Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/CFMg9i9AWTJkmIgiGh0jrT4ER4I.roa
File: CFMg9i9AWTJkmIgiGh0jrT4ER4I.roa (raw, json)
Hash identifier: +rZYA3dkDF0/PhU4KYeBR1M6NlDhGehknclF/vORqug=
Subject key identifier: 08:53:20:F6:2F:40:59:32:64:98:88:22:1A:1D:23:AD:3E:04:47:82
Certificate issuer: /CN=f7af76989ed464fd9a5489fff7fb98cc2d2f93e4
Certificate serial: 018572DF0497B715FEA148C1D522BA51EBC7
Authority key identifier: F7:AF:76:98:9E:D4:64:FD:9A:54:89:FF:F7:FB:98:CC:2D:2F:93:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9692mJ7UZP2aVIn_9_uYzC0vk-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/CFMg9i9AWTJkmIgiGh0jrT4ER4I.roa
Signing time: Mon 02 Jan 2023 14:24:56 +0000
ROA not before: Mon 02 Jan 2023 14:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29130
IP address blocks: 195.47.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:df:04:97:b7:15:fe:a1:48:c1:d5:22:ba:51:eb:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7af76989ed464fd9a5489fff7fb98cc2d2f93e4
Validity
Not Before: Jan 2 14:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=085320f62f405932649888221a1d23ad3e044782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0d:82:a8:83:79:a6:bf:8e:9f:29:0b:cd:ef:
cd:6c:d8:54:db:d4:90:06:f3:d4:d1:08:43:d7:78:
56:02:2e:04:f8:5e:63:b5:96:fd:ae:0a:da:8f:d5:
33:55:19:d4:0b:2e:bf:86:2a:a8:75:94:1e:bb:9c:
98:a5:ea:2d:ce:12:f2:93:df:1b:3b:29:07:1a:12:
dc:af:1c:9d:53:8f:f5:eb:de:89:15:d7:1f:e9:73:
54:2e:38:be:1e:5d:93:de:eb:79:32:09:97:f1:cc:
0a:24:74:d4:43:0b:39:8f:f4:de:93:4c:2a:3a:9f:
13:7b:4d:be:0a:18:70:52:76:6d:a2:f8:0c:0b:6c:
5d:c9:db:8e:01:c9:28:4a:b2:e0:cd:d7:a8:eb:11:
7c:19:75:37:11:33:5e:82:2f:66:b2:e8:b0:60:b9:
c0:a4:79:62:c9:a7:be:df:0c:97:05:73:f4:8d:18:
68:0b:9a:0d:30:bf:5c:0b:61:83:24:f8:70:ef:8a:
d0:91:b8:e2:94:eb:30:d6:a5:bb:19:1f:ef:c7:43:
4d:8a:c5:40:74:57:39:ec:e3:b7:22:64:63:65:59:
65:58:6d:b6:83:2e:30:a6:78:34:b7:fa:a0:1b:c8:
12:46:b3:18:f6:e6:78:f4:5a:99:4b:a0:91:f3:ce:
a9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:53:20:F6:2F:40:59:32:64:98:88:22:1A:1D:23:AD:3E:04:47:82
X509v3 Authority Key Identifier:
keyid:F7:AF:76:98:9E:D4:64:FD:9A:54:89:FF:F7:FB:98:CC:2D:2F:93:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9692mJ7UZP2aVIn_9_uYzC0vk-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/CFMg9i9AWTJkmIgiGh0jrT4ER4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d663ca-adf6-41c2-93c1-60b1de6c38d1/1/9692mJ7UZP2aVIn_9_uYzC0vk-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.47.248.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ff:b9:06:ae:03:e5:3f:bf:5e:c3:3b:e2:da:e3:ed:ef:36:
