Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/57d565-883b-48a2-a424-273db7d53898/1/TUdBmK1hKT4Agog27ocb4KDE2vI.roa
File: TUdBmK1hKT4Agog27ocb4KDE2vI.roa (raw, json)
Hash identifier: rUrxdH9Rh+Rh3ZtAe6jP0Sk5rMyxgPOCp0ANt1p2OdQ=
Subject key identifier: 4D:47:41:98:AD:61:29:3E:00:82:88:36:EE:87:1B:E0:A0:C4:DA:F2
Certificate issuer: /CN=0bfb7529289f88fb4bb87b39e7bedc9d9f27d5fa
Certificate serial: 01856ED4DAB175406C2F584D9296EBE17C46
Authority key identifier: 0B:FB:75:29:28:9F:88:FB:4B:B8:7B:39:E7:BE:DC:9D:9F:27:D5:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_t1KSifiPtLuHs5577cnZ8n1fo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/57d565-883b-48a2-a424-273db7d53898/1/TUdBmK1hKT4Agog27ocb4KDE2vI.roa
Signing time: Sun 01 Jan 2023 19:35:21 +0000
ROA not before: Sun 01 Jan 2023 19:35:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209727
IP address blocks: 195.128.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:da:b1:75:40:6c:2f:58:4d:92:96:eb:e1:7c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bfb7529289f88fb4bb87b39e7bedc9d9f27d5fa
Validity
Not Before: Jan 1 19:35:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d474198ad61293e00828836ee871be0a0c4daf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a8:19:c3:fb:08:bf:fa:eb:2a:60:69:63:0c:
73:0c:30:70:64:9f:69:df:1e:b1:ff:eb:27:93:54:
8b:a9:5e:66:63:e7:b5:5b:fa:25:84:10:34:6a:7d:
d2:e8:25:dd:55:dd:05:c5:f8:ac:ff:68:81:a2:86:
73:1f:2b:87:6a:26:e8:88:ec:8b:08:ce:9f:90:6b:
fc:a4:93:ae:5b:37:ab:3f:0e:93:97:d7:d6:39:73:
95:04:62:2c:31:98:e2:d0:94:bf:0e:f8:30:c1:ae:
67:10:dd:62:ce:18:45:ef:2a:cc:8e:a9:6c:05:91:
75:64:b0:3f:41:a3:2a:b6:44:61:2c:ae:58:27:b3:
98:a2:71:2e:24:9a:a1:43:ea:85:1b:94:02:a9:fb:
8d:5f:15:7e:4e:e4:48:73:3c:be:00:7d:10:ba:93:
3c:52:50:52:83:d5:3e:40:e7:1c:b5:24:5f:90:3a:
4e:6c:d6:0a:db:3a:2b:bb:c7:8f:19:69:73:3b:05:
5c:43:b2:9f:a0:6c:7d:0a:06:f0:ed:9e:72:c1:a4:
e1:ce:ae:c7:85:8e:0f:d9:0f:5e:d1:e3:9c:99:e8:
fb:10:70:a7:28:54:a4:e3:8c:fb:26:4c:d6:a6:aa:
ba:cf:9b:84:0a:1d:1a:6f:19:68:8f:c0:6b:e7:81:
e8:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:47:41:98:AD:61:29:3E:00:82:88:36:EE:87:1B:E0:A0:C4:DA:F2
X509v3 Authority Key Identifier:
keyid:0B:FB:75:29:28:9F:88:FB:4B:B8:7B:39:E7:BE:DC:9D:9F:27:D5:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_t1KSifiPtLuHs5577cnZ8n1fo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/57d565-883b-48a2-a424-273db7d53898/1/TUdBmK1hKT4Agog27ocb4KDE2vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/57d565-883b-48a2-a424-273db7d53898/1/C_t1KSifiPtLuHs5577cnZ8n1fo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.37.0/24
