Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/dGy5RyK52U9c2Sd8PyaU61ptEa4.roa
File: dGy5RyK52U9c2Sd8PyaU61ptEa4.roa (raw, json)
Hash identifier: wfa7ZryZ7+5MiQFtvMK0zMO56SU5yUmuBPma9OmY00g=
Subject key identifier: 74:6C:B9:47:22:B9:D9:4F:5C:D9:27:7C:3F:26:94:EB:5A:6D:11:AE
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 018B1E2A135525C29BB8ADFC5583808BEB17
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/dGy5RyK52U9c2Sd8PyaU61ptEa4.roa
Signing time: Wed 11 Oct 2023 09:55:55 +0000
ROA not before: Wed 11 Oct 2023 09:55:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.225.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:2a:13:55:25:c2:9b:b8:ad:fc:55:83:80:8b:eb:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Oct 11 09:55:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=746cb94722b9d94f5cd9277c3f2694eb5a6d11ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2b:6d:85:fc:98:86:35:f3:3b:14:cf:0f:b0:
26:f1:0c:a5:a7:cf:ba:ff:fe:e8:e3:d8:8d:2c:50:
76:b7:1c:d2:34:cb:b2:8f:ad:98:12:c2:73:d4:21:
d6:d3:58:34:43:9f:98:2b:19:56:a6:fb:08:35:75:
0b:4d:4f:ef:95:0a:b2:66:9d:dd:50:19:19:d6:27:
52:c2:ef:69:c7:56:64:ec:75:db:07:c1:b5:ee:b1:
ac:67:df:e5:84:37:7b:68:d4:44:fe:36:56:27:ca:
d8:95:34:fd:28:2f:23:c5:5d:1c:75:93:25:c4:37:
74:54:20:2d:49:66:33:e3:11:7f:84:b3:33:c0:62:
3f:38:1d:67:64:80:fb:d3:7c:6b:4b:83:65:3f:d5:
8b:6d:5c:a3:d6:f4:66:dc:4c:46:6b:15:bf:54:c6:
97:99:c2:42:f3:c8:af:e2:62:e7:17:f9:1c:db:65:
95:a2:09:bc:58:02:f2:46:90:8b:85:97:58:4e:ca:
de:0b:1c:6e:b7:26:9b:f1:fb:f9:33:be:d1:c0:0d:
00:78:08:8c:ae:d8:37:fc:16:fc:7c:b9:e4:87:15:
72:58:77:6e:3a:84:50:14:9c:f3:60:71:54:b7:40:
e1:51:d8:4b:ec:53:6e:76:e3:86:f3:5f:a3:d2:