Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/faabbc-81ba-4977-8923-cc93b1050de7/1/p_YVsefWKCRd2Dl81mjgKHlyAWY.roa
File: p_YVsefWKCRd2Dl81mjgKHlyAWY.roa (raw, json)
Hash identifier: 6k0us8ZfhltQKB7PNZ/MmoJtXalVqD3oSpc1zwS5BZA=
Subject key identifier: A7:F6:15:B1:E7:D6:28:24:5D:D8:39:7C:D6:68:E0:28:79:72:01:66
Certificate issuer: /CN=9b2e80a141c974f6da8f40274338fdacee42a770
Certificate serial: 01856BF7E1C03EDBF021035A8431D8EC3EFE
Authority key identifier: 9B:2E:80:A1:41:C9:74:F6:DA:8F:40:27:43:38:FD:AC:EE:42:A7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/my6AoUHJdPbaj0AnQzj9rO5Cp3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/faabbc-81ba-4977-8923-cc93b1050de7/1/p_YVsefWKCRd2Dl81mjgKHlyAWY.roa
Signing time: Sun 01 Jan 2023 06:14:45 +0000
ROA not before: Sun 01 Jan 2023 06:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31543
IP address blocks: 195.60.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:f7:e1:c0:3e:db:f0:21:03:5a:84:31:d8:ec:3e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b2e80a141c974f6da8f40274338fdacee42a770
Validity
Not Before: Jan 1 06:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7f615b1e7d628245dd8397cd668e02879720166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ac:32:2d:2e:85:a8:19:cd:dc:a1:17:98:14:
44:fc:bc:20:15:41:8d:eb:c1:c8:ee:be:51:83:58:
63:62:74:83:d9:44:46:7a:f3:52:70:9e:8e:9a:4e:
ed:70:e9:31:5d:2b:4d:c1:4e:98:1b:86:e3:f4:cf:
31:3c:a0:5d:ef:57:9d:0a:d5:5e:45:d5:cf:f0:c7:
93:1f:f5:ce:0a:b9:d2:01:b4:74:cc:dd:68:3c:77:
59:8e:54:7d:e8:b6:1b:a9:d9:29:26:61:53:47:80:
27:73:79:70:b3:a2:2b:b9:fe:10:14:64:ee:c7:77:
0d:96:94:b8:fe:d3:5a:98:77:0b:e4:fe:af:ad:e9:
c6:ab:e5:75:2a:48:b8:0f:6c:c6:fc:82:d3:15:33:
da:97:9a:35:44:ae:38:6b:86:54:07:21:3b:cc:eb:
47:bf:5f:94:cc:cb:d9:74:ee:cf:68:a2:a6:2e:7d:
56:23:6c:3c:ef:f4:6f:57:3a:26:fc:b0:60:04:0b:
39:95:8a:3b:ea:4c:7d:34:f0:14:01:de:93:2b:4c:
ed:c7:d2:1d:77:25:e4:9f:57:a4:a3:1e:0a:71:35:
b4:45:46:0d:d8:dd:c5:81:07:8a:c2:33:ac:a3:13:
e7:4d:fe:b3:34:bb:0b:88:13:df:e5:64:e0:dc:c8:
13:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F6:15:B1:E7:D6:28:24:5D:D8:39:7C:D6:68:E0:28:79:72:01:66
X509v3 Authority Key Identifier:
keyid:9B:2E:80:A1:41:C9:74:F6:DA:8F:40:27:43:38:FD:AC:EE:42:A7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/my6AoUHJdPbaj0AnQzj9rO5Cp3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/faabbc-81ba-4977-8923-cc93b1050de7/1/p_YVsefWKCRd2Dl81mjgKHlyAWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/faabbc-81ba-4977-8923-cc93b1050de7/1/my6AoUHJdPbaj0AnQzj9rO5Cp3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.66.0/24
