Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/YVxRIjJNuDhX9AZEPJDfX4kc7YU.roa
File: YVxRIjJNuDhX9AZEPJDfX4kc7YU.roa (raw, json)
Hash identifier: bmsg7pDADgATnVOz3GKJy2OXaa3hjV6Hs8lQ6gaicas=
Subject key identifier: 61:5C:51:22:32:4D:B8:38:57:F4:06:44:3C:90:DF:5F:89:1C:ED:85
Certificate issuer: /CN=cc6532649a6aef4714841b9c8f54660d889b0629
Certificate serial: 01856E5D51B60C7234B3095764D6C0C972BC
Authority key identifier: CC:65:32:64:9A:6A:EF:47:14:84:1B:9C:8F:54:66:0D:88:9B:06:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zGUyZJpq70cUhBucj1RmDYibBik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/YVxRIjJNuDhX9AZEPJDfX4kc7YU.roa
Signing time: Sun 01 Jan 2023 17:24:47 +0000
ROA not before: Sun 01 Jan 2023 17:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 195.234.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:51:b6:0c:72:34:b3:09:57:64:d6:c0:c9:72:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc6532649a6aef4714841b9c8f54660d889b0629
Validity
Not Before: Jan 1 17:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=615c5122324db83857f406443c90df5f891ced85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:93:c8:3a:73:d0:38:e3:11:a7:5e:bd:0d:bf:
3c:eb:5b:32:7b:d8:04:0b:8b:92:ab:74:31:e1:38:
0e:e8:ef:03:d9:cf:9c:4b:29:29:3e:05:d0:da:1d:
ca:8d:30:a5:70:81:08:8c:6f:f9:64:14:3b:20:7d:
b2:a0:85:d0:67:c0:bc:69:c2:d7:3f:09:d0:10:53:
63:73:3b:ce:77:56:a9:9d:42:6f:57:e4:ff:36:b6:
1a:a6:30:ad:55:c5:6a:ab:af:05:ea:af:5e:19:aa:
11:72:37:45:9a:73:49:85:b7:c6:86:e2:7b:b0:7b:
47:eb:c2:53:2e:75:8b:ca:00:b4:00:0b:14:08:f3:
ff:e2:f5:ad:7a:e7:96:d5:46:5c:9f:fe:1c:10:d9:
24:1f:76:e6:3e:49:75:70:7c:83:0f:16:82:03:18:
ac:f8:28:56:85:e8:7b:10:23:8d:f6:a6:4f:c0:1c:
7a:1e:e1:4c:90:3a:78:69:c2:6f:81:31:24:cf:d4:
4e:d2:9d:84:26:c6:bb:0d:2a:6e:d9:23:70:55:d8:
3d:41:15:1c:df:b5:84:72:3d:2e:8e:e9:1b:b0:67:
85:ca:da:2d:65:0a:9f:07:83:50:59:b1:ed:b4:25:
3e:e6:f5:7f:c8:34:ad:3c:2a:56:45:9b:19:ca:b0:
ef:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:5C:51:22:32:4D:B8:38:57:F4:06:44:3C:90:DF:5F:89:1C:ED:85
X509v3 Authority Key Identifier:
keyid:CC:65:32:64:9A:6A:EF:47:14:84:1B:9C:8F:54:66:0D:88:9B:06:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zGUyZJpq70cUhBucj1RmDYibBik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/YVxRIjJNuDhX9AZEPJDfX4kc7YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/310d34-f5d8-4e96-9b7c-648f501afae5/1/zGUyZJpq70cUhBucj1RmDYibBik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.145.0/24