06:55:9d:20:75:09:f8:de:74:df:ce:c3:70:df:c2:95:98:74:
15:22:01:9e:63:bc:fe:6f:f4:7b:2a:aa:63:92:c9:88:40:76:
a9:f3:27:2d:3f:fd:87:8b:7a:57:63:92:53:c3:70:7e:94:0d:
64:d1:70:23:e5:06:c2:87:2b:69:11:88:6d:8a:b1:8f:52:5e:
23:73:aa:a4:5f:cf:74:ba:cd:f2:7a:3e:51:88:61:a8:4b:f6:
fc:32:0b:ad:9e:40:41:f4:b5:91:14:74:e2:8e:c4:18:bf:50:
f7:ad:b9:24:3b:37:64:30:77:5e:38:16:68:a1:03:c2:e3:32:
f0:f5:1b:63:4c:b2:3a:05:72:7f:08:d2:ba:a3:71:7b:d9:9c:
a4:3e:87:cc:dd:0e:9f:c8:11:1a:c1:df:d9:de:0a:35:89:cc:
fa:23:90:84:95:9c:e3:9f:31:03:36:5f:6a:39:13:3c:44:76:
c3:55:0f:1c:c2:c2:71:c1:a6:20:fb:30:83:ad:e8:3f:6e:82:
d2:2a:f7:4c:4c:3a:8b:ff:7b:da:83:3f:f8:d1:58:6f:69:5c:
a1:64:b1:9b:ae:d3:a5:f7:f8:02:d0:a5:bb:f4:c3:0c:43:3f:
34:af:e2:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy3wSXtxX+oUjB1SK6UevHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YWY3Njk4OWVkNDY0ZmQ5YTU0ODlmZmY3ZmI5OGNjMmQy
ZjkzZTQwHhcNMjMwMTAyMTQyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODUzMjBmNjJmNDA1OTMyNjQ5ODg4MjIxYTFkMjNhZDNlMDQ0NzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ2CqIN5pr+OnykLze/NbNhU29SQ
BvPU0QhD13hWAi4E+F5jtZb9rgraj9UzVRnUCy6/hiqodZQeu5yYpeotzhLyk98b
OykHGhLcrxydU4/1696JFdcf6XNULji+Hl2T3ut5MgmX8cwKJHTUQws5j/Tek0wq
Op8Te02+ChhwUnZtovgMC2xdyduOAckoSrLgzdeo6xF8GXU3ETNegi9msuiwYLnA
pHliyae+3wyXBXP0jRhoC5oNML9cC2GDJPhw74rQkbjilOsw1qW7GR/vx0NNisVA
dFc57OO3ImRjZVllWG22gy4wpng0t/qgG8gSRrMY9uZ49FqZS6CR886pywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAhTIPYvQFkyZJiIIhodI60+BEeCMB8GA1UdIwQY
MBaAFPevdpie1GT9mlSJ//f7mMwtL5PkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTY5Mm1KN1VaUDJhVkluXzlfdVl6QzB2ay1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kNjYzY2EtYWRmNi00MWMyLTkzYzEt
NjBiMWRlNmMzOGQxLzEvQ0ZNZzlpOUFXVEprbUlnaUdoMGpyVDRFUjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kNjYzY2EtYWRmNi00MWMyLTkzYzEtNjBiMWRlNmMzOGQx
LzEvOTY5Mm1KN1VaUDJhVkluXzlfdVl6QzB2ay1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwy/4MA0G
CSqGSIb3DQEBCwUAA4IBAQB5/7kGrgPlP79ewzvi2uPt7zYGVZ0gdQn43nTfzsNw
38KVmHQVIgGeY7z+b/R7KqpjksmIQHap8yctP/2Hi3pXY5JTw3B+lA1k0XAj5QbC
hytpEYhtirGPUl4jc6qkX890us3yej5RiGGoS/b8MgutnkBB9LWRFHTijsQYv1D3
rbkkOzdkMHdeOBZooQPC4zLw9RtjTLI6BXJ/CNK6o3F72ZykPofM3Q6fyBEawd/Z
3go1icz6I5CElZzjnzEDNl9qORM8RHbDVQ8cwsJxwaYg+zCDreg/boLSKvdMTDqL
/3vagz/40VhvaVyhZLGbrtOl9/gC0KW79MMMQz80r+Je
-----END CERTIFICATE-----
Generated at Wed Apr 16 15:01:53 2025 by rpki-client