Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/bR0gdMkkCFxhmc4OyAigzWsUJIY.roa
File: bR0gdMkkCFxhmc4OyAigzWsUJIY.roa (raw, json)
Hash identifier: VL8pgT4v8sfAGUgTwdO7bhQmrxejnV3oEalZWfThObk=
Subject key identifier: 6D:1D:20:74:C9:24:08:5C:61:99:CE:0E:C8:08:A0:CD:6B:14:24:86
Certificate issuer: /CN=26425863c309f2655b884c1600394c4338e7fb41
Certificate serial: 018C5E0AD1EBC7E92E7086C3484B02CD08BC
Authority key identifier: 26:42:58:63:C3:09:F2:65:5B:88:4C:16:00:39:4C:43:38:E7:FB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/bR0gdMkkCFxhmc4OyAigzWsUJIY.roa
Signing time: Tue 12 Dec 2023 12:40:16 +0000
ROA not before: Tue 12 Dec 2023 12:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50300
IP address blocks: 195.60.172.0/24 maxlen: 24
195.60.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:0a:d1:eb:c7:e9:2e:70:86:c3:48:4b:02:cd:08:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26425863c309f2655b884c1600394c4338e7fb41
Validity
Not Before: Dec 12 12:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d1d2074c924085c6199ce0ec808a0cd6b142486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3e:34:09:f0:31:0d:4e:bc:63:07:c1:71:f0:
bc:5e:52:16:e9:da:99:d0:9a:35:d2:80:2a:86:b0:
5f:06:b1:6d:f9:61:b8:19:5f:c8:34:bd:81:47:63:
36:08:53:b8:51:a1:7e:1f:d9:25:98:75:0d:1b:8d:
1e:04:90:29:59:f3:0f:03:65:47:2c:8b:a7:eb:6e:
18:e5:4a:1c:8a:48:c2:0e:49:63:ee:05:9f:2f:ff:
c8:2d:7d:30:d4:24:5c:63:34:61:d6:87:c1:ee:68:
4e:d5:98:83:bc:43:fd:38:db:d1:38:c7:85:39:d7:
ac:99:79:ad:31:47:4a:f9:a4:47:88:8c:2b:32:85:
c4:42:8d:8b:eb:07:33:bf:be:3e:bb:a4:14:85:64:
d8:4f:e6:36:a6:87:60:c4:3e:55:ad:74:09:20:75:
38:cf:ac:23:57:4f:e2:ec:ce:d9:33:1e:0a:71:28:
88:3d:f1:2c:a7:39:bc:2a:5f:cd:ef:bd:f3:99:d8:
41:b8:23:85:51:45:b5:6f:cc:c4:01:e5:b6:25:c3:
55:41:1b:7f:7c:d9:b7:d7:9d:91:77:3e:79:48:db:
1c:7e:a2:e4:82:65:89:5f:87:e4:62:03:ae:86:6a:
1e:6f:91:cf:5a:ef:64:b7:bc:27:66:9d:a8:11:3e:
1b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1D:20:74:C9:24:08:5C:61:99:CE:0E:C8:08:A0:CD:6B:14:24:86
X509v3 Authority Key Identifier:
keyid:26:42:58:63:C3:09:F2:65:5B:88:4C:16:00:39:4C:43:38:E7:FB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JkJYY8MJ8mVbiEwWADlMQzjn-0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/bR0gdMkkCFxhmc4OyAigzWsUJIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f10e0e-16ca-48b0-abdc-c14f6ba25cb0/1/JkJYY8MJ8mVbiEwWADlMQzjn-0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.172.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:91:9f:4d:4a:1a:01:95:5c:fa:5b:82:b1:c1:00:e6:bf:3e:
