Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/720843-adef-4338-8995-1c556b03b22c/1/py4W4gMFlQQEdnDdOIVzQ8RmHwc.roa
File: py4W4gMFlQQEdnDdOIVzQ8RmHwc.roa (raw, json)
Hash identifier: Po1y5BLBltQ3UehrquBxl2XARLcyfPXx7bagMvhyQKE=
Subject key identifier: A7:2E:16:E2:03:05:95:04:04:76:70:DD:38:85:73:43:C4:66:1F:07
Certificate issuer: /CN=87a98ae10d85478cec5c25563c73ebb56c9b1a46
Certificate serial: 01856C783E986586B99B65C6D96A9D746B1C
Authority key identifier: 87:A9:8A:E1:0D:85:47:8C:EC:5C:25:56:3C:73:EB:B5:6C:9B:1A:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h6mK4Q2FR4zsXCVWPHPrtWybGkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/720843-adef-4338-8995-1c556b03b22c/1/py4W4gMFlQQEdnDdOIVzQ8RmHwc.roa
Signing time: Sun 01 Jan 2023 08:34:57 +0000
ROA not before: Sun 01 Jan 2023 08:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44127
IP address blocks: 195.93.210.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:3e:98:65:86:b9:9b:65:c6:d9:6a:9d:74:6b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87a98ae10d85478cec5c25563c73ebb56c9b1a46
Validity
Not Before: Jan 1 08:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a72e16e203059504047670dd38857343c4661f07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:db:7c:50:61:fb:6e:8d:62:79:e5:12:bc:76:
2d:9f:ab:96:eb:04:45:e3:55:29:4c:9f:47:37:13:
05:cc:24:2b:4c:c1:b2:b8:14:e5:92:bd:db:a4:0e:
36:c3:47:4a:99:1f:49:32:89:de:f1:d6:b9:01:49:
5e:13:ff:1e:c8:db:ba:e5:65:45:74:05:fe:1f:e0:
e6:f9:5f:e0:c8:53:ea:f4:84:b6:dc:42:a6:b5:b6:
16:a3:84:19:ec:46:19:d4:3d:94:a1:a9:bb:b6:73:
c8:62:9c:3e:f3:ba:45:3b:14:59:b2:2d:d4:01:94:
43:90:6d:1f:84:ed:35:9c:41:24:01:6b:1e:a4:cf:
7a:3d:b3:32:c4:41:40:3c:5f:74:17:97:b4:c9:91:
ae:9e:cb:4a:98:ab:3a:17:b9:55:d3:bc:0e:db:ac:
b1:2f:a5:68:66:1e:6a:29:85:d0:ad:8c:56:18:77:
90:92:ba:63:b4:e6:a6:59:8a:a0:14:13:a5:50:92:
fa:ba:32:3b:b7:40:0f:73:66:69:a8:7c:dc:e1:4b:
09:1e:da:fc:a3:88:4a:3d:97:1e:5d:c1:c1:e5:dd:
d8:ff:69:c7:68:94:74:62:94:7a:93:86:3f:9f:56:
06:9b:89:cb:82:fd:b0:fe:6d:f9:c8:6d:91:04:63:
d1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:2E:16:E2:03:05:95:04:04:76:70:DD:38:85:73:43:C4:66:1F:07
X509v3 Authority Key Identifier:
keyid:87:A9:8A:E1:0D:85:47:8C:EC:5C:25:56:3C:73:EB:B5:6C:9B:1A:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h6mK4Q2FR4zsXCVWPHPrtWybGkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/720843-adef-4338-8995-1c556b03b22c/1/py4W4gMFlQQEdnDdOIVzQ8RmHwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/720843-adef-4338-8995-1c556b03b22c/1/h6mK4Q2FR4zsXCVWPHPrtWybGkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.93.210.0/23
