Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/34e91f-a8a9-4937-9fb5-7a01bddd6560/1/RKOKSwrPU64ks60aP45MSuTz7PE.roa
File: RKOKSwrPU64ks60aP45MSuTz7PE.roa (raw, json)
Hash identifier: tUxyWOLNxs0Efjf6fWRv1/PICQGD4eWVC/PINKP4Xfo=
Subject key identifier: 44:A3:8A:4B:0A:CF:53:AE:24:B3:AD:1A:3F:8E:4C:4A:E4:F3:EC:F1
Certificate issuer: /CN=99d35619ed210be0ac29d170a2bb5cd7455693bc
Certificate serial: 01856C5CA238A805B949D4541A37260E075E
Authority key identifier: 99:D3:56:19:ED:21:0B:E0:AC:29:D1:70:A2:BB:5C:D7:45:56:93:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdNWGe0hC-CsKdFwortc10VWk7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/34e91f-a8a9-4937-9fb5-7a01bddd6560/1/RKOKSwrPU64ks60aP45MSuTz7PE.roa
Signing time: Sun 01 Jan 2023 08:04:48 +0000
ROA not before: Sun 01 Jan 2023 08:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60798
IP address blocks: 195.39.202.0/23 maxlen: 24
195.39.194.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:a2:38:a8:05:b9:49:d4:54:1a:37:26:0e:07:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d35619ed210be0ac29d170a2bb5cd7455693bc
Validity
Not Before: Jan 1 08:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44a38a4b0acf53ae24b3ad1a3f8e4c4ae4f3ecf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:38:3f:b0:77:7f:1a:4b:40:35:d7:4b:8e:fa:
bf:9a:cb:3d:d9:21:10:54:ce:f1:33:7a:d4:b2:45:
63:0f:57:9f:be:c8:b2:4a:7c:f7:f7:8c:4b:09:ca:
9a:95:d4:c0:76:db:86:c8:d7:bb:83:e0:0e:47:85:
9d:d7:16:44:9b:a7:d2:09:a1:eb:4f:cc:67:ec:05:
3c:b7:99:d2:b5:90:be:a8:e2:fc:22:8d:45:da:3a:
66:20:a3:d0:c0:81:3f:a1:63:1b:fd:34:e1:f7:ca:
5f:a4:d3:65:a9:6b:52:32:e9:5d:ad:82:2e:cc:a3:
05:73:f5:8c:1b:3d:a2:f1:90:ef:c9:d9:11:c0:3a:
77:09:8c:1c:a2:75:ee:39:c2:41:94:6f:4d:00:e2:
d3:a3:47:04:0f:60:d0:bb:66:ac:75:5c:18:52:89:
e0:de:95:c5:ea:8c:95:f5:fb:3d:86:aa:90:8d:e8:
ce:42:6e:33:5a:c5:c2:31:bc:02:68:65:dd:55:ef:
13:5f:b5:4a:b5:c9:ee:26:3b:55:3c:98:6e:a3:53:
c6:8f:17:b7:e2:01:ad:1d:45:40:63:d3:d0:ae:ee:
9d:d3:76:f2:71:96:69:c0:11:9b:cf:4e:1e:bc:c6:
43:63:59:df:9d:15:b0:9f:0f:af:50:22:54:8c:d5:
e3:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A3:8A:4B:0A:CF:53:AE:24:B3:AD:1A:3F:8E:4C:4A:E4:F3:EC:F1
X509v3 Authority Key Identifier:
keyid:99:D3:56:19:ED:21:0B:E0:AC:29:D1:70:A2:BB:5C:D7:45:56:93:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdNWGe0hC-CsKdFwortc10VWk7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/34e91f-a8a9-4937-9fb5-7a01bddd6560/1/RKOKSwrPU64ks60aP45MSuTz7PE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/34e91f-a8a9-4937-9fb5-7a01bddd6560/1/mdNWGe0hC-CsKdFwortc10VWk7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.39.194.0/23
