Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/H147wybytH_I97aLypIA0-0gZFY.roa
File: H147wybytH_I97aLypIA0-0gZFY.roa (raw, json)
Hash identifier: ij/R607k4GGpA+fHm5heWDRy6QfPfhbTL+aK2J9O6gU=
Subject key identifier: 1F:5E:3B:C3:26:F2:B4:7F:C8:F7:B6:8B:CA:92:00:D3:ED:20:64:56
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 01856F9DCD3A4103517A0139E868EEC28276
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/H147wybytH_I97aLypIA0-0gZFY.roa
Signing time: Sun 01 Jan 2023 23:14:50 +0000
ROA not before: Sun 01 Jan 2023 23:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210987
IP address blocks: 195.230.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:cd:3a:41:03:51:7a:01:39:e8:68:ee:c2:82:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 1 23:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f5e3bc326f2b47fc8f7b68bca9200d3ed206456
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ee:1e:df:71:b9:ea:8f:f5:1d:da:0b:44:b5:
21:d1:31:64:28:96:f8:89:65:4d:ec:63:8e:83:ab:
0c:9c:4f:e8:8b:48:ae:bd:9f:59:49:cf:09:11:34:
f1:78:10:c5:f4:a3:f8:f9:eb:77:93:d1:26:f0:48:
e9:b5:b5:16:d0:4a:9b:4d:cf:17:29:37:b7:16:77:
ad:8d:67:51:43:2e:0d:53:c7:d3:19:0b:36:a2:1b:
96:51:48:4d:3b:ea:38:26:47:2b:91:34:b3:86:0c:
ea:9c:7b:07:16:1a:c6:d0:0a:97:40:78:00:a1:29:
36:3b:fc:2f:35:a2:61:11:fa:97:a0:7b:cf:d5:52:
1b:45:97:1d:c3:48:08:69:11:3a:53:df:67:e5:7c:
25:eb:b0:f4:c9:ac:4a:02:27:c2:4b:e5:42:e4:b2:
a4:a8:97:9f:5c:55:19:8f:18:08:14:eb:5f:af:ad:
c5:ea:e6:96:f3:55:32:b0:98:eb:79:71:63:84:d8:
10:55:13:cc:67:36:fd:cf:13:85:0e:bd:af:9f:cd:
a4:19:62:30:4a:2f:7b:e1:ed:ac:81:d6:9b:eb:28:
f1:01:5b:56:42:d9:fc:86:49:16:1a:f5:05:1d:e6:
71:4c:cf:f4:48:f6:d3:dc:1b:c1:b8:c3:a2:20:31:
d2:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:5E:3B:C3:26:F2:B4:7F:C8:F7:B6:8B:CA:92:00:D3:ED:20:64:56
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/H147wybytH_I97aLypIA0-0gZFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.136.0/24
Signature Algorithm: sha256WithRSAEncryption
28:ad:c5:8c:9d:b9:2f:92:17:0e:c3:9c:e1:69:7a:82:81:90:
d0:f9:4d:10:79:5e:ee:05:dc:d4:69:a1:04:a4:a4:8c:e4:7e:
f6:11:d3:4b:83:80:4c:01:5a:88:68:2b:f9:6d:9f:a1:76:b4:
4b:fd:28:f1:cb:20:87:0a:a1:b7:2f:89:a9:b6:49:ce:ea:bb:
a8:3f:1f:b4:20:91:66:c4:22:d3:ad:44:57:ea:e5:b5:7e:ea:
62:30:dd:8c:7e:f0:a4:2d:06:bc:b3:35:0e:cb:72:e4:8b:d7:
d6:de:0d:c5:71:8f:3e:3c:28:00:3c:6b:e4:30:71:f2:b6:bd:
35:7c:55:ab:36:1c:97:70:57:57:df:8c:3c:5e:e0:fa:1c:1f:
1c:52:83:bf:03:9e:9b:a9:01:86:15:bb:b1:ba:e8:54:79:d2:
43:45:81:fa:43:51:47:f7:4d:66:d5:65:a7:0e:86:ad:e6:4e:
f4:07:69:d6:ef:cf:05:d7:2f:eb:e4:74:77:f8:16:58:00:01:
17:78:99:10:16:98:e0:ca:8f:d3:4d:01:ea:85:52:3b:54:fd:
09:61:34:ab:92:92:49:57:4f:64:14:2e:4c:13:05:5a:60:18:
e1:aa:e7:f6:fc:c4:3e:cd:2e:92:11:5d:0e:85:ee:ab:67:07:
95:07:44:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvnc06QQNRegE56GjuwoJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNzhhNGE5YzUyMzI1YTg1OTIwODA5YmExYTRkODllMjFj
MDJmMTcwHhcNMjMwMTAxMjMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjVlM2JjMzI2ZjJiNDdmYzhmN2I2OGJjYTkyMDBkM2VkMjA2NDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO4e33G56o/1HdoLRLUh0TFkKJb4
iWVN7GOOg6sMnE/oi0iuvZ9ZSc8JETTxeBDF9KP4+et3k9Em8EjptbUW0EqbTc8X
KTe3FnetjWdRQy4NU8fTGQs2ohuWUUhNO+o4JkcrkTSzhgzqnHsHFhrG0AqXQHgA
oSk2O/wvNaJhEfqXoHvP1VIbRZcdw0gIaRE6U99n5Xwl67D0yaxKAifCS+VC5LKk
qJefXFUZjxgIFOtfr63F6uaW81UysJjreXFjhNgQVRPMZzb9zxOFDr2vn82kGWIw
Si974e2sgdab6yjxAVtWQtn8hkkWGvUFHeZxTM/0SPbT3BvBuMOiIDHSxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9eO8Mm8rR/yPe2i8qSANPtIGRWMB8GA1UdIwQY
MBaAFCN4pKnFIyWoWSCAm6Gk2J4hwC8XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmIt
OTM3ZTI3ZWUxYjViLzEvSDE0N3d5Ynl0SF9JOTdhTHlwSUEwLTBnWkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9kNjU0YmUtMTc0ZS00MWY3LTljZmItOTM3ZTI3ZWUxYjVi
LzEvSTNpa3FjVWpKYWhaSUlDYm9hVFluaUhBTHhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+aIMA0G
CSqGSIb3DQEBCwUAA4IBAQAorcWMnbkvkhcOw5zhaXqCgZDQ+U0QeV7uBdzUaaEE
pKSM5H72EdNLg4BMAVqIaCv5bZ+hdrRL/SjxyyCHCqG3L4mptknO6ruoPx+0IJFm
xCLTrURX6uW1fupiMN2MfvCkLQa8szUOy3Lki9fW3g3FcY8+PCgAPGvkMHHytr01
fFWrNhyXcFdX34w8XuD6HB8cUoO/A56bqQGGFbuxuuhUedJDRYH6Q1FH901m1WWn
Doat5k70B2nW788F1y/r5HR3+BZYAAEXeJkQFpjgyo/TTQHqhVI7VP0JYTSrkpJJ
V09kFC5MEwVaYBjhquf2/MQ+zS6SEV0Ohe6rZweVB0Ro
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:15:54 2025 by rpki-client