Signature Algorithm: sha256WithRSAEncryption
43:75:c7:30:b0:1e:2d:ea:a9:e4:38:9f:59:26:95:16:be:9c:
87:95:c0:7b:c8:80:10:e7:2f:ab:8e:cf:09:e4:dd:27:c6:a5:
c2:33:06:ef:55:fe:73:c4:1d:a0:99:79:c3:a9:0b:10:65:44:
5a:03:0a:7d:ee:c2:49:01:a2:32:ce:35:d2:28:d9:6f:99:04:
71:c6:22:3b:b3:e2:33:cf:81:71:90:44:78:87:4f:65:c6:34:
90:53:b8:03:71:a9:6f:d0:bd:40:34:ec:4d:2b:4a:c5:1a:6b:
4a:58:1b:1f:da:76:0a:29:05:99:69:61:c0:ca:35:dd:7e:3f:
4a:e8:9a:24:5b:1f:2f:7d:6c:41:40:31:24:11:e7:45:d4:7c:
42:85:e9:c7:12:61:55:ce:90:6b:5a:a5:cd:43:25:c6:c7:8d:
b6:01:6d:bb:a4:8b:68:40:ec:75:29:eb:9c:63:d6:5a:43:c4:
73:a0:a3:6d:28:5f:7d:7d:1a:9c:02:f2:9a:a2:a5:9e:b3:68:
75:c3:b7:34:64:4d:e6:60:e7:b8:39:d9:0f:b3:71:82:83:58:
ea:2c:87:73:05:44:05:e5:57:20:20:ea:4d:d5:23:42:6b:c7:
27:6d:41:88:4b:76:c6:a7:a1:c4:c2:10:c8:ef:a0:3e:c3:81:
d8:04:79:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVu1NqxdUBsL1hNkpbr4XxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZmI3NTI5Mjg5Zjg4ZmI0YmI4N2IzOWU3YmVkYzlkOWYy
N2Q1ZmEwHhcNMjMwMTAxMTkzNTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDQ3NDE5OGFkNjEyOTNlMDA4Mjg4MzZlZTg3MWJlMGEwYzRkYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKgZw/sIv/rrKmBpYwxzDDBwZJ9p
3x6x/+snk1SLqV5mY+e1W/olhBA0an3S6CXdVd0Fxfis/2iBooZzHyuHaiboiOyL
CM6fkGv8pJOuWzerPw6Tl9fWOXOVBGIsMZji0JS/Dvgwwa5nEN1izhhF7yrMjqls
BZF1ZLA/QaMqtkRhLK5YJ7OYonEuJJqhQ+qFG5QCqfuNXxV+TuRIczy+AH0QupM8
UlBSg9U+QOcctSRfkDpObNYK2zoru8ePGWlzOwVcQ7KfoGx9Cgbw7Z5ywaThzq7H
hY4P2Q9e0eOcmej7EHCnKFSk44z7JkzWpqq6z5uECh0abxloj8Br54HoGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1HQZitYSk+AIKINu6HG+CgxNryMB8GA1UdIwQY
MBaAFAv7dSkon4j7S7h7Oee+3J2fJ9X6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ190MUtTaWZpUHRMdUhzNTU3N2NuWjhuMWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi81N2Q1NjUtODgzYi00OGEyLWE0MjQt
MjczZGI3ZDUzODk4LzEvVFVkQm1LMWhLVDRBZ29nMjdvY2I0S0RFMnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi81N2Q1NjUtODgzYi00OGEyLWE0MjQtMjczZGI3ZDUzODk4
LzEvQ190MUtTaWZpUHRMdUhzNTU3N2NuWjhuMWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4AlMA0G
CSqGSIb3DQEBCwUAA4IBAQBDdccwsB4t6qnkOJ9ZJpUWvpyHlcB7yIAQ5y+rjs8J
5N0nxqXCMwbvVf5zxB2gmXnDqQsQZURaAwp97sJJAaIyzjXSKNlvmQRxxiI7s+Iz
z4FxkER4h09lxjSQU7gDcalv0L1ANOxNK0rFGmtKWBsf2nYKKQWZaWHAyjXdfj9K
6JokWx8vfWxBQDEkEedF1HxChenHEmFVzpBrWqXNQyXGx422AW27pItoQOx1Keuc
Y9ZaQ8RzoKNtKF99fRqcAvKaoqWes2h1w7c0ZE3mYOe4OdkPs3GCg1jqLIdzBUQF
5VcgIOpN1SNCa8cnbUGIS3bGp6HEwhDI76A+w4HYBHni
-----END CERTIFICATE-----
Generated at Wed Mar 12 13:02:31 2025 by rpki-client