Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/aFqj9rmqbA6Wfy6WXpdlFPEoScA.roa
File: aFqj9rmqbA6Wfy6WXpdlFPEoScA.roa (raw, json)
Hash identifier: EMa+EJypuFMbOPya+z2oPB42VvGwil+rn68qLZaNIQY=
Subject key identifier: 68:5A:A3:F6:B9:AA:6C:0E:96:7F:2E:96:5E:97:65:14:F1:28:49:C0
Certificate issuer: /CN=77bdd75f2efc244f86a321b150e62936a14029db
Certificate serial: 018572FA61D0AFB7D9D241DD5B2DBE12D41E
Authority key identifier: 77:BD:D7:5F:2E:FC:24:4F:86:A3:21:B1:50:E6:29:36:A1:40:29:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d73XXy78JE-GoyGxUOYpNqFAKds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/aFqj9rmqbA6Wfy6WXpdlFPEoScA.roa
Signing time: Mon 02 Jan 2023 14:54:49 +0000
ROA not before: Mon 02 Jan 2023 14:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 195.234.155.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:fa:61:d0:af:b7:d9:d2:41:dd:5b:2d:be:12:d4:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77bdd75f2efc244f86a321b150e62936a14029db
Validity
Not Before: Jan 2 14:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=685aa3f6b9aa6c0e967f2e965e976514f12849c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f5:c6:89:f8:da:a2:20:bf:e6:b2:1f:26:26:
dc:84:43:65:1a:4a:e4:c8:5f:30:47:31:b8:34:1c:
3b:3a:99:1c:b8:cd:29:b4:66:f3:6a:61:74:6a:a8:
4b:f5:41:5e:57:fc:32:91:b9:9a:3e:ea:d3:e1:a7:
8d:21:03:e1:2d:55:f8:e0:f9:3d:98:06:0b:ca:d3:
bc:0d:9a:1e:95:99:e8:90:c6:8f:91:f5:f6:9e:32:
b3:b5:e3:84:c3:71:c1:4b:89:31:ed:7e:79:a1:8c:
71:0a:d6:23:ca:86:fc:ac:bb:07:63:38:77:fe:59:
3c:cd:af:70:0e:77:46:37:a7:17:fa:c9:96:0e:63:
30:49:59:9a:32:b2:40:44:4f:09:1c:bf:09:6d:d7:
d8:e3:67:54:b0:41:f5:8d:82:e7:80:aa:28:96:aa:
8d:94:28:63:fa:09:8b:e1:4a:ae:14:21:a5:de:fd:
6b:b2:6c:f8:b9:cb:3c:62:c3:ed:7d:bf:44:00:b0:
45:5f:a9:a0:96:07:2a:b8:4b:ef:14:f0:a9:04:c5:
1a:fe:77:20:94:49:ba:15:88:a1:bb:27:b0:57:3a:
97:57:11:a6:31:98:61:a6:60:35:bb:87:e9:de:93:
18:53:52:ab:43:ee:a9:1d:95:35:88:2b:2f:4d:81:
0d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5A:A3:F6:B9:AA:6C:0E:96:7F:2E:96:5E:97:65:14:F1:28:49:C0
X509v3 Authority Key Identifier:
keyid:77:BD:D7:5F:2E:FC:24:4F:86:A3:21:B1:50:E6:29:36:A1:40:29:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d73XXy78JE-GoyGxUOYpNqFAKds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/aFqj9rmqbA6Wfy6WXpdlFPEoScA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/26a34e-2094-4e76-a1ea-1dedbe7b5baf/1/d73XXy78JE-GoyGxUOYpNqFAKds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.155.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:29:cf:94:4f:97:89:a1:c7:00:ce:a5:d2:78:48:7c:46:59:
