Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/6c5cd2-1920-4564-bc2c-94177f8d877c/1/eHzrrvzZDC5LNJCxd1BHuQ_t5a4.roa
File: eHzrrvzZDC5LNJCxd1BHuQ_t5a4.roa (raw, json)
Hash identifier: UQnEGTwTThIZOqqzVW/9NAIRtj89ufCYJCa34U5pF7U=
Subject key identifier: 78:7C:EB:AE:FC:D9:0C:2E:4B:34:90:B1:77:50:47:B9:0F:ED:E5:AE
Certificate issuer: /CN=6a937d95aebbbe62b90f24dea4d663170a6659ec
Certificate serial: B44E
Authority key identifier: 6A:93:7D:95:AE:BB:BE:62:B9:0F:24:DE:A4:D6:63:17:0A:66:59:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/apN9la67vmK5DyTepNZjFwpmWew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/6c5cd2-1920-4564-bc2c-94177f8d877c/1/eHzrrvzZDC5LNJCxd1BHuQ_t5a4.roa
Signing time: Wed 04 May 2022 16:55:33 +0000
ROA not before: Wed 04 May 2022 16:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29210
IP address blocks: 195.69.122.0/24 maxlen: 24
195.69.120.0/22 maxlen: 22
195.69.123.0/24 maxlen: 24
195.69.120.0/24 maxlen: 24
195.69.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46158 (0xb44e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a937d95aebbbe62b90f24dea4d663170a6659ec
Validity
Not Before: May 4 16:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=787cebaefcd90c2e4b3490b1775047b90fede5ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:bd:87:4a:bc:c1:73:98:ce:78:f8:c8:f5:02:
ef:73:7f:b3:ea:6f:67:d9:7d:d3:fc:99:4b:b6:b0:
16:74:a3:18:f8:b4:7b:91:69:3d:47:ee:1b:95:cb:
7c:c1:64:00:6b:70:30:c2:a3:74:87:9c:37:30:2a:
57:bf:40:6a:1c:5a:bb:b7:0a:d6:49:6b:60:50:3e:
50:17:f1:4c:f8:5f:3f:9f:a4:29:ba:4e:1e:a6:ba:
8f:d8:66:6a:9a:57:e0:34:f1:1f:16:79:d6:4e:18:
93:11:ef:5c:37:ba:e9:fc:24:92:fe:f8:bb:c9:de:
c8:c5:07:b1:7c:c5:3f:58:f8:81:e0:f5:8a:a0:af:
ac:1d:51:9f:25:14:a7:0c:e0:8f:a9:3a:2f:29:13:
8b:f2:6b:98:f3:b7:85:e4:75:6b:36:f0:ec:d1:c8:
8e:b9:7d:c0:a9:63:80:7e:fe:ae:e1:88:67:c8:fa:
0e:eb:7d:31:a8:dc:23:3b:3d:b9:a0:22:fd:9a:91:
42:bf:75:d1:18:79:c8:9e:a8:b4:cb:5f:b2:4b:ae:
f1:39:52:a4:77:aa:40:e6:0a:f3:b7:72:34:1e:d4:
71:99:16:80:29:86:0e:20:e2:99:9f:42:92:97:6c:
b0:8c:e9:d6:a5:89:36:03:e2:4f:2c:55:99:06:c4:
34:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:7C:EB:AE:FC:D9:0C:2E:4B:34:90:B1:77:50:47:B9:0F:ED:E5:AE
X509v3 Authority Key Identifier:
keyid:6A:93:7D:95:AE:BB:BE:62:B9:0F:24:DE:A4:D6:63:17:0A:66:59:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/apN9la67vmK5DyTepNZjFwpmWew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6c5cd2-1920-4564-bc2c-94177f8d877c/1/eHzrrvzZDC5LNJCxd1BHuQ_t5a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/6c5cd2-1920-4564-bc2c-94177f8d877c/1/apN9la67vmK5DyTepNZjFwpmWew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.69.120.0/22
