1NjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmRhNTdkYzdhYjhlZjdkYmMxMTU1YTlhYzhhMGVkOGMxNjVmMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrNr/oOrzlDxTA105DC0NLRnFxEl
jScBMGLAdPk19dOXXsQZXD8Its5VPM/xW51hdpPc+HsGqxkZTeh6SPEEkmIcaK8h
2rStcCq+d31IDvZYs2SQuP4NIntYl1xOZH2xT5Gou7EALDSwUvAMyWHFI/MyG8mA
2GrQH1lpfjhp6CmhnKvowgVHs3DxWPHZTOHnUR5r5p058qAZilxqCckaeXC0HCkY
sbCf3THEVj7ASq/kEEmzHd2LuuPnat4G7p6w8UKk1MTdRerL+KwGp1Edtg4XTcdt
2ZLpSPsI0B3Oviq+bmqNiFKzwd7oQHFXSNW1gqHZvVVqmDDjOSrogp/vhwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJbaV9x6uO99vBFVqayKDtjBZfGMMB8GA1UdIwQY
MBaAFPmN//fzzap5qoxR9c4SsjhwZECBMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZM185X1BOcW5tcWpGSDF6aEt5T0hCa1FJRS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgvNTQ3MWE4LWFlZGYtNGQ4Ni1hNDZk
LTc4OGM2MzA2YmIzZi8xL2x0cFgzSHE0NzMyOEVWV3BySW9PMk1GbDhZdy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjgvNTQ3MWE4LWFlZGYtNGQ4Ni1hNDZkLTc4OGM2MzA2YmIz
Zi8xLzEtWTNfOV9QTnFubXFqRkgxemhLeU9IQmtRSUUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADDPjIw
DQYJKoZIhvcNAQELBQADggEBADQipK5mPPY/88WiK10yVxARiJ1dUgqkPxU5dX7v
D2TsQIyzrw1kH7jrCCQsE0QZ/Lk8ZVJmmzPYhsBVuJkwrdbC54sS6+tu6CG+VRML
hjLSmlfEHK/WmMKp5A1Q17+2LgmB+P7JXhQUf8GU9mxCRedfUpTo5As6ncb0Q5lK
N94FLx58vxbV/e3a//WE0bkyRQtCsivTWhee+LVn/ZyBLdDXkZw1zlrVMaWHP1sG
uanG6xKCOW+09RAOQz5mDBuYvpPNU/jXuKOQwsF03dseVMq4m0+XrIl335jKmVUh
U9WG716wg2k5V1qZGB7iaBOzGchY3GYIwz2OZfn7gAFjtVU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:33 2025 by rpki-client