Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/CheAK9XvYTl1WDa6DuCshB2efQU.roa
File: CheAK9XvYTl1WDa6DuCshB2efQU.roa (raw, json)
Hash identifier: XDpotnS9VJQC6gE8mtMfu2TPagvWY5+jz+DKI+/RfHc=
Subject key identifier: 0A:17:80:2B:D5:EF:61:39:75:58:36:BA:0E:E0:AC:84:1D:9E:7D:05
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 018572712F7B771FC45EA177DB3D052D8973
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/CheAK9XvYTl1WDa6DuCshB2efQU.roa
Signing time: Mon 02 Jan 2023 12:24:58 +0000
ROA not before: Mon 02 Jan 2023 12:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15626
IP address blocks: 195.28.182.0/23 maxlen: 23
2001:67c:2f6c::/48 maxlen: 48
2a0a:8c46::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:71:2f:7b:77:1f:c4:5e:a1:77:db:3d:05:2d:89:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Jan 2 12:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a17802bd5ef6139755836ba0ee0ac841d9e7d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:be:45:76:97:48:09:e8:9d:41:4a:64:54:3c:
e1:ac:00:b8:bb:ad:53:92:29:28:04:25:2e:9c:8d:
5f:3f:e1:96:7b:e8:72:49:51:6b:fe:a6:75:8e:40:
2c:36:d7:9b:9b:18:8c:10:66:dc:4f:43:b8:ca:72:
1e:7a:20:e5:09:3a:d3:d8:b7:a1:20:e5:64:37:31:
2f:57:c2:f0:06:59:62:be:06:e3:79:88:c0:ed:6d:
0a:65:5a:e3:96:74:0b:6e:de:49:a0:20:17:6b:8f:
7d:68:77:e8:13:d7:c8:73:b3:22:0d:56:90:88:30:
41:a1:11:41:28:97:c6:6f:02:d7:32:16:df:1d:a9:
22:b7:d2:e0:42:e9:b7:20:9f:80:83:d5:e3:99:cf:
81:4b:1b:54:b4:ad:0d:9d:f9:c2:dc:07:69:66:f9:
73:e3:08:18:1f:5a:b5:d6:6d:6d:77:54:b8:d5:95:
9e:8d:64:57:0a:64:72:2b:3c:10:36:24:4f:61:a3:
f3:72:3b:9a:5d:75:78:82:e0:f1:57:dd:ba:8d:d7:
ef:0f:79:ed:cd:64:eb:54:fa:f9:c4:a9:e2:a4:2b:
a4:33:ce:c2:b0:a0:23:b0:0b:a4:9a:ea:18:1f:86:
0c:77:73:a3:75:ee:0c:8a:84:6a:1f:d8:5f:56:9a:
30:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:17:80:2B:D5:EF:61:39:75:58:36:BA:0E:E0:AC:84:1D:9E:7D:05
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/CheAK9XvYTl1WDa6DuCshB2efQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.182.0/23
IPv6:
2001:67c:2f6c::/48
2a0a:8c46::/32
Signature Algorithm: sha256WithRSAEncryption
2f:e2:ed:ab:54:4b:2b:16:ba:d4:08:33:0b:a0:6f:f8:18:1f:
21:a7:63:b8:a0:96:f3:3f:ec:48:3a:f7:30:3f:5b:fa:44:55:
ef:06:b3:aa:89:3e:cb:90:f2:62:6b:53:7d:ef:b7:2f:96:1b:
78:34:c7:bc:de:01:69:2f:8c:57:d6:9d:f9:ad:94:99:5b:d2:
c5:d7:c4:53:29:fa:65:5a:d6:c6:cc:e7:1f:b7:56:bb:2a:6f:
91:ca:56:64:ac:ec:3f:19:81:a1:c3:eb:fb:9d:18:65:a1:95:
12:4d:90:f9:a9:f7:fb:aa:73:87:2b:b5:98:5b:18:69:d6:3b:
0f:6f:f0:0b:68:c6:67:84:0f:bc:94:b5:64:d7:5e:79:75:c7:
eb:2e:02:64:ce:18:69:18:46:61:b8:5b:a8:eb:44:64:23:6a:
ea:d0:08:bb:40:af:73:16:d8:f8:63:c4:f3:89:df:99:93:aa:
4b:b4:c1:cc:26:23:20:dd:e3:e6:90:b8:1c:56:bd:70:1d:c6:
f5:0f:c4:52:eb:26:34:52:bc:eb:1e:10:eb:30:e4:73:a5:33:
96:4e:c6:5f:7c:6d:75:5b:a2:97:c3:e3:2a:06:1f:c8:dd:10:
2b:34:7d:6b:38:52:62:d1:da:14:ed:6b:c6:48:8b:75:3e:d6:
61:6a:e9:3a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVycS97dx/EXqF32z0FLYlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjMwMTAyMTIyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE3ODAyYmQ1ZWY2MTM5NzU1ODM2YmEwZWUwYWM4NDFkOWU3ZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAir5FdpdICeidQUpkVDzhrAC4u61T
kikoBCUunI1fP+GWe+hySVFr/qZ1jkAsNtebmxiMEGbcT0O4ynIeeiDlCTrT2Leh
IOVkNzEvV8LwBllivgbjeYjA7W0KZVrjlnQLbt5JoCAXa499aHfoE9fIc7MiDVaQ
iDBBoRFBKJfGbwLXMhbfHakit9LgQum3IJ+Ag9Xjmc+BSxtUtK0NnfnC3AdpZvlz
4wgYH1q11m1td1S41ZWejWRXCmRyKzwQNiRPYaPzcjuaXXV4guDxV926jdfvD3nt
zWTrVPr5xKnipCukM87CsKAjsAukmuoYH4YMd3Ojde4MioRqH9hfVpowGQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAoXgCvV72E5dVg2ug7grIQdnn0FMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvQ2hlQUs5WHZZVGwxV0RhNkR1Q3NoQjJlZlFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBwxy2MBYE
AgACMBADBwAgAQZ8L2wDBQAqCoxGMA0GCSqGSIb3DQEBCwUAA4IBAQAv4u2rVEsr
FrrUCDMLoG/4GB8hp2O4oJbzP+xIOvcwP1v6RFXvBrOqiT7LkPJia1N977cvlht4
NMe83gFpL4xX1p35rZSZW9LF18RTKfplWtbGzOcft1a7Km+RylZkrOw/GYGhw+v7
nRhloZUSTZD5qff7qnOHK7WYWxhp1jsPb/ALaMZnhA+8lLVk1155dcfrLgJkzhhp
GEZhuFuo60RkI2rq0Ai7QK9zFtj4Y8Tzid+Zk6pLtMHMJiMg3ePmkLgcVr1wHcb1
D8RS6yY0UrzrHhDrMORzpTOWTsZffG11W6KXw+MqBh/I3RArNH1rOFJi0doU7WvG
SIt1PtZhauk6
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:03:51 2025 by rpki-client