Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/dd543d-d1f5-4f49-890f-5944d8ec273c/1/vRM6dBLkMQ--dy68r09eOneRBcU.roa
File: vRM6dBLkMQ--dy68r09eOneRBcU.roa (raw, json)
Hash identifier: yvD5UVqyJxGCh3XrP+WgBYeDbIaLLQgxhcxpcj1Wbw4=
Subject key identifier: BD:13:3A:74:12:E4:31:0F:BE:77:2E:BC:AF:4F:5E:3A:77:91:05:C5
Certificate issuer: /CN=503f73fefe9dbd165614375a18a34cdcfb4a31ee
Certificate serial: 0185F7C3E2B98AACEF747806DF2A4BF6E669
Authority key identifier: 50:3F:73:FE:FE:9D:BD:16:56:14:37:5A:18:A3:4C:DC:FB:4A:31:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UD9z_v6dvRZWFDdaGKNM3PtKMe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/dd543d-d1f5-4f49-890f-5944d8ec273c/1/vRM6dBLkMQ--dy68r09eOneRBcU.roa
Signing time: Sat 28 Jan 2023 09:44:47 +0000
ROA not before: Sat 28 Jan 2023 09:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48659
IP address blocks: 195.8.52.0/23 maxlen: 23
195.8.52.0/24 maxlen: 24
195.8.53.0/24 maxlen: 24
195.46.36.0/24 maxlen: 24
195.46.36.0/23 maxlen: 23
195.46.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f7:c3:e2:b9:8a:ac:ef:74:78:06:df:2a:4b:f6:e6:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=503f73fefe9dbd165614375a18a34cdcfb4a31ee
Validity
Not Before: Jan 28 09:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bd133a7412e4310fbe772ebcaf4f5e3a779105c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f0:95:1d:b4:1a:c6:5b:16:07:05:ea:cd:74:
13:b0:10:4b:b3:d2:e8:0b:1f:2e:e3:d6:79:61:0a:
5d:34:74:dc:4f:a9:b8:32:b1:c3:1e:2d:73:dc:7a:
33:ba:f0:86:2b:36:1b:7b:e4:cc:a5:f6:77:9e:21:
10:b8:33:a9:04:81:0a:8d:71:dc:a6:28:51:3b:9b:
ac:0c:9f:d5:58:aa:c8:d9:e5:61:b7:06:fa:b7:a3:
3e:f0:e3:26:ca:5b:b6:f1:be:62:0f:84:76:f3:94:
88:31:ee:11:7a:a8:b5:1a:bb:33:69:f6:5d:79:9f:
a2:c4:b7:c3:1e:f6:d9:63:1e:0a:e0:c3:34:d3:c4:
3b:e9:5d:d1:f0:a5:b2:c6:4e:77:65:a4:c8:f0:97:
00:0f:91:a1:ae:41:df:c5:40:64:26:c3:eb:a6:87:
2e:00:e3:67:2c:c5:22:b2:1d:d9:de:ef:db:b9:1a:
ad:f7:8d:28:9e:09:24:66:85:26:3e:20:64:27:8b:
ce:91:38:53:32:2f:4d:14:96:54:f6:55:be:fa:a3:
9d:db:ab:42:eb:17:04:3b:bb:3a:1a:a7:92:a2:eb:
1f:61:41:74:41:78:13:a7:3d:16:88:58:5a:ef:fb:
39:d9:6c:cc:2e:f2:e8:31:01:3a:c0:3b:8b:db:18:
02:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:13:3A:74:12:E4:31:0F:BE:77:2E:BC:AF:4F:5E:3A:77:91:05:C5
X509v3 Authority Key Identifier:
keyid:50:3F:73:FE:FE:9D:BD:16:56:14:37:5A:18:A3:4C:DC:FB:4A:31:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UD9z_v6dvRZWFDdaGKNM3PtKMe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/dd543d-d1f5-4f49-890f-5944d8ec273c/1/vRM6dBLkMQ--dy68r09eOneRBcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/dd543d-d1f5-4f49-890f-5944d8ec273c/1/UD9z_v6dvRZWFDdaGKNM3PtKMe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.52.0/23
