Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/AmfQR5CNvQpIvYajwaUCrpM18vM.roa
File: AmfQR5CNvQpIvYajwaUCrpM18vM.roa (raw, json)
Hash identifier: yWzhcDisB6G7z5DPpPhM8l0gYndHdjbWZ9WJpVmoPbU=
Subject key identifier: 02:67:D0:47:90:8D:BD:0A:48:BD:86:A3:C1:A5:02:AE:93:35:F2:F3
Certificate issuer: /CN=bdf5b712f2e4932c1c030312d194a597883f3d5e
Certificate serial: 01857079A4622003B98D3E63F5CA96AAA222
Authority key identifier: BD:F5:B7:12:F2:E4:93:2C:1C:03:03:12:D1:94:A5:97:88:3F:3D:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfW3EvLkkywcAwMS0ZSll4g_PV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/AmfQR5CNvQpIvYajwaUCrpM18vM.roa
Signing time: Mon 02 Jan 2023 03:14:58 +0000
ROA not before: Mon 02 Jan 2023 03:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29117
IP address blocks: 195.85.200.0/24 maxlen: 24
195.234.61.0/24 maxlen: 24
2001:67c:195c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:a4:62:20:03:b9:8d:3e:63:f5:ca:96:aa:a2:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdf5b712f2e4932c1c030312d194a597883f3d5e
Validity
Not Before: Jan 2 03:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0267d047908dbd0a48bd86a3c1a502ae9335f2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:06:c4:d6:ec:39:eb:9f:fa:2f:5f:9e:30:9c:
43:47:d2:e1:93:b5:fe:67:67:16:d9:02:93:1a:12:
1e:9a:b3:bc:32:dc:68:38:7b:4b:e2:e4:69:ee:54:
d9:95:dd:68:b6:87:a8:4e:7f:00:d9:1a:a2:cb:a3:
ba:2a:9b:8c:82:d1:07:0a:07:6d:81:65:14:af:36:
0d:ae:d4:2b:19:69:2b:51:db:ee:04:c8:3a:ca:be:
bf:81:a5:29:23:58:93:50:d7:27:02:d6:a2:06:91:
99:ad:27:33:3c:e0:6d:26:bd:f5:ff:61:b5:b3:a8:
a5:f8:b8:4e:cb:0a:4b:fc:81:c8:e0:df:4c:b1:3f:
b4:62:6a:0c:fe:b0:9e:3f:a5:b5:b2:7e:66:6b:ed:
a0:22:6e:a6:d3:73:57:2b:69:58:01:ab:12:33:ce:
cd:a7:81:3c:18:7f:4f:49:58:48:c3:b2:7e:0a:cd:
87:fa:1f:81:57:56:41:58:c2:9d:20:65:56:91:06:
79:64:5d:20:c1:e4:cd:b1:b2:57:7f:bb:34:bf:92:
fb:06:4c:53:65:2c:f1:58:26:04:8f:44:55:fc:2b:
53:2f:ba:09:de:ea:e8:14:93:18:5a:ad:3c:df:61:
82:08:18:50:30:36:9d:87:7e:39:d4:8b:84:19:0b:
e1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:67:D0:47:90:8D:BD:0A:48:BD:86:A3:C1:A5:02:AE:93:35:F2:F3
X509v3 Authority Key Identifier:
keyid:BD:F5:B7:12:F2:E4:93:2C:1C:03:03:12:D1:94:A5:97:88:3F:3D:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfW3EvLkkywcAwMS0ZSll4g_PV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/AmfQR5CNvQpIvYajwaUCrpM18vM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/ce0077-c701-4ced-9d53-6c5c34586f6e/1/vfW3EvLkkywcAwMS0ZSll4g_PV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.85.200.0/24
195.234.61.0/24
