Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3a886e-4c26-425a-a14d-f21b6ae3be6c/1/g5f5UxvwOtznY43a3FINDomyJ0w.roa
File: g5f5UxvwOtznY43a3FINDomyJ0w.roa (raw, json)
Hash identifier: d6zHzae6hIaJon1tlBmTBniSbwrRfJ9DzGUdmOypkew=
Subject key identifier: 83:97:F9:53:1B:F0:3A:DC:E7:63:8D:DA:DC:52:0D:0E:89:B2:27:4C
Certificate issuer: /CN=662c6c3d22cf6b101d7148006da7a7284dcbb320
Certificate serial: 01856EC2059F04A79871FF8D9DF087EBA504
Authority key identifier: 66:2C:6C:3D:22:CF:6B:10:1D:71:48:00:6D:A7:A7:28:4D:CB:B3:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZixsPSLPaxAdcUgAbaenKE3LsyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/3a886e-4c26-425a-a14d-f21b6ae3be6c/1/g5f5UxvwOtznY43a3FINDomyJ0w.roa
Signing time: Sun 01 Jan 2023 19:14:47 +0000
ROA not before: Sun 01 Jan 2023 19:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197190
IP address blocks: 195.226.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:05:9f:04:a7:98:71:ff:8d:9d:f0:87:eb:a5:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=662c6c3d22cf6b101d7148006da7a7284dcbb320
Validity
Not Before: Jan 1 19:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8397f9531bf03adce7638ddadc520d0e89b2274c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8d:b6:07:f9:60:ff:6f:93:23:21:e2:6d:22:
72:28:73:a1:df:10:1c:d7:a7:c9:88:46:1e:69:86:
29:19:ed:5d:fd:a4:8c:8b:0c:4f:c8:07:3a:09:3a:
7a:dc:41:28:fa:28:6e:9e:b0:43:e7:38:f8:c0:42:
ba:01:03:80:d7:7c:69:e4:33:bb:66:f8:eb:68:fd:
e6:85:42:ac:5c:35:49:3d:f7:59:e5:0a:dd:c8:69:
f7:6e:5a:dd:f7:24:72:d5:c2:c4:43:ab:13:61:6f:
00:c6:75:72:14:c5:8e:a6:10:ee:4a:7c:c2:ed:cd:
dc:57:77:af:24:2b:96:f4:22:08:85:b2:20:c9:89:
0f:ee:b5:ed:68:53:8e:a5:45:36:f8:53:69:bb:7d:
2c:8c:e3:2a:3c:2d:ae:b6:df:5c:bd:22:8d:2b:7d:
a9:93:63:5d:97:db:de:8e:64:a4:7e:f3:a6:9c:35:
28:7a:39:8e:dc:63:98:3b:1d:b4:fa:38:ff:23:dc:
6b:97:6b:44:4f:28:54:b7:4e:72:8d:72:fc:3b:57:
5a:57:55:7d:6f:53:80:ef:31:51:d5:f6:60:3d:d8:
fc:87:8f:bd:c1:34:27:0c:20:1c:bd:c0:1a:89:cc:
b1:eb:ba:f1:2f:68:45:77:f8:56:43:36:ac:32:ea:
ba:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:97:F9:53:1B:F0:3A:DC:E7:63:8D:DA:DC:52:0D:0E:89:B2:27:4C
X509v3 Authority Key Identifier:
keyid:66:2C:6C:3D:22:CF:6B:10:1D:71:48:00:6D:A7:A7:28:4D:CB:B3:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZixsPSLPaxAdcUgAbaenKE3LsyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3a886e-4c26-425a-a14d-f21b6ae3be6c/1/g5f5UxvwOtznY43a3FINDomyJ0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3a886e-4c26-425a-a14d-f21b6ae3be6c/1/ZixsPSLPaxAdcUgAbaenKE3LsyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.226.199.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:04:42:7c:bb:a7:6b:af:a6:88:ac:9f:b2:24:ec:c9:ea:e0:
