Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/jXUVvri4eEEiWU9R44V7kf-VoKI.roa
File: jXUVvri4eEEiWU9R44V7kf-VoKI.roa (raw, json)
Hash identifier: QyXiFPeL/sLYjTG2Tu2fffCzn8L6cn80yu1Nv0QbHnY=
Subject key identifier: 8D:75:15:BE:B8:B8:78:41:22:59:4F:51:E3:85:7B:91:FF:95:A0:A2
Certificate issuer: /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial: 018572B43E5FF0249EF6FF73CF76F122AB89
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/jXUVvri4eEEiWU9R44V7kf-VoKI.roa
Signing time: Mon 02 Jan 2023 13:38:13 +0000
ROA not before: Mon 02 Jan 2023 13:38:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201924
IP address blocks: 195.146.0.0/24 maxlen: 24
195.146.1.0/24 maxlen: 24
195.146.2.0/24 maxlen: 24
195.146.4.0/24 maxlen: 24
195.146.7.0/24 maxlen: 24
195.146.5.0/24 maxlen: 24
195.146.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:3e:5f:f0:24:9e:f6:ff:73:cf:76:f1:22:ab:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Validity
Not Before: Jan 2 13:38:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d7515beb8b8784122594f51e3857b91ff95a0a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8e:24:b0:46:89:23:32:cb:ac:de:91:1b:40:
e7:82:f5:2b:5f:1e:0c:30:be:ec:12:24:01:af:65:
f8:18:78:45:0d:e4:73:6f:cb:0a:3b:73:e9:ae:d9:
74:0e:66:49:32:bc:1b:05:10:ff:d0:be:83:8a:51:
67:a3:22:ae:75:bc:1b:fc:b8:33:74:13:97:64:91:
ca:af:a5:2c:a9:1f:8e:49:46:e9:e8:13:7f:06:66:
1f:88:0d:21:cd:e5:f8:6a:9a:58:7b:a5:24:0a:7e:
ad:5a:48:24:0e:ab:d6:a9:65:8f:94:d0:f7:0c:9d:
e1:a1:08:13:72:06:d1:6e:99:b2:b2:09:ca:a6:0b:
15:9a:1b:81:3a:3b:e9:c3:b8:e6:6e:db:26:76:99:
9d:60:af:45:8e:85:ff:5e:99:bc:ea:cb:d4:75:d8:
e5:23:f8:40:be:47:6d:6e:7d:7f:37:6e:be:e8:94:
06:81:a6:a7:7a:a7:1f:fc:ed:b6:1a:7e:a9:f6:e4:
b2:a4:35:ab:27:e2:9d:bf:b6:fa:a4:3a:10:bb:ba:
be:92:b4:f1:46:d5:ae:a7:7e:7e:6c:7b:b4:d7:c9:
11:65:85:33:c2:d2:6f:ce:ba:64:8b:28:46:b5:42:
ad:2c:cd:38:ae:82:b4:d7:35:36:24:cd:1d:4b:8f:
fe:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:75:15:BE:B8:B8:78:41:22:59:4F:51:E3:85:7B:91:FF:95:A0:A2
X509v3 Authority Key Identifier:
keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/jXUVvri4eEEiWU9R44V7kf-VoKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.146.0.0-195.146.2.255
195.146.4.0/22
Signature Algorithm: sha256WithRSAEncryption
63:53:a3:84:40:da:3a:45:3a:26:32:49:67:51:02:21:17:82:
36:66:b2:4b:95:f1:4e:be:96:48:ce:81:5a:a8:d6:c7:a5:9b:
99:e9:c4:77:d9:32:4f:b6:e4:90:37:e7:f1:f4:b2:90:9c:16:
e7:45:58:50:04:d0:ea:ae:43:cf:4a:bb:7d:2c:97:d9:0b:30:
14:66:77:ae:5c:7c:f7:77:08:4d:3a:f6:39:66:23:e2:56:a2:
47:d8:11:1b:1a:50:cc:c5:46:f0:ab:36:8b:37:a7:37:3a:ad:
93:ca:46:cf:ed:d4:a0:ce:d8:92:37:b3:fa:5b:0b:82:46:aa:
34:f7:a4:61:41:f2:f3:17:a9:06:af:c2:77:1e:4b:10:0a:78:
d9:6a:a9:11:fd:3c:95:59:7e:43:6b:2b:ca:d4:fc:d0:ac:80:
bc:a5:98:1f:cc:4d:57:e4:15:56:69:7a:b9:da:85:90:dd:ab:
27:71:ad:40:2a:5a:25:d2:33:3e:05:e1:76:cb:e9:dd:c5:49:
7f:6b:c8:02:39:97:82:ad:65:dd:f9:8d:a8:e5:de:fb:99:da:
70:cf:9a:99:97:5b:cf:25:c0:c3:37:27:5b:3c:6a:61:6a:47:
0c:9f:45:70:ec:0d:a4:ad:61:ce:c0:f6:08:2d:dc:dc:6d:2c:
f8:21:4f:d0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVytD5f8CSe9v9zz3bxIquJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjMwMTAyMTMzODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDc1MTViZWI4Yjg3ODQxMjI1OTRmNTFlMzg1N2I5MWZmOTVhMGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo4ksEaJIzLLrN6RG0DngvUrXx4M
ML7sEiQBr2X4GHhFDeRzb8sKO3Pprtl0DmZJMrwbBRD/0L6DilFnoyKudbwb/Lgz
dBOXZJHKr6UsqR+OSUbp6BN/BmYfiA0hzeX4appYe6UkCn6tWkgkDqvWqWWPlND3
DJ3hoQgTcgbRbpmysgnKpgsVmhuBOjvpw7jmbtsmdpmdYK9FjoX/Xpm86svUddjl
I/hAvkdtbn1/N26+6JQGgaaneqcf/O22Gn6p9uSypDWrJ+Kdv7b6pDoQu7q+krTx
RtWup35+bHu018kRZYUzwtJvzrpkiyhGtUKtLM04roK01zU2JM0dS4/+ZQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFI11Fb64uHhBIllPUeOFe5H/laCiMB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvalhVVnZyaTRlRUVpV1U5UjQ0VjdrZi1Wb0tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwHDkgME
AMOSAgMEAsOSBDANBgkqhkiG9w0BAQsFAAOCAQEAY1OjhEDaOkU6JjJJZ1ECIReC
NmayS5XxTr6WSM6BWqjWx6WbmenEd9kyT7bkkDfn8fSykJwW50VYUATQ6q5Dz0q7
fSyX2QswFGZ3rlx893cITTr2OWYj4laiR9gRGxpQzMVG8Ks2izenNzqtk8pGz+3U
oM7Ykjez+lsLgkaqNPekYUHy8xepBq/Cdx5LEAp42WqpEf08lVl+Q2srytT80KyA
vKWYH8xNV+QVVml6udqFkN2rJ3GtQCpaJdIzPgXhdsvp3cVJf2vIAjmXgq1l3fmN
qOXe+5nacM+amZdbzyXAwzcnWzxqYWpHDJ9FcOwNpK1hzsD2CC3c3G0s+CFP0A==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:02 2025 by rpki-client