f3:4a:ea:1c:75:16:2f:1b:e8:64:6c:a8:48:2f:9c:48:72:4a:
21:13:1e:2d:26:18:2b:64:cc:e9:5c:2b:e1:de:92:3c:fe:a0:
01:b8:6a:a4:21:d7:29:9a:63:09:c3:9b:47:80:de:2c:8c:36:
8a:54:ed:94:b4:2f:b0:29:59:04:4a:e9:5e:68:2f:40:5f:d2:
3c:e3:9b:72:ca:11:a1:fd:90:e3:0a:ff:de:d3:cc:51:e3:2e:
c7:1d:47:09:0e:6f:58:35:f9:22:96:c2:ca:bd:56:e3:af:0d:
cf:20:72:7d:37:6a:a5:5c:59:03:36:93:77:bc:94:78:15:90:
7e:94:29:96:d2:00:e1:f4:7c:7c:21:fd:16:16:ff:fd:07:fc:
3b:dd:9c:78:8d:f6:4e:58:ff:24:29:97:0c:a4:8e:fa:9f:82:
d8:c2:5f:9d:0a:5b:30:92:28:a2:ac:b2:4c:43:76:ea:66:27:
cc:13:ba:54:ee:d4:a4:8c:08:a4:f7:43:44:3e:d6:56:86:ec:
50:4a:0e:f0:0c:02:2c:be:cb:72:35:30:fa:6b:58:a9:5f:54:
d8:32:8d:0f:d1:44:40:ed:68:2b:8d:0c:41:a2:6c:d5:9b:6d:
3c:6d:d5:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxeCtHrx+kucIbDSEsCzQi8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NDI1ODYzYzMwOWYyNjU1Yjg4NGMxNjAwMzk0YzQzMzhl
N2ZiNDEwHhcNMjMxMjEyMTI0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDFkMjA3NGM5MjQwODVjNjE5OWNlMGVjODA4YTBjZDZiMTQyNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT40CfAxDU68YwfBcfC8XlIW6dqZ
0Jo10oAqhrBfBrFt+WG4GV/INL2BR2M2CFO4UaF+H9klmHUNG40eBJApWfMPA2VH
LIun624Y5UocikjCDklj7gWfL//ILX0w1CRcYzRh1ofB7mhO1ZiDvEP9ONvROMeF
OdesmXmtMUdK+aRHiIwrMoXEQo2L6wczv74+u6QUhWTYT+Y2podgxD5VrXQJIHU4
z6wjV0/i7M7ZMx4KcSiIPfEspzm8Kl/N773zmdhBuCOFUUW1b8zEAeW2JcNVQRt/
fNm3152Rdz55SNscfqLkgmWJX4fkYgOuhmoeb5HPWu9kt7wnZp2oET4bPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG0dIHTJJAhcYZnODsgIoM1rFCSGMB8GA1UdIwQY
MBaAFCZCWGPDCfJlW4hMFgA5TEM45/tBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmtKWVk4TUo4bVZiaUV3V0FEbE1RempuLTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMTBlMGUtMTZjYS00OGIwLWFiZGMt
YzE0ZjZiYTI1Y2IwLzEvYlIwZ2RNa2tDRnhobWM0T3lBaWd6V3NVSklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9mMTBlMGUtMTZjYS00OGIwLWFiZGMtYzE0ZjZiYTI1Y2Iw
LzEvSmtKWVk4TUo4bVZiaUV3V0FEbE1RempuLTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzysMA0G
CSqGSIb3DQEBCwUAA4IBAQB7kZ9NShoBlVz6W4KxwQDmvz7zSuocdRYvG+hkbKhI
L5xIckohEx4tJhgrZMzpXCvh3pI8/qABuGqkIdcpmmMJw5tHgN4sjDaKVO2UtC+w
KVkESuleaC9AX9I845tyyhGh/ZDjCv/e08xR4y7HHUcJDm9YNfkilsLKvVbjrw3P
IHJ9N2qlXFkDNpN3vJR4FZB+lCmW0gDh9Hx8If0WFv/9B/w73Zx4jfZOWP8kKZcM
pI76n4LYwl+dClswkiiirLJMQ3bqZifME7pU7tSkjAik90NEPtZWhuxQSg7wDAIs
vstyNTD6a1ipX1TYMo0P0URA7WgrjQxBomzVm208bdXF
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:28:52 2025 by rpki-client