d7:d0:9b:d8:72:fd:f8:19:37:cc:10:08:80:18:40:7b:8d:47:
d9:2b:54:89:23:65:22:a0:c6:02:36:c3:fa:22:5e:00:ef:80:
3a:0a:e4:52:69:c5:23:02:49:55:03:d5:49:3a:dd:83:76:6b:
e1:6b:c7:4f:cd:87:75:a3:06:cf:30:f1:d0:fb:17:28:b3:3d:
45:a8:a6:7b:cb:d7:b6:a1:bc:11:1e:86:df:b4:41:ec:06:b7:
83:6e:58:76:3b:f0:0c:93:05:04:7c:57:94:37:57:06:1b:e0:
fc:eb:d7:12:71:66:96:52:d1:78:44:c8:c2:82:e1:c3:4a:37:
e8:50:6d:fa:db:34:12:08:9b:e3:3f:20:10:c8:8d:41:a7:60:
43:4c:4c:e0:34:b8:16:85:0e:64:db:ab:c3:f9:50:72:b3:d7:
66:94:3e:c2:24:00:6a:af:59:8f:cd:dd:2f:84:f5:46:4f:ce:
4c:0b:47:2e:0c:2c:52:65:76:7f:79:6b:0b:9c:7c:12:92:a7:
e2:2f:08:57:4f:70:ee:13:03:1a:01:16:21:84:83:89:e0:2f:
df:a3:08:a3:06:3f:3f:80:a9:06:b5:35:76:2a:cf:52:03:0f:
69:86:d0:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwgWfBKeYcf+NnfCH66UEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MmM2YzNkMjJjZjZiMTAxZDcxNDgwMDZkYTdhNzI4NGRj
YmIzMjAwHhcNMjMwMTAxMTkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mzk3Zjk1MzFiZjAzYWRjZTc2MzhkZGFkYzUyMGQwZTg5YjIyNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzo22B/lg/2+TIyHibSJyKHOh3xAc
16fJiEYeaYYpGe1d/aSMiwxPyAc6CTp63EEo+ihunrBD5zj4wEK6AQOA13xp5DO7
ZvjraP3mhUKsXDVJPfdZ5QrdyGn3blrd9yRy1cLEQ6sTYW8AxnVyFMWOphDuSnzC
7c3cV3evJCuW9CIIhbIgyYkP7rXtaFOOpUU2+FNpu30sjOMqPC2utt9cvSKNK32p
k2Ndl9vejmSkfvOmnDUoejmO3GOYOx20+jj/I9xrl2tETyhUt05yjXL8O1daV1V9
b1OA7zFR1fZgPdj8h4+9wTQnDCAcvcAaicyx67rxL2hFd/hWQzasMuq6UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIOX+VMb8Drc52ON2txSDQ6JsidMMB8GA1UdIwQY
MBaAFGYsbD0iz2sQHXFIAG2npyhNy7MgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWml4c1BTTFBheEFkY1VnQWJhZW5LRTNMc3lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zYTg4NmUtNGMyNi00MjVhLWExNGQt
ZjIxYjZhZTNiZTZjLzEvZzVmNVV4dndPdHpuWTQzYTNGSU5Eb215SjB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zYTg4NmUtNGMyNi00MjVhLWExNGQtZjIxYjZhZTNiZTZj
LzEvWml4c1BTTFBheEFkY1VnQWJhZW5LRTNMc3lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+LHMA0G
CSqGSIb3DQEBCwUAA4IBAQBuBEJ8u6drr6aIrJ+yJOzJ6uDX0JvYcv34GTfMEAiA
GEB7jUfZK1SJI2UioMYCNsP6Il4A74A6CuRSacUjAklVA9VJOt2Ddmvha8dPzYd1
owbPMPHQ+xcosz1FqKZ7y9e2obwRHobftEHsBreDblh2O/AMkwUEfFeUN1cGG+D8
69cScWaWUtF4RMjCguHDSjfoUG362zQSCJvjPyAQyI1Bp2BDTEzgNLgWhQ5k26vD
+VBys9dmlD7CJABqr1mPzd0vhPVGT85MC0cuDCxSZXZ/eWsLnHwSkqfiLwhXT3Du
EwMaARYhhIOJ4C/fowijBj8/gKkGtTV2Ks9SAw9phtBk
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:59:40 2025 by rpki-client