195.46.36.0/23
Signature Algorithm: sha256WithRSAEncryption
86:fe:4e:e3:70:7e:20:19:f1:1d:63:80:1f:d8:bb:cb:7d:65:
2f:58:53:84:4b:3b:7c:2f:a0:3c:ef:4e:13:15:8f:4d:8f:73:
a0:9b:f6:30:df:52:f7:e9:e2:ad:6d:c0:4d:b9:df:2b:98:18:
5c:7b:9d:a6:4f:f1:42:5f:03:38:23:0a:fc:7b:2c:0b:bc:94:
40:af:d5:64:4d:92:13:e8:24:ee:ff:33:74:fd:f5:e1:1c:12:
a4:42:d4:02:8e:2b:78:2a:22:ca:88:03:5c:d8:2d:8f:e3:c4:
94:19:50:da:06:9c:98:bd:cc:ed:50:f5:a3:4e:36:f1:3c:44:
17:c4:22:94:69:5d:e6:8b:8e:5a:b5:d2:59:e1:b1:3a:54:ee:
37:77:1e:f8:5b:50:49:18:78:42:14:9d:e5:50:40:d5:4a:fa:
c4:65:c8:1e:4a:06:65:2f:d5:cb:f4:be:06:6b:39:67:73:52:
3c:60:a6:dc:57:57:08:6c:ce:51:36:96:36:ef:1a:f3:1c:72:
b8:a4:0b:ae:35:c8:ba:c9:82:ce:4c:3e:1d:f8:ff:0c:15:a6:
d1:14:18:e7:a5:87:64:e2:96:1d:6d:68:85:d8:88:bd:73:dd:
af:78:45:05:34:d1:b7:56:d5:d6:26:0b:26:b7:c6:66:6b:09:
1d:1e:10:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYX3w+K5iqzvdHgG3ypL9uZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwM2Y3M2ZlZmU5ZGJkMTY1NjE0Mzc1YTE4YTM0Y2RjZmI0
YTMxZWUwHhcNMjMwMTI4MDk0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDEzM2E3NDEyZTQzMTBmYmU3NzJlYmNhZjRmNWUzYTc3OTEwNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPCVHbQaxlsWBwXqzXQTsBBLs9Lo
Cx8u49Z5YQpdNHTcT6m4MrHDHi1z3HozuvCGKzYbe+TMpfZ3niEQuDOpBIEKjXHc
pihRO5usDJ/VWKrI2eVhtwb6t6M+8OMmylu28b5iD4R285SIMe4Reqi1GrszafZd
eZ+ixLfDHvbZYx4K4MM008Q76V3R8KWyxk53ZaTI8JcAD5GhrkHfxUBkJsPrpocu
AONnLMUish3Z3u/buRqt940ongkkZoUmPiBkJ4vOkThTMi9NFJZU9lW++qOd26tC
6xcEO7s6GqeSousfYUF0QXgTpz0WiFha7/s52WzMLvLoMQE6wDuL2xgCeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL0TOnQS5DEPvncuvK9PXjp3kQXFMB8GA1UdIwQY
MBaAFFA/c/7+nb0WVhQ3WhijTNz7SjHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUQ5el92NmR2UlpXRkRkYUdLTk0zUHRLTWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9kZDU0M2QtZDFmNS00ZjQ5LTg5MGYt
NTk0NGQ4ZWMyNzNjLzEvdlJNNmRCTGtNUS0tZHk2OHIwOWVPbmVSQmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9kZDU0M2QtZDFmNS00ZjQ5LTg5MGYtNTk0NGQ4ZWMyNzNj
LzEvVUQ5el92NmR2UlpXRkRkYUdLTk0zUHRLTWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwwg0AwQB
wy4kMA0GCSqGSIb3DQEBCwUAA4IBAQCG/k7jcH4gGfEdY4Af2LvLfWUvWFOESzt8
L6A8704TFY9Nj3Ogm/Yw31L36eKtbcBNud8rmBhce52mT/FCXwM4Iwr8eywLvJRA
r9VkTZIT6CTu/zN0/fXhHBKkQtQCjit4KiLKiANc2C2P48SUGVDaBpyYvcztUPWj
TjbxPEQXxCKUaV3mi45atdJZ4bE6VO43dx74W1BJGHhCFJ3lUEDVSvrEZcgeSgZl
L9XL9L4Gazlnc1I8YKbcV1cIbM5RNpY27xrzHHK4pAuuNci6yYLOTD4d+P8MFabR
FBjnpYdk4pYdbWiF2Ii9c92veEUFNNG3VtXWJgsmt8ZmawkdHhA/
-----END CERTIFICATE-----
Generated at Wed Apr 16 12:52:23 2025 by rpki-client