Signature Algorithm: sha256WithRSAEncryption
01:56:1d:7c:0c:df:12:47:db:59:96:ed:71:fd:d6:02:4d:1f:
12:6c:87:4a:d1:32:71:8a:e3:36:91:10:07:82:ec:e5:c6:5d:
2b:9c:7a:1f:33:2f:65:41:c7:a0:97:bf:37:a4:21:2b:8a:b8:
3f:db:53:20:75:ec:5d:7c:06:86:49:4f:77:55:d9:c4:06:8e:
75:7c:82:78:08:3a:7c:ac:1e:ba:38:40:85:a8:ad:d5:cb:ae:
22:96:e0:58:39:9f:d7:50:9f:1f:0e:f8:c5:27:67:3b:a2:c5:
23:ba:16:89:75:3b:76:c7:4f:4f:69:d7:cb:7d:b5:12:b0:4c:
4a:e2:79:25:da:88:ff:8e:52:b7:fd:26:70:7a:d3:5e:da:c2:
14:49:89:3a:ac:e8:71:97:37:b3:7f:e6:a0:41:78:28:05:a4:
92:f9:b6:3d:dd:af:33:0f:72:bb:82:8b:87:ef:b3:7f:e3:21:
42:15:76:66:36:8d:31:66:de:d7:6e:a7:54:83:30:6f:57:1b:
ce:72:69:7e:f7:05:23:40:eb:bb:8f:a1:71:39:e4:76:27:8e:
28:b7:40:ad:3b:32:f7:74:a6:1f:3b:a5:09:ae:13:d1:2c:12:
8b:e8:03:2c:17:30:eb:b2:fb:c5:ce:75:75:89:b9:3f:a3:5f:
23:70:b2:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVseD6YZYa5m2XG2WqddGscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3YTk4YWUxMGQ4NTQ3OGNlYzVjMjU1NjNjNzNlYmI1NmM5
YjFhNDYwHhcNMjMwMTAxMDgzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzJlMTZlMjAzMDU5NTA0MDQ3NjcwZGQzODg1NzM0M2M0NjYxZjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldt8UGH7bo1ieeUSvHYtn6uW6wRF
41UpTJ9HNxMFzCQrTMGyuBTlkr3bpA42w0dKmR9JMone8da5AUleE/8eyNu65WVF
dAX+H+Dm+V/gyFPq9IS23EKmtbYWo4QZ7EYZ1D2Uoam7tnPIYpw+87pFOxRZsi3U
AZRDkG0fhO01nEEkAWsepM96PbMyxEFAPF90F5e0yZGunstKmKs6F7lV07wO26yx
L6VoZh5qKYXQrYxWGHeQkrpjtOamWYqgFBOlUJL6ujI7t0APc2ZpqHzc4UsJHtr8
o4hKPZceXcHB5d3Y/2nHaJR0YpR6k4Y/n1YGm4nLgv2w/m35yG2RBGPRgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcuFuIDBZUEBHZw3TiFc0PEZh8HMB8GA1UdIwQY
MBaAFIepiuENhUeM7FwlVjxz67VsmxpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDZtSzRRMkZSNHpzWENWV1BIUHJ0V3liR2tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83MjA4NDMtYWRlZi00MzM4LTg5OTUt
MWM1NTZiMDNiMjJjLzEvcHk0VzRnTUZsUVFFZG5EZE9JVnpROFJtSHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83MjA4NDMtYWRlZi00MzM4LTg5OTUtMWM1NTZiMDNiMjJj
LzEvaDZtSzRRMkZSNHpzWENWV1BIUHJ0V3liR2tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw13SMA0G
CSqGSIb3DQEBCwUAA4IBAQABVh18DN8SR9tZlu1x/dYCTR8SbIdK0TJxiuM2kRAH
guzlxl0rnHofMy9lQcegl783pCErirg/21MgdexdfAaGSU93VdnEBo51fIJ4CDp8
rB66OECFqK3Vy64iluBYOZ/XUJ8fDvjFJ2c7osUjuhaJdTt2x09PadfLfbUSsExK
4nkl2oj/jlK3/SZwetNe2sIUSYk6rOhxlzezf+agQXgoBaSS+bY93a8zD3K7gouH
77N/4yFCFXZmNo0xZt7XbqdUgzBvVxvOcml+9wUjQOu7j6FxOeR2J44ot0CtOzL3
dKYfO6UJrhPRLBKL6AMsFzDrsvvFznV1ibk/o18jcLL4
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:56 2025 by rpki-client