Signature Algorithm: sha256WithRSAEncryption
39:0f:da:40:74:47:12:9f:a4:02:5d:cc:0a:1d:bb:80:12:b7:
02:f8:61:81:f2:ca:d6:81:14:31:5e:ee:0d:8b:26:a8:79:0c:
5e:90:68:75:8f:21:55:ab:b0:4c:ce:79:93:ae:ec:de:69:9d:
c9:cc:f9:e9:61:ea:14:e7:c4:1d:b7:46:6d:e6:c6:77:da:5a:
4a:af:3d:6a:2d:f9:e2:dd:a1:26:6a:13:13:d8:68:a6:4a:bb:
dd:dc:8e:30:ed:a9:64:52:ff:82:90:96:e5:96:92:cd:4b:8e:
47:d4:e9:d2:b5:3c:ff:3e:db:61:fd:9c:a5:4d:57:79:70:b0:
f1:e3:c2:e9:42:8b:fd:49:8d:a5:4b:ca:1a:8f:f4:ef:06:d9:
82:6d:05:7d:9e:7a:f3:df:5f:ac:b3:4a:4b:3d:1b:88:2d:a2:
ea:56:77:f7:36:e6:b3:c5:fb:30:bd:e3:ba:87:ec:31:99:b8:
ab:63:18:bc:87:d2:ad:03:39:52:5e:3c:30:00:5b:48:89:16:
7a:0e:91:bd:8b:1e:7d:43:07:f4:bf:9b:3b:0d:c2:7b:93:80:
d9:e2:2b:4c:8d:88:3d:12:44:92:2a:28:7e:84:77:e4:33:b8:
f7:f9:f5:63:6f:74:44:08:28:97:9a:4d:18:4a:df:8a:39:c0:
88:f2:31:11
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDALROMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZh
OTM3ZDk1YWViYmJlNjJiOTBmMjRkZWE0ZDY2MzE3MGE2NjU5ZWMwHhcNMjIwNTA0
MTY1NTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3ODdjZWJhZWZjZDkw
YzJlNGIzNDkwYjE3NzUwNDdiOTBmZWRlNWFlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlb2HSrzBc5jOePjI9QLvc3+z6m9n2X3T/JlLtrAWdKMY+LR7
kWk9R+4blct8wWQAa3AwwqN0h5w3MCpXv0BqHFq7twrWSWtgUD5QF/FM+F8/n6Qp
uk4eprqP2GZqmlfgNPEfFnnWThiTEe9cN7rp/CSS/vi7yd7IxQexfMU/WPiB4PWK
oK+sHVGfJRSnDOCPqTovKROL8muY87eF5HVrNvDs0ciOuX3AqWOAfv6u4YhnyPoO
630xqNwjOz25oCL9mpFCv3XRGHnInqi0y1+yS67xOVKkd6pA5grzt3I0HtRxmRaA
KYYOIOKZn0KSl2ywjOnWpYk2A+JPLFWZBsQ0mQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFHh866782QwuSzSQsXdQR7kP7eWuMB8GA1UdIwQYMBaAFGqTfZWuu75iuQ8k
3qTWYxcKZlnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
YXBOOWxhNjd2bUs1RHlUZXBOWmpGd3BtV2V3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84ZS82YzVjZDItMTkyMC00NTY0LWJjMmMtOTQxNzdmOGQ4NzdjLzEv
ZUh6cnJ2elpEQzVMTkpDeGQxQkh1UV90NWE0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS82
YzVjZDItMTkyMC00NTY0LWJjMmMtOTQxNzdmOGQ4NzdjLzEvYXBOOWxhNjd2bUs1
RHlUZXBOWmpGd3BtV2V3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw0V4MA0GCSqGSIb3DQEBCwUAA4IB
AQA5D9pAdEcSn6QCXcwKHbuAErcC+GGB8srWgRQxXu4NiyaoeQxekGh1jyFVq7BM
znmTruzeaZ3JzPnpYeoU58Qdt0Zt5sZ32lpKrz1qLfni3aEmahMT2GimSrvd3I4w
7alkUv+CkJbllpLNS45H1OnStTz/Ptth/ZylTVd5cLDx48LpQov9SY2lS8oaj/Tv
BtmCbQV9nnrz31+ss0pLPRuILaLqVnf3NuazxfswveO6h+wxmbirYxi8h9KtAzlS
XjwwAFtIiRZ6DpG9ix59Qwf0v5s7DcJ7k4DZ4itMjYg9EkSSKih+hHfkM7j3+fVj
b3RECCiXmk0YSt+KOcCI8jER
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:25:19 2025 by rpki-client