Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1edd25-ff90-40ae-8a20-f76b8353ad68/1/2aja7MMhdC250imk8q8xMOwgWEQ.roa
File: 2aja7MMhdC250imk8q8xMOwgWEQ.roa (raw, json)
Hash identifier: WWfWLmUEBnGMm0/nctFuXeMHXrjDdbPX8Uw4Ke2FNLU=
Subject key identifier: D9:A8:DA:EC:C3:21:74:2D:B9:D2:29:A4:F2:AF:31:30:EC:20:58:44
Certificate issuer: /CN=99962f5ee0278a60cbbcd4169191f71481216ad4
Certificate serial: 0452B025
Authority key identifier: 99:96:2F:5E:E0:27:8A:60:CB:BC:D4:16:91:91:F7:14:81:21:6A:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZYvXuAnimDLvNQWkZH3FIEhatQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1edd25-ff90-40ae-8a20-f76b8353ad68/1/2aja7MMhdC250imk8q8xMOwgWEQ.roa
Signing time: Tue 01 Mar 2022 08:31:03 +0000
ROA not before: Tue 01 Mar 2022 08:31:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6851
IP address blocks: 195.246.226.0/24 maxlen: 24
195.246.226.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72527909 (0x452b025)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99962f5ee0278a60cbbcd4169191f71481216ad4
Validity
Not Before: Mar 1 08:31:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9a8daecc321742db9d229a4f2af3130ec205844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:4e:df:38:86:a8:a3:d2:87:40:02:1e:bf:8f:
11:83:35:32:f5:75:9b:f5:64:f6:25:69:c3:7a:f9:
f9:e8:5a:32:06:b2:e2:d4:ab:52:85:62:5c:20:bd:
af:91:76:3f:f0:4e:19:e0:a1:31:89:27:48:71:3b:
47:10:85:c3:03:fe:48:19:4c:fd:3b:b5:c4:dd:93:
01:b3:28:83:40:57:3c:67:5e:c8:28:cc:93:80:ae:
fc:d8:1e:6e:86:f7:91:a7:da:db:f3:7c:9d:4a:58:
c4:92:87:df:80:87:55:73:b1:87:5d:fd:c7:98:4a:
ac:b5:b1:68:25:cc:f2:5a:0b:a2:1a:32:f4:cd:83:
ce:13:d6:0e:e0:07:be:b5:66:69:07:b9:81:56:13:
07:d5:13:91:97:73:e2:eb:91:d3:b9:16:11:b0:b3:
aa:dc:59:89:7c:bf:49:b2:62:63:37:6b:33:57:4d:
46:34:f3:91:e7:b8:d2:63:f2:39:9b:19:37:da:af:
58:e2:24:03:dd:e5:89:72:eb:b6:7c:e9:7c:6a:fb:
05:c6:b2:86:d5:c8:9a:dd:fe:45:1a:eb:e3:07:61:
8e:90:be:b3:bb:dd:6c:9a:c4:24:fe:58:5a:bd:fb:
60:4b:12:c1:c2:66:08:c7:2e:b2:e5:52:8a:47:34:
d3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A8:DA:EC:C3:21:74:2D:B9:D2:29:A4:F2:AF:31:30:EC:20:58:44
X509v3 Authority Key Identifier:
keyid:99:96:2F:5E:E0:27:8A:60:CB:BC:D4:16:91:91:F7:14:81:21:6A:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZYvXuAnimDLvNQWkZH3FIEhatQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1edd25-ff90-40ae-8a20-f76b8353ad68/1/2aja7MMhdC250imk8q8xMOwgWEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1edd25-ff90-40ae-8a20-f76b8353ad68/1/mZYvXuAnimDLvNQWkZH3FIEhatQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.226.0/23