IPv6:
2001:67c:195c::/48
Signature Algorithm: sha256WithRSAEncryption
0a:2f:89:ca:59:70:72:84:83:ed:1d:ce:62:00:d8:48:58:41:
34:fc:1a:af:67:57:6e:49:0e:3d:5f:99:a4:85:a0:27:7f:00:
a8:d3:d8:dd:32:95:78:3a:07:47:b5:21:02:82:40:f8:21:df:
f3:7a:98:58:b4:f4:c4:51:b8:7c:eb:01:d9:f7:bc:5b:32:24:
07:92:48:1e:29:7e:d3:53:30:53:48:ba:cb:5a:ec:07:ad:20:
0d:90:f4:98:30:0d:f2:4c:0a:cb:88:36:0d:ed:cf:53:be:b3:
8d:fe:f6:95:f1:40:e8:fe:5d:26:7b:57:31:61:cd:b1:d9:db:
c3:0c:ed:76:b2:92:0d:fd:64:b8:ee:6c:a6:5f:13:32:c6:87:
0c:ef:4a:6b:d5:67:5c:b4:94:bb:3e:7d:be:af:d6:16:15:30:
59:9a:bd:3e:8e:96:e1:f5:ee:01:d1:e0:10:2f:44:fa:ea:b9:
64:54:20:00:29:2b:04:f5:ad:56:91:de:60:36:2f:21:37:c3:
e7:0f:b6:b3:98:92:bc:86:fd:64:d8:8f:83:57:d3:17:0c:fa:
1a:a9:f3:6f:c6:c5:97:ee:3c:9d:d5:56:fc:9f:8f:8a:6b:9b:
3e:34:ef:26:6c:42:7e:4f:4c:a4:64:d6:b1:a2:19:a3:e2:05:
99:ff:86:70
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYVweaRiIAO5jT5j9cqWqqIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZjViNzEyZjJlNDkzMmMxYzAzMDMxMmQxOTRhNTk3ODgz
ZjNkNWUwHhcNMjMwMTAyMDMxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjY3ZDA0NzkwOGRiZDBhNDhiZDg2YTNjMWE1MDJhZTkzMzVmMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQbE1uw565/6L1+eMJxDR9Lhk7X+
Z2cW2QKTGhIemrO8MtxoOHtL4uRp7lTZld1otoeoTn8A2Rqiy6O6KpuMgtEHCgdt
gWUUrzYNrtQrGWkrUdvuBMg6yr6/gaUpI1iTUNcnAtaiBpGZrSczPOBtJr31/2G1
s6il+LhOywpL/IHI4N9MsT+0YmoM/rCeP6W1sn5ma+2gIm6m03NXK2lYAasSM87N
p4E8GH9PSVhIw7J+Cs2H+h+BV1ZBWMKdIGVWkQZ5ZF0gweTNsbJXf7s0v5L7BkxT
ZSzxWCYEj0RV/CtTL7oJ3uroFJMYWq0832GCCBhQMDadh3451IuEGQvhJQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAJn0EeQjb0KSL2Go8GlAq6TNfLzMB8GA1UdIwQY
MBaAFL31txLy5JMsHAMDEtGUpZeIPz1eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZXM0V2TGtreXdjQXdNUzBaU2xsNGdfUFY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9jZTAwNzctYzcwMS00Y2VkLTlkNTMt
NmM1YzM0NTg2ZjZlLzEvQW1mUVI1Q052UXBJdllhandhVUNycE0xOHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9jZTAwNzctYzcwMS00Y2VkLTlkNTMtNmM1YzM0NTg2ZjZl
LzEvdmZXM0V2TGtreXdjQXdNUzBaU2xsNGdfUFY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAw1XIAwQA
w+o9MA8EAgACMAkDBwAgAQZ8GVwwDQYJKoZIhvcNAQELBQADggEBAAovicpZcHKE
g+0dzmIA2EhYQTT8Gq9nV25JDj1fmaSFoCd/AKjT2N0ylXg6B0e1IQKCQPgh3/N6
mFi09MRRuHzrAdn3vFsyJAeSSB4pftNTMFNIusta7AetIA2Q9JgwDfJMCsuINg3t
z1O+s43+9pXxQOj+XSZ7VzFhzbHZ28MM7Xaykg39ZLjubKZfEzLGhwzvSmvVZ1y0
lLs+fb6v1hYVMFmavT6OluH17gHR4BAvRPrquWRUIAApKwT1rVaR3mA2LyE3w+cP
trOYkryG/WTYj4NX0xcM+hqp82/GxZfuPJ3VVvyfj4prmz407yZsQn5PTKRk1rGi
GaPiBZn/hnA=
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:52:08 2025 by rpki-client