Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/40ycdyfBIeZkPLK5Vi9qkplAXXw.roa
File: 40ycdyfBIeZkPLK5Vi9qkplAXXw.roa (raw, json)
Hash identifier: uHSMWPJTFBccT3RGMTGyZ1tAlMEmCjyUI/N1seU2wR0=
Subject key identifier: E3:4C:9C:77:27:C1:21:E6:64:3C:B2:B9:56:2F:6A:92:99:40:5D:7C
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018506C330E0D27E56B2B36FB764B5A7F0E1
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/40ycdyfBIeZkPLK5Vi9qkplAXXw.roa
Signing time: Mon 12 Dec 2022 14:35:33 +0000
ROA not before: Mon 12 Dec 2022 14:35:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43073
IP address blocks: 195.136.104.0/24 maxlen: 24
195.136.104.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:c3:30:e0:d2:7e:56:b2:b3:6f:b7:64:b5:a7:f0:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Dec 12 14:35:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e34c9c7727c121e6643cb2b9562f6a9299405d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9e:96:8b:94:f8:1b:18:32:37:47:76:c3:a2:
ca:8d:f6:2f:74:28:ba:23:12:d4:95:49:ab:1c:a1:
71:a5:64:ce:dc:fa:73:f2:8d:45:f7:d6:14:a2:db:
a5:36:09:92:17:4e:c2:c0:61:09:47:fe:cb:ed:d3:
50:ab:da:20:3d:f6:51:51:c5:b1:4c:20:49:71:e1:
b1:f2:a7:ec:00:9e:40:24:3e:2a:a9:41:08:4b:8a:
05:8b:2d:c0:80:05:5b:46:02:26:3c:21:53:ee:3e:
22:f7:cb:c5:d7:dc:df:2c:61:33:3a:c1:bf:bd:61:
08:a1:9f:15:e9:91:cb:79:b4:81:51:b0:b6:1d:5f:
fe:fa:d0:67:8a:82:d7:f6:47:60:0a:72:eb:12:ce:
44:5e:54:c4:af:13:45:15:5b:af:56:9a:32:98:9f:
1f:41:bb:36:dd:6a:00:07:da:af:dd:e1:f9:71:0a:
30:fc:c7:c6:63:da:f2:c2:14:ed:a2:51:6b:af:fe:
e6:b8:8d:c8:87:bb:34:29:32:52:b2:55:0c:f0:b2:
f2:a9:10:d8:61:b2:5e:2c:6d:8f:5c:33:39:61:63:
68:3a:ef:f3:7c:d6:c2:73:45:27:3c:25:1c:ca:dd:
6b:93:65:06:ef:5b:75:51:ad:c5:6b:46:2a:f6:4e:
18:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:4C:9C:77:27:C1:21:E6:64:3C:B2:B9:56:2F:6A:92:99:40:5D:7C
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/40ycdyfBIeZkPLK5Vi9qkplAXXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.136.104.0/22
Signature Algorithm: sha256WithRSAEncryption
be:79:e7:e6:78:4e:96:8d:b5:52:20:68:39:f2:27:98:2e:68:
c4:55:d5:d6:2a:0d:35:4b:ce:47:3b:94:e6:ca:14:05:92:3c:
80:9e:23:13:1b:0c:7e:70:54:20:4e:04:e8:27:9d:a1:59:a5:
0a:d9:28:17:be:75:69:4b:63:ec:85:6e:5a:a1:ca:45:b4:26:
6f:cd:c8:b9:43:15:af:50:32:1a:bf:fd:f2:e4:72:cc:bc:f0:
1f:ef:1b:d9:f4:29:79:da:ff:4d:4d:ed:ad:71:38:e3:90:35:
f8:d4:73:59:e7:e0:dc:38:00:cd:f1:c0:d3:2d:93:d5:52:73:
8b:cd:6a:dc:37:1c:3f:11:94:0c:bf:35:8a:f2:9e:f2:51:37:
82:f0:08:da:1e:d3:71:7e:48:2d:e1:74:09:a2:4c:2b:bc:f3:
b3:50:0e:e4:1a:e1:6e:df:99:20:c0:ea:34:6c:5b:61:58:d4:
f5:93:bb:b0:69:ba:99:15:e5:7f:33:2c:a8:8b:83:12:6f:49:
7c:be:fd:d9:8b:cb:04:f5:8e:3b:03:41:6c:7f:ab:f9:40:64:
7f:16:fd:51:46:2f:ae:7b:46:80:62:b8:95:8e:b9:df:79:4a:
54:4b:3c:1c:d1:07:d7:ad:b4:15:17:e1:87:67:7b:61:10:fa:
d4:44:80:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUGwzDg0n5WsrNvt2S1p/DhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjIxMjEyMTQzNTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzRjOWM3NzI3YzEyMWU2NjQzY2IyYjk1NjJmNmE5Mjk5NDA1ZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvp6Wi5T4GxgyN0d2w6LKjfYvdCi6
IxLUlUmrHKFxpWTO3Ppz8o1F99YUotulNgmSF07CwGEJR/7L7dNQq9ogPfZRUcWx
TCBJceGx8qfsAJ5AJD4qqUEIS4oFiy3AgAVbRgImPCFT7j4i98vF19zfLGEzOsG/
vWEIoZ8V6ZHLebSBUbC2HV/++tBnioLX9kdgCnLrEs5EXlTErxNFFVuvVpoymJ8f
Qbs23WoAB9qv3eH5cQow/MfGY9rywhTtolFrr/7muI3Ih7s0KTJSslUM8LLyqRDY
YbJeLG2PXDM5YWNoOu/zfNbCc0UnPCUcyt1rk2UG71t1Ua3Fa0Yq9k4YCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONMnHcnwSHmZDyyuVYvapKZQF18MB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvNDB5Y2R5ZkJJZVprUExLNVZpOXFrcGxBWFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw4hoMA0G
CSqGSIb3DQEBCwUAA4IBAQC+eefmeE6WjbVSIGg58ieYLmjEVdXWKg01S85HO5Tm
yhQFkjyAniMTGwx+cFQgTgToJ52hWaUK2SgXvnVpS2PshW5aocpFtCZvzci5QxWv
UDIav/3y5HLMvPAf7xvZ9Cl52v9NTe2tcTjjkDX41HNZ5+DcOADN8cDTLZPVUnOL
zWrcNxw/EZQMvzWK8p7yUTeC8AjaHtNxfkgt4XQJokwrvPOzUA7kGuFu35kgwOo0
bFthWNT1k7uwabqZFeV/Myyoi4MSb0l8vv3Zi8sE9Y47A0Fsf6v5QGR/Fv1RRi+u
e0aAYriVjrnfeUpUSzwc0QfXrbQVF+GHZ3thEPrURIDz
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:53:55 2025 by rpki-client