Signature Algorithm: sha256WithRSAEncryption
81:78:b3:79:87:9a:ed:86:fa:24:76:a5:e5:fe:5e:8d:c4:a3:
b8:2c:af:f4:7f:cc:03:b0:af:68:f3:ec:f2:33:a4:cf:40:2e:
2b:ae:75:44:b9:5e:33:8e:da:5b:24:db:a6:da:bd:b5:ac:6d:
c0:7f:c5:86:72:17:71:33:42:6d:25:ba:1d:49:64:af:93:22:
76:94:5a:9e:4a:43:2f:d5:fa:46:71:48:37:51:7e:95:5b:8c:
e4:5e:b6:54:b8:f3:19:73:1a:89:55:c8:cf:cb:53:c2:44:e4:
bd:d4:18:30:21:b5:79:a7:1e:48:d1:bd:b0:c9:1e:b6:21:04:
76:44:5e:01:2f:b5:12:69:61:c8:8a:86:1f:77:bb:8a:22:cb:
a3:5d:62:58:95:f4:7d:b1:ac:b1:be:16:32:19:ae:7e:f3:2c:
5b:64:1b:55:f0:a6:84:d2:2a:2b:db:ba:ff:8c:7c:6f:ce:6f:
bc:ec:e5:58:f5:bb:10:47:2f:60:13:b6:5c:3d:f1:0b:36:f0:
8a:8e:9b:37:87:cc:ca:fa:69:1c:b1:ff:ee:5e:d4:3a:3c:e2:
d1:fc:bd:aa:69:b5:db:de:b1:4b:bc:3a:8f:5f:95:a2:c7:aa:
20:59:f3:0e:2c:12:11:56:90:98:a4:b1:a3:a0:35:02:10:b7:
c6:8b:3e:9e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBFKwJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OTk2MmY1ZWUwMjc4YTYwY2JiY2Q0MTY5MTkxZjcxNDgxMjE2YWQ0MB4XDTIyMDMw
MTA4MzEwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDlhOGRhZWNjMzIx
NzQyZGI5ZDIyOWE0ZjJhZjMxMzBlYzIwNTg0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPxO3ziGqKPSh0ACHr+PEYM1MvV1m/Vk9iVpw3r5+ehaMgay
4tSrUoViXCC9r5F2P/BOGeChMYknSHE7RxCFwwP+SBlM/Tu1xN2TAbMog0BXPGde
yCjMk4Cu/Ngebob3kafa2/N8nUpYxJKH34CHVXOxh139x5hKrLWxaCXM8loLohoy
9M2DzhPWDuAHvrVmaQe5gVYTB9UTkZdz4uuR07kWEbCzqtxZiXy/SbJiYzdrM1dN
RjTzkee40mPyOZsZN9qvWOIkA93liXLrtnzpfGr7BcayhtXImt3+RRrr4wdhjpC+
s7vdbJrEJP5YWr37YEsSwcJmCMcusuVSikc00wECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZqNrswyF0LbnSKaTyrzEw7CBYRDAfBgNVHSMEGDAWgBSZli9e4CeKYMu8
1BaRkfcUgSFq1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21aWXZYdUFuaW1ETHZOUVdrWkgzRklFaGF0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzQvMWVkZDI1LWZmOTAtNDBhZS04YTIwLWY3NmI4MzUzYWQ2OC8x
LzJhamE3TU1oZEMyNTBpbWs4cTh4TU93Z1dFUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzQv
MWVkZDI1LWZmOTAtNDBhZS04YTIwLWY3NmI4MzUzYWQ2OC8xL21aWXZYdUFuaW1E
THZOUVdrWkgzRklFaGF0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcP24jANBgkqhkiG9w0BAQsFAAOC
AQEAgXizeYea7Yb6JHal5f5ejcSjuCyv9H/MA7CvaPPs8jOkz0AuK651RLleM47a
WyTbptq9taxtwH/FhnIXcTNCbSW6HUlkr5MidpRankpDL9X6RnFIN1F+lVuM5F62
VLjzGXMaiVXIz8tTwkTkvdQYMCG1eaceSNG9sMketiEEdkReAS+1EmlhyIqGH3e7
iiLLo11iWJX0fbGssb4WMhmufvMsW2QbVfCmhNIqK9u6/4x8b85vvOzlWPW7EEcv
YBO2XD3xCzbwio6bN4fMyvppHLH/7l7UOjzi0fy9qmm1296xS7w6j1+VoseqIFnz
DiwSEVaQmKSxo6A1AhC3xos+ng==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:44 2025 by rpki-client