Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/CTyof1lSB5eQeCw40L7FrZig188.roa
File: CTyof1lSB5eQeCw40L7FrZig188.roa (raw, json)
Hash identifier: CC5FF2jut2bTnG/Tcb0WHhvawm3L4HxzYbH/neOifrI=
Subject key identifier: 09:3C:A8:7F:59:52:07:97:90:78:2C:38:D0:BE:C5:AD:98:A0:D7:CF
Certificate issuer: /CN=88a94a4140e19b32063fc6e779f59314a74a0c51
Certificate serial: 018572B3F953FBE37AA5370060851313C507
Authority key identifier: 88:A9:4A:41:40:E1:9B:32:06:3F:C6:E7:79:F5:93:14:A7:4A:0C:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iKlKQUDhmzIGP8bnefWTFKdKDFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/CTyof1lSB5eQeCw40L7FrZig188.roa
Signing time: Mon 02 Jan 2023 13:37:55 +0000
ROA not before: Mon 02 Jan 2023 13:37:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44018
IP address blocks: 195.8.122.0/23 maxlen: 24
195.8.121.0/24 maxlen: 24
2001:67c:2590::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b3:f9:53:fb:e3:7a:a5:37:00:60:85:13:13:c5:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88a94a4140e19b32063fc6e779f59314a74a0c51
Validity
Not Before: Jan 2 13:37:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=093ca87f5952079790782c38d0bec5ad98a0d7cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9a:9c:1d:ef:41:ef:58:7a:18:5d:ac:e3:41:
35:0c:21:85:74:a1:e7:30:1e:00:f0:d7:b7:94:4f:
cb:a2:46:9b:a4:9c:65:fd:80:13:0a:6b:3b:27:ad:
79:aa:42:fc:6a:5c:5e:27:d8:2b:7c:94:69:81:0e:
84:68:f5:5c:84:0e:1b:1b:14:04:f8:42:e9:ef:ef:
82:4b:95:1f:07:01:1f:b9:00:16:8c:1e:63:08:65:
f7:e2:d2:f9:68:05:b6:7c:5e:e1:c9:74:f8:82:44:
22:ff:dd:57:50:57:33:d1:fd:57:3e:fa:87:92:65:
54:86:8f:30:f6:da:f3:70:87:7f:9b:ac:7c:d2:63:
0d:26:14:b3:6f:66:7a:a8:66:ac:fa:77:b0:79:1b:
a0:c8:f3:57:c8:b6:86:23:65:0f:1e:0b:9e:ef:d6:
1e:73:7e:02:05:8d:32:73:ef:e8:29:b6:e2:3e:1e:
27:e4:e8:3b:69:d4:fe:03:d7:02:6e:ce:8e:fb:a2:
bf:10:79:eb:cf:a7:62:6d:00:60:6f:10:eb:2d:19:
ad:82:69:65:65:54:a3:e6:c3:60:09:2e:05:45:a9:
fb:b2:1e:5f:d9:c6:4a:68:f8:c1:b3:67:7c:1b:b0:
a6:34:b7:aa:5b:96:3f:f2:c4:98:3c:50:55:8e:f2:
cb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:3C:A8:7F:59:52:07:97:90:78:2C:38:D0:BE:C5:AD:98:A0:D7:CF
X509v3 Authority Key Identifier:
keyid:88:A9:4A:41:40:E1:9B:32:06:3F:C6:E7:79:F5:93:14:A7:4A:0C:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iKlKQUDhmzIGP8bnefWTFKdKDFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/CTyof1lSB5eQeCw40L7FrZig188.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/61ccd4-e053-45e0-b635-7fea066f0b96/1/iKlKQUDhmzIGP8bnefWTFKdKDFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.121.0-195.8.123.255
