Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/J23WF6adtGDtfIRC9JriRrJg6ZE.roa
File: J23WF6adtGDtfIRC9JriRrJg6ZE.roa (raw, json)
Hash identifier: DTTRhgt8T8iN5MAFdso6mNcoGo9XxYwqPrhwn7erzus=
Subject key identifier: 27:6D:D6:17:A6:9D:B4:60:ED:7C:84:42:F4:9A:E2:46:B2:60:E9:91
Certificate issuer: /CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Certificate serial: 018ABCE19E272C20196FEC2CE38600771039
Authority key identifier: 08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/J23WF6adtGDtfIRC9JriRrJg6ZE.roa
Signing time: Fri 22 Sep 2023 12:33:37 +0000
ROA not before: Fri 22 Sep 2023 12:33:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201507
IP address blocks: 195.137.221.0/24 maxlen: 24
2a13:2440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:bc:e1:9e:27:2c:20:19:6f:ec:2c:e3:86:00:77:10:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Validity
Not Before: Sep 22 12:33:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=276dd617a69db460ed7c8442f49ae246b260e991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4d:6e:8b:a7:7f:76:36:43:a2:d3:55:b9:e3:
91:08:1f:53:c3:14:b1:7f:cb:b7:6f:55:86:dd:af:
1d:9a:90:c4:c6:f5:66:2e:5d:7f:45:42:8b:27:c6:
d7:a1:ef:de:9b:df:23:4c:b3:f2:ee:34:14:8c:35:
14:f3:84:f7:67:01:4b:d0:aa:fa:aa:8b:fe:f6:b8:
6b:aa:af:8a:9a:31:26:b9:71:4a:1f:90:c2:f0:cc:
5d:4f:90:f0:53:98:83:97:39:a8:f9:ac:c9:5d:ab:
69:86:e8:e4:71:1f:eb:ec:61:e8:10:d2:f5:5f:de:
ae:6c:74:87:eb:82:2d:92:ca:bc:75:cf:68:76:8f:
1a:72:86:55:6c:03:d8:3c:18:9d:eb:99:8a:cd:77:
9c:80:89:eb:b8:cc:dd:a5:b4:f6:d1:a1:be:95:fb:
a5:04:0e:19:a6:fb:0a:44:d5:3d:a7:e2:ee:0a:0d:
84:6e:a8:94:0e:d5:dd:30:38:b0:36:2a:c3:55:61:
3b:24:03:cf:94:a6:09:40:29:16:db:8e:57:0e:2f:
51:fd:dc:74:f7:f4:e9:06:2f:2c:9e:3b:c2:29:07:
08:e6:f4:78:f1:c0:63:14:7b:25:f0:d2:a0:86:1d:
c5:52:b6:ce:f2:14:ff:e7:89:b2:14:87:b0:6e:74:
ac:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6D:D6:17:A6:9D:B4:60:ED:7C:84:42:F4:9A:E2:46:B2:60:E9:91
X509v3 Authority Key Identifier:
keyid:08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/J23WF6adtGDtfIRC9JriRrJg6ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.221.0/24
IPv6:
2a13:2440::/29
Signature Algorithm: sha256WithRSAEncryption
2a:1c:c9:35:1e:09:a6:c5:df:b7:bc:74:48:c1:97:44:dd:93:
87:72:48:a9:45:a5:95:30:e2:49:2f:e3:95:b2:42:18:08:a5:
f8:f5:57:06:58:4c:87:78:b1:0b:e8:c3:2b:36:53:a4:8c:3c:
c9:79:38:15:67:3f:ee:3b:c4:e4:0c:a2:8b:67:46:7c:5f:df:
f5:9c:04:6e:6e:20:25:dd:5d:a7:48:cf:b9:7e:d6:da:1d:e8:
66:53:8d:06:fb:f1:77:57:4d:17:a6:ab:6f:73:46:01:58:00:
65:e6:bc:cb:04:89:d8:2a:4f:7e:55:14:b1:11:0b:43:1d:9e:
87:f4:f4:66:42:85:e6:76:b1:b7:ca:b2:6e:ab:76:a4:18:5f:
64:2e:b3:bc:53:0a:46:17:39:a2:e4:9e:7b:26:11:b7:f9:3f:
f5:fa:88:64:d6:25:85:43:d6:c2:ba:d7:43:8c:8f:19:c4:2c:
72:33:9c:8b:c1:66:5f:f2:94:fa:a7:5c:64:fe:59:66:44:fc:
1b:8d:2a:38:44:53:6a:aa:2d:a4:02:0b:6a:f0:d2:40:28:55:
1e:75:f6:8e:63:1f:a1:af:4e:38:bd:24:d5:4f:93:bd:63:44:
3e:17:6c:7d:4e:4a:58:71:9f:e7:db:ac:78:a9:8f:b0:e0:57:
a7:6b:94:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYq84Z4nLCAZb+ws44YAdxA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWM4YzdmMzM0MDUzYzhhOTBhMzQwODAwOWVmM2QzYjdh
ODJlM2QwHhcNMjMwOTIyMTIzMzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzZkZDYxN2E2OWRiNDYwZWQ3Yzg0NDJmNDlhZTI0NmIyNjBlOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjU1ui6d/djZDotNVueORCB9TwxSx
f8u3b1WG3a8dmpDExvVmLl1/RUKLJ8bXoe/em98jTLPy7jQUjDUU84T3ZwFL0Kr6
qov+9rhrqq+KmjEmuXFKH5DC8MxdT5DwU5iDlzmo+azJXatphujkcR/r7GHoENL1
X96ubHSH64Itksq8dc9odo8acoZVbAPYPBid65mKzXecgInruMzdpbT20aG+lful
BA4ZpvsKRNU9p+LuCg2EbqiUDtXdMDiwNirDVWE7JAPPlKYJQCkW245XDi9R/dx0
9/TpBi8snjvCKQcI5vR48cBjFHsl8NKghh3FUrbO8hT/54myFIewbnSsWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCdt1hemnbRg7XyEQvSa4kayYOmRMB8GA1UdIwQY
MBaAFAicjH8zQFPIqQo0CACe89O3qC49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYt
NmY3MDA5YmVlOTE1LzEvSjIzV0Y2YWR0R0R0ZklSQzlKcmlSckpnNlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYtNmY3MDA5YmVlOTE1
LzEvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw4ndMA0E
AgACMAcDBQMqEyRAMA0GCSqGSIb3DQEBCwUAA4IBAQAqHMk1Hgmmxd+3vHRIwZdE
3ZOHckipRaWVMOJJL+OVskIYCKX49VcGWEyHeLEL6MMrNlOkjDzJeTgVZz/uO8Tk
DKKLZ0Z8X9/1nARubiAl3V2nSM+5ftbaHehmU40G+/F3V00Xpqtvc0YBWABl5rzL
BInYKk9+VRSxEQtDHZ6H9PRmQoXmdrG3yrJuq3akGF9kLrO8UwpGFzmi5J57JhG3
+T/1+ohk1iWFQ9bCutdDjI8ZxCxyM5yLwWZf8pT6p1xk/llmRPwbjSo4RFNqqi2k
Agtq8NJAKFUedfaOYx+hr044vSTVT5O9Y0Q+F2x9TkpYcZ/n26x4qY+w4Fena5SC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:00 2025 by rpki-client