Signature Algorithm: sha256WithRSAEncryption
38:b7:e0:ef:26:e9:82:42:1f:53:6c:ab:90:b3:76:d0:4b:cb:
99:28:20:59:48:50:2c:db:e9:9f:c4:5a:c4:f5:8e:ce:04:c1:
1a:3a:f8:38:98:a1:c7:6e:29:b4:35:d9:93:2c:7f:92:36:d8:
06:39:cc:12:da:1b:bb:8e:20:06:63:3e:2c:66:fe:d1:49:5c:
a3:77:6e:e4:3d:91:93:ee:0d:1d:89:b6:bf:93:09:bb:d6:5e:
02:2d:62:be:49:26:8b:7d:2a:96:88:c7:19:a4:c6:bd:27:99:
47:ea:74:11:55:1f:57:9d:4a:53:71:39:a4:8a:8d:55:63:d0:
83:a7:79:9a:dd:cc:da:51:4b:9d:ac:c6:65:98:79:bc:db:98:
63:78:a1:9c:ef:cc:ce:d9:41:d0:af:fe:bf:53:b7:0e:57:ac:
c4:10:a4:25:2b:4f:56:0f:22:d7:87:14:96:c1:f3:01:3c:bc:
fc:d9:38:14:f2:e6:b7:65:ad:bd:6b:11:2c:eb:d9:af:0e:f5:
3c:1a:2e:fa:ed:91:a6:cb:e9:aa:a1:78:05:f9:00:cb:57:80:
45:5d:6d:f5:c1:6f:1c:ce:ee:d8:4a:59:a4:d5:46:29:ce:24:
7e:25:93:14:41:6b:49:aa:c7:0e:8b:f5:93:43:db:61:c1:6b:
15:b0:51:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr9+HAPtvwIQNahDHY7D7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMmU4MGExNDFjOTc0ZjZkYThmNDAyNzQzMzhmZGFjZWU0
MmE3NzAwHhcNMjMwMTAxMDYxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Y2MTViMWU3ZDYyODI0NWRkODM5N2NkNjY4ZTAyODc5NzIwMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsawyLS6FqBnN3KEXmBRE/LwgFUGN
68HI7r5Rg1hjYnSD2URGevNScJ6Omk7tcOkxXStNwU6YG4bj9M8xPKBd71edCtVe
RdXP8MeTH/XOCrnSAbR0zN1oPHdZjlR96LYbqdkpJmFTR4Anc3lws6Iruf4QFGTu
x3cNlpS4/tNamHcL5P6vrenGq+V1Kki4D2zG/ILTFTPal5o1RK44a4ZUByE7zOtH
v1+UzMvZdO7PaKKmLn1WI2w87/RvVzom/LBgBAs5lYo76kx9NPAUAd6TK0ztx9Id
dyXkn1ekox4KcTW0RUYN2N3FgQeKwjOsoxPnTf6zNLsLiBPf5WTg3MgTIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKf2FbHn1igkXdg5fNZo4Ch5cgFmMB8GA1UdIwQY
MBaAFJsugKFByXT22o9AJ0M4/azuQqdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXk2QW9VSEpkUGJhajBBblF6ajlyTzVDcDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9mYWFiYmMtODFiYS00OTc3LTg5MjMt
Y2M5M2IxMDUwZGU3LzEvcF9ZVnNlZldLQ1JkMkRsODFtamdLSGx5QVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9mYWFiYmMtODFiYS00OTc3LTg5MjMtY2M5M2IxMDUwZGU3
LzEvbXk2QW9VSEpkUGJhajBBblF6ajlyTzVDcDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzxCMA0G
CSqGSIb3DQEBCwUAA4IBAQA4t+DvJumCQh9TbKuQs3bQS8uZKCBZSFAs2+mfxFrE
9Y7OBMEaOvg4mKHHbim0NdmTLH+SNtgGOcwS2hu7jiAGYz4sZv7RSVyjd27kPZGT
7g0diba/kwm71l4CLWK+SSaLfSqWiMcZpMa9J5lH6nQRVR9XnUpTcTmkio1VY9CD
p3ma3czaUUudrMZlmHm825hjeKGc78zO2UHQr/6/U7cOV6zEEKQlK09WDyLXhxSW
wfMBPLz82TgU8ua3Za29axEs69mvDvU8Gi767ZGmy+mqoXgF+QDLV4BFXW31wW8c
zu7YSlmk1UYpziR+JZMUQWtJqscOi/WTQ9thwWsVsFE8
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:34 2025 by rpki-client