Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/2w0UtOBQrrpGHVfbh2mATGKuo1U.roa
File: 2w0UtOBQrrpGHVfbh2mATGKuo1U.roa (raw, json)
Hash identifier: 9uiGfbpK9KOBrspnFzX6Vw9mAJF85NL/mL1z3iSvvxQ=
Subject key identifier: DB:0D:14:B4:E0:50:AE:BA:46:1D:57:DB:87:69:80:4C:62:AE:A3:55
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018570F0A1750F4B28A2CBDF0BF2AF77F0BA
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/2w0UtOBQrrpGHVfbh2mATGKuo1U.roa
Signing time: Mon 02 Jan 2023 05:24:56 +0000
ROA not before: Mon 02 Jan 2023 05:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35787
IP address blocks: 195.136.72.0/23 maxlen: 23
195.136.32.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:f0:a1:75:0f:4b:28:a2:cb:df:0b:f2:af:77:f0:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 2 05:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db0d14b4e050aeba461d57db8769804c62aea355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:07:5c:88:b2:ce:3a:f1:ad:a8:e9:5e:c1:df:
33:6e:5f:d3:b1:2b:32:24:64:88:c8:fa:0a:95:ca:
76:75:8e:5d:e1:2e:72:80:da:ce:e5:16:f5:d5:ab:
d0:07:ae:7c:80:46:3f:2b:a8:df:11:8f:9f:06:8d:
e3:88:8b:84:19:0c:9c:ce:1f:71:df:94:3e:64:46:
09:97:53:8c:02:26:9e:ee:0b:d0:ee:2b:25:23:38:
02:11:15:8a:f1:50:16:88:2f:e8:4a:07:c7:ed:1f:
5f:e5:77:30:fc:d1:3f:10:54:45:15:8a:26:89:4e:
90:57:fc:d9:c9:37:ec:77:b3:3a:48:a5:25:af:ca:
f2:ad:a3:45:db:5e:98:64:b8:60:a5:e5:40:38:8e:
b2:4c:43:b6:b4:87:67:53:80:f9:f9:1e:f9:61:7b:
28:82:cf:cf:6f:07:66:aa:95:1d:b2:71:b9:5b:76:
d0:b7:88:00:0d:d0:d5:ea:31:e9:4c:7c:18:70:03:
91:9b:ea:5d:71:af:ed:51:fd:f2:03:62:61:a6:93:
6f:c6:b6:66:cf:ef:19:eb:48:ed:89:e8:c4:85:29:
40:fd:d3:ac:3b:af:21:a6:bc:04:73:e8:57:57:65:
72:1e:8f:14:ca:4b:f3:c7:ea:d1:6f:24:f6:fd:d7:
1f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:0D:14:B4:E0:50:AE:BA:46:1D:57:DB:87:69:80:4C:62:AE:A3:55
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/2w0UtOBQrrpGHVfbh2mATGKuo1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.32.0/23
195.136.72.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:91:76:36:f2:b0:35:c6:bb:61:ae:b5:75:6d:d2:b4:ff:e6:
20:69:9a:bb:d9:89:9b:55:d2:a1:e4:2e:f0:86:3e:1e:41:f6:
65:e3:75:22:5f:98:3c:d5:2b:11:44:a0:69:df:90:25:dc:5a:
75:b3:ad:a8:c1:fc:af:d8:ef:f4:f6:41:37:47:c6:1a:1e:a1:
0a:eb:96:06:49:c3:c7:e4:78:a3:c3:03:92:da:d0:bb:41:a4:
8f:0b:7e:98:c1:26:f4:76:75:82:2d:bd:00:15:dd:06:62:48:
3a:73:8b:77:56:0d:47:46:cb:f6:ab:9d:78:d0:2a:da:5d:7c:
ba:e0:f8:1d:2d:c1:1e:38:21:2b:45:a4:12:33:bd:0d:2c:50:
9c:6a:c8:f7:31:18:0c:ae:b1:7b:cc:cb:0c:b3:8c:91:85:6d:
94:21:e6:37:c4:13:88:df:80:70:39:c2:40:77:67:6d:42:20:
e7:04:60:8e:22:71:9c:74:0c:e6:62:8d:58:e0:c5:5f:bf:b4:
07:3c:9e:6e:6f:91:e2:35:d7:4e:95:c2:d9:74:a6:e9:2b:f9:
b7:bb:bb:01:62:1d:04:64:c7:36:02:91:b7:c7:4f:06:57:7b:
64:e2:b8:37:1a:1d:9f:2a:f4:8b:ad:24:9d:8f:f0:35:90:90:
18:d1:e3:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw8KF1D0soosvfC/Kvd/C6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMTAyMDUyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjBkMTRiNGUwNTBhZWJhNDYxZDU3ZGI4NzY5ODA0YzYyYWVhMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwdciLLOOvGtqOlewd8zbl/TsSsy
JGSIyPoKlcp2dY5d4S5ygNrO5Rb11avQB658gEY/K6jfEY+fBo3jiIuEGQyczh9x
35Q+ZEYJl1OMAiae7gvQ7islIzgCERWK8VAWiC/oSgfH7R9f5Xcw/NE/EFRFFYom
iU6QV/zZyTfsd7M6SKUlr8ryraNF216YZLhgpeVAOI6yTEO2tIdnU4D5+R75YXso
gs/PbwdmqpUdsnG5W3bQt4gADdDV6jHpTHwYcAORm+pdca/tUf3yA2JhppNvxrZm
z+8Z60jtiejEhSlA/dOsO68hprwEc+hXV2VyHo8Uykvzx+rRbyT2/dcf7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNsNFLTgUK66Rh1X24dpgExirqNVMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvMncwVXRPQlFycnBHSFZmYmgybUFUR0t1bzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw4ggAwQB
w4hIMA0GCSqGSIb3DQEBCwUAA4IBAQBfkXY28rA1xrthrrV1bdK0/+YgaZq72Ymb
VdKh5C7whj4eQfZl43UiX5g81SsRRKBp35Al3Fp1s62owfyv2O/09kE3R8YaHqEK
65YGScPH5HijwwOS2tC7QaSPC36YwSb0dnWCLb0AFd0GYkg6c4t3Vg1HRsv2q514
0CraXXy64PgdLcEeOCErRaQSM70NLFCcasj3MRgMrrF7zMsMs4yRhW2UIeY3xBOI
34BwOcJAd2dtQiDnBGCOInGcdAzmYo1Y4MVfv7QHPJ5ub5HiNddOlcLZdKbpK/m3
u7sBYh0EZMc2ApG3x08GV3tk4rg3Gh2fKvSLrSSdj/A1kJAY0eNQ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:22 2025 by rpki-client