Signature Algorithm: sha256WithRSAEncryption
89:91:a2:9b:c5:18:ee:98:92:eb:e3:5b:3d:e8:27:80:27:97:
dd:d8:98:0f:a3:84:d7:8a:fd:d6:4d:0e:e6:2d:2a:4b:b4:8a:
b5:ed:72:e7:8f:53:54:65:68:47:7e:91:45:cb:da:99:9b:c0:
43:7f:a4:a1:7b:fa:ae:ba:4b:ec:43:f5:62:d5:17:44:f0:cb:
42:2a:4a:f8:23:ed:f5:84:65:b1:95:17:d8:6a:f2:a4:40:0f:
dc:16:00:65:83:a1:eb:14:53:ce:24:3d:24:83:bd:39:61:90:
80:7c:b6:7b:5e:ba:bd:d4:51:c5:cc:b0:92:da:ca:66:9d:60:
17:5b:62:c9:10:b3:ce:eb:d6:f9:48:2e:47:b1:f5:ca:71:61:
36:fc:0c:61:a3:5d:a5:e6:21:d8:b4:20:ba:55:5b:b2:56:1b:
b4:a0:f2:3d:23:58:8a:61:5c:d7:56:cf:66:d3:f9:c4:d4:b3:
29:07:32:37:e4:25:f0:dc:68:f1:70:48:27:b0:1b:22:bb:28:
63:83:7b:a7:19:b5:93:5f:9e:14:22:b7:9d:78:22:c9:a4:5f:
83:d0:d2:e2:73:08:8f:08:9c:62:9e:d5:cc:5a:87:87:5c:71:
e8:d1:95:af:ed:71:e3:86:55:a8:27:ed:b6:72:81:9b:e2:28:
f3:c8:46:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXVG2DHI0swlXZNbAyXK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNjUzMjY0OWE2YWVmNDcxNDg0MWI5YzhmNTQ2NjBkODg5
YjA2MjkwHhcNMjMwMTAxMTcyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTVjNTEyMjMyNGRiODM4NTdmNDA2NDQzYzkwZGY1Zjg5MWNlZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJPIOnPQOOMRp169Db8861sye9gE
C4uSq3Qx4TgO6O8D2c+cSykpPgXQ2h3KjTClcIEIjG/5ZBQ7IH2yoIXQZ8C8acLX
PwnQEFNjczvOd1apnUJvV+T/NrYapjCtVcVqq68F6q9eGaoRcjdFmnNJhbfGhuJ7
sHtH68JTLnWLygC0AAsUCPP/4vWteueW1UZcn/4cENkkH3bmPkl1cHyDDxaCAxis
+ChWheh7ECON9qZPwBx6HuFMkDp4acJvgTEkz9RO0p2EJsa7DSpu2SNwVdg9QRUc
37WEcj0ujukbsGeFytotZQqfB4NQWbHttCU+5vV/yDStPCpWRZsZyrDv0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGFcUSIyTbg4V/QGRDyQ31+JHO2FMB8GA1UdIwQY
MBaAFMxlMmSaau9HFIQbnI9UZg2ImwYpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekdVeVpKcHE3MGNVaEJ1Y2oxUm1EWWliQmlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zMTBkMzQtZjVkOC00ZTk2LTliN2Mt
NjQ4ZjUwMWFmYWU1LzEvWVZ4UklqSk51RGhYOUFaRVBKRGZYNGtjN1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zMTBkMzQtZjVkOC00ZTk2LTliN2MtNjQ4ZjUwMWFmYWU1
LzEvekdVeVpKcHE3MGNVaEJ1Y2oxUm1EWWliQmlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qRMA0G
CSqGSIb3DQEBCwUAA4IBAQCJkaKbxRjumJLr41s96CeAJ5fd2JgPo4TXiv3WTQ7m
LSpLtIq17XLnj1NUZWhHfpFFy9qZm8BDf6She/quukvsQ/Vi1RdE8MtCKkr4I+31
hGWxlRfYavKkQA/cFgBlg6HrFFPOJD0kg705YZCAfLZ7Xrq91FHFzLCS2spmnWAX
W2LJELPO69b5SC5HsfXKcWE2/Axho12l5iHYtCC6VVuyVhu0oPI9I1iKYVzXVs9m
0/nE1LMpBzI35CXw3GjxcEgnsBsiuyhjg3unGbWTX54UIredeCLJpF+D0NLicwiP
CJxintXMWoeHXHHo0ZWv7XHjhlWoJ+22coGb4ijzyEY1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:06 2025 by rpki-client