195.39.202.0/23
Signature Algorithm: sha256WithRSAEncryption
50:e9:44:8a:08:06:86:19:8b:a8:f9:f3:c8:d3:26:90:00:72:
42:f3:b6:0a:97:c9:56:66:96:62:9f:20:8d:fd:3d:5d:56:db:
10:73:01:f2:99:32:57:5e:4a:e4:2f:93:45:a2:c3:b6:89:0d:
85:73:dd:a5:3b:8d:79:22:45:32:39:c2:28:6e:65:97:d7:93:
19:37:30:d6:bf:81:82:29:1b:b0:b1:36:d0:29:b6:d5:ae:87:
87:40:be:0f:73:fc:3e:cc:89:6f:08:34:6c:88:b6:5f:ae:14:
22:cc:a8:35:0d:82:66:40:13:2f:63:e3:f8:67:af:e9:ad:d8:
5b:c1:60:13:b8:45:02:37:4d:1e:27:03:67:75:cf:8a:9d:68:
83:9f:b3:b7:00:d0:07:fa:24:24:3b:a6:f8:fc:12:ec:1f:e6:
e1:47:14:2c:35:57:e9:e9:8c:d0:bc:56:94:b0:ff:ad:47:f1:
e5:7a:35:b8:87:cc:dc:37:15:8e:1e:f8:1b:02:10:c3:c8:b9:
49:52:4e:e5:5d:1a:06:48:72:c1:e1:c3:a3:60:37:d5:9c:57:
22:f2:35:6e:ab:ff:4e:0c:95:9e:8f:af:f4:85:da:06:02:c4:
36:d7:86:b5:dc:8e:d9:a6:ba:35:5a:dd:c7:d8:da:05:a4:9a:
63:f4:a7:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsXKI4qAW5SdRUGjcmDgdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDM1NjE5ZWQyMTBiZTBhYzI5ZDE3MGEyYmI1Y2Q3NDU1
NjkzYmMwHhcNMjMwMTAxMDgwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGEzOGE0YjBhY2Y1M2FlMjRiM2FkMWEzZjhlNGM0YWU0ZjNlY2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDg/sHd/GktANddLjvq/mss92SEQ
VM7xM3rUskVjD1efvsiySnz394xLCcqaldTAdtuGyNe7g+AOR4Wd1xZEm6fSCaHr
T8xn7AU8t5nStZC+qOL8Io1F2jpmIKPQwIE/oWMb/TTh98pfpNNlqWtSMuldrYIu
zKMFc/WMGz2i8ZDvydkRwDp3CYwconXuOcJBlG9NAOLTo0cED2DQu2asdVwYUong
3pXF6oyV9fs9hqqQjejOQm4zWsXCMbwCaGXdVe8TX7VKtcnuJjtVPJhuo1PGjxe3
4gGtHUVAY9PQru6d03bycZZpwBGbz04evMZDY1nfnRWwnw+vUCJUjNXjZwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFESjiksKz1OuJLOtGj+OTErk8+zxMB8GA1UdIwQY
MBaAFJnTVhntIQvgrCnRcKK7XNdFVpO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWROV0dlMGhDLUNzS2RGd29ydGMxMFZXazd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zNGU5MWYtYThhOS00OTM3LTlmYjUt
N2EwMWJkZGQ2NTYwLzEvUktPS1N3clBVNjRrczYwYVA0NU1TdVR6N1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zNGU5MWYtYThhOS00OTM3LTlmYjUtN2EwMWJkZGQ2NTYw
LzEvbWROV0dlMGhDLUNzS2RGd29ydGMxMFZXazd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwyfCAwQB
wyfKMA0GCSqGSIb3DQEBCwUAA4IBAQBQ6USKCAaGGYuo+fPI0yaQAHJC87YKl8lW
ZpZinyCN/T1dVtsQcwHymTJXXkrkL5NFosO2iQ2Fc92lO415IkUyOcIobmWX15MZ
NzDWv4GCKRuwsTbQKbbVroeHQL4Pc/w+zIlvCDRsiLZfrhQizKg1DYJmQBMvY+P4
Z6/prdhbwWATuEUCN00eJwNndc+KnWiDn7O3ANAH+iQkO6b4/BLsH+bhRxQsNVfp
6YzQvFaUsP+tR/HlejW4h8zcNxWOHvgbAhDDyLlJUk7lXRoGSHLB4cOjYDfVnFci
8jVuq/9ODJWej6/0hdoGAsQ214a13I7Zpro1Wt3H2NoFpJpj9Kdl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:38 2025 by rpki-client