IPv6:
2001:67c:2590::/48
Signature Algorithm: sha256WithRSAEncryption
1f:85:4b:8e:f1:6b:77:39:3f:c7:7d:f4:c6:74:c0:26:0a:95:
61:16:e2:f6:9e:9a:3a:1a:0e:c5:d3:5d:9b:d7:3d:1b:c3:c0:
31:91:36:c2:5f:65:4b:01:44:2f:7e:7c:56:8f:5c:70:f0:d2:
0a:4c:05:72:cd:57:26:3e:d3:95:2b:66:e8:a6:a6:85:a4:be:
95:f1:e6:b3:0f:57:2a:b2:ba:17:32:17:25:5d:f4:3d:bd:22:
c9:f8:e0:ba:0a:c7:fe:56:75:86:b8:6e:79:d7:91:93:c6:e2:
81:29:3c:20:b1:c3:15:51:e7:70:6d:2a:87:95:3c:28:ac:19:
87:be:f2:e6:37:ec:0b:3e:05:d6:51:a7:73:7c:e7:b1:07:b7:
05:17:5e:73:71:04:50:a5:86:25:df:43:ae:65:24:d7:1f:61:
45:1f:92:89:5e:d4:ff:31:9c:08:00:2b:d9:93:d7:2a:36:67:
9b:41:31:a4:d1:da:f6:27:76:96:2b:35:da:8c:cd:10:aa:91:
72:4d:5c:ac:a4:59:c6:68:f6:2d:e9:42:c5:2f:c9:3e:1a:23:
ca:fc:95:a2:e2:ee:2e:6b:d3:65:7d:69:75:a8:e2:b6:55:d1:
fa:5a:a1:f5:ba:0f:7d:2b:5b:f2:a9:88:d7:7d:f3:21:df:22:
e7:d2:d8:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYVys/lT++N6pTcAYIUTE8UHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YTk0YTQxNDBlMTliMzIwNjNmYzZlNzc5ZjU5MzE0YTc0
YTBjNTEwHhcNMjMwMTAyMTMzNzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTNjYTg3ZjU5NTIwNzk3OTA3ODJjMzhkMGJlYzVhZDk4YTBkN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJqcHe9B71h6GF2s40E1DCGFdKHn
MB4A8Ne3lE/LokabpJxl/YATCms7J615qkL8alxeJ9grfJRpgQ6EaPVchA4bGxQE
+ELp7++CS5UfBwEfuQAWjB5jCGX34tL5aAW2fF7hyXT4gkQi/91XUFcz0f1XPvqH
kmVUho8w9trzcId/m6x80mMNJhSzb2Z6qGas+neweRugyPNXyLaGI2UPHgue79Ye
c34CBY0yc+/oKbbiPh4n5Og7adT+A9cCbs6O+6K/EHnrz6dibQBgbxDrLRmtgmll
ZVSj5sNgCS4FRan7sh5f2cZKaPjBs2d8G7CmNLeqW5Y/8sSYPFBVjvLLCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAk8qH9ZUgeXkHgsONC+xa2YoNfPMB8GA1UdIwQY
MBaAFIipSkFA4ZsyBj/G53n1kxSnSgxRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUtsS1FVRGhteklHUDhibmVmV1RGS2RLREZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS82MWNjZDQtZTA1My00NWUwLWI2MzUt
N2ZlYTA2NmYwYjk2LzEvQ1R5b2YxbFNCNWVRZUN3NDBMN0ZyWmlnMTg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS82MWNjZDQtZTA1My00NWUwLWI2MzUtN2ZlYTA2NmYwYjk2
LzEvaUtsS1FVRGhteklHUDhibmVmV1RGS2RLREZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBADDCHkD
BALDCHgwDwQCAAIwCQMHACABBnwlkDANBgkqhkiG9w0BAQsFAAOCAQEAH4VLjvFr
dzk/x330xnTAJgqVYRbi9p6aOhoOxdNdm9c9G8PAMZE2wl9lSwFEL358Vo9ccPDS
CkwFcs1XJj7TlStm6KamhaS+lfHmsw9XKrK6FzIXJV30Pb0iyfjgugrH/lZ1hrhu
edeRk8bigSk8ILHDFVHncG0qh5U8KKwZh77y5jfsCz4F1lGnc3znsQe3BRdec3EE
UKWGJd9DrmUk1x9hRR+SiV7U/zGcCAAr2ZPXKjZnm0ExpNHa9id2lis12ozNEKqR
ck1crKRZxmj2LelCxS/JPhojyvyVouLuLmvTZX1pdajitlXR+lqh9boPfStb8qmI
133zId8i59LYdw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:56 2025 by rpki-client