ea:77:b1:ac:ed:36:a8:0d:5f:3d:ef:36:89:cb:41:35:33:a0:
e6:ff:61:14:df:30:22:cd:ff:fa:cb:b8:dc:7e:02:89:94:d3:
12:71:ee:ea:91:e5:5f:6f:a8:8f:71:3c:44:3f:9b:e1:88:cd:
84:b9:6c:e0:6b:f3:2d:a6:17:06:e1:78:96:a2:3c:f3:ae:27:
ea:65:c9:a0:5f:24:02:af:f5:7a:5c:a8:2a:f8:59:4c:97:f6:
c9:18:dc:a6:f9:69:aa:fd:af:7d:cf:74:ed:f6:cf:20:35:66:
fc:bc:7e:0b:1c:0f:50:66:35:d5:ac:00:8f:ce:ca:9c:81:75:
ab:ad:cd:6a:4a:98:36:a8:94:c3:f5:bf:89:72:ab:e3:7a:27:
01:3e:81:75:62:93:9e:cf:b6:ed:e5:e3:f1:0a:54:a9:cc:8d:
8e:ba:29:99:9c:f8:e6:44:0c:de:3d:01:67:27:45:7f:f0:79:
87:43:42:7a:e4:74:b1:86:84:fd:eb:a7:47:3a:ea:13:41:c8:
af:2c:2e:94:82:df:54:d9:34:8c:30:14:68:9c:88:83:d3:6d:
2e:af:48:90:3d:0d:a9:5a:a4:a8:80:66:8c:9e:7c:40:f4:21:
b2:07:45:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVy+mHQr7fZ0kHdWy2+EtQeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmRkNzVmMmVmYzI0NGY4NmEzMjFiMTUwZTYyOTM2YTE0
MDI5ZGIwHhcNMjMwMTAyMTQ1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODVhYTNmNmI5YWE2YzBlOTY3ZjJlOTY1ZTk3NjUxNGYxMjg0OWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfXGifjaoiC/5rIfJibchENlGkrk
yF8wRzG4NBw7OpkcuM0ptGbzamF0aqhL9UFeV/wykbmaPurT4aeNIQPhLVX44Pk9
mAYLytO8DZoelZnokMaPkfX2njKzteOEw3HBS4kx7X55oYxxCtYjyob8rLsHYzh3
/lk8za9wDndGN6cX+smWDmMwSVmaMrJARE8JHL8JbdfY42dUsEH1jYLngKoolqqN
lChj+gmL4UquFCGl3v1rsmz4ucs8YsPtfb9EALBFX6mglgcquEvvFPCpBMUa/ncg
lEm6FYihuyewVzqXVxGmMZhhpmA1u4fp3pMYU1KrQ+6pHZU1iCsvTYENeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGhao/a5qmwOln8ull6XZRTxKEnAMB8GA1UdIwQY
MBaAFHe9118u/CRPhqMhsVDmKTahQCnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDczWFh5NzhKRS1Hb3lHeFVPWXBOcUZBS2RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8yNmEzNGUtMjA5NC00ZTc2LWExZWEt
MWRlZGJlN2I1YmFmLzEvYUZxajlybXFiQTZXZnk2V1hwZGxGUEVvU2NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8yNmEzNGUtMjA5NC00ZTc2LWExZWEtMWRlZGJlN2I1YmFm
LzEvZDczWFh5NzhKRS1Hb3lHeFVPWXBOcUZBS2RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+qbMA0G
CSqGSIb3DQEBCwUAA4IBAQBfKc+UT5eJoccAzqXSeEh8Rlnqd7Gs7TaoDV897zaJ
y0E1M6Dm/2EU3zAizf/6y7jcfgKJlNMSce7qkeVfb6iPcTxEP5vhiM2EuWzga/Mt
phcG4XiWojzzrifqZcmgXyQCr/V6XKgq+FlMl/bJGNym+Wmq/a99z3Tt9s8gNWb8
vH4LHA9QZjXVrACPzsqcgXWrrc1qSpg2qJTD9b+JcqvjeicBPoF1YpOez7bt5ePx
ClSpzI2OuimZnPjmRAzePQFnJ0V/8HmHQ0J65HSxhoT966dHOuoTQcivLC6Ugt9U
2TSMMBRonIiD020ur0iQPQ2pWqSogGaMnnxA9CGyB0UJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:25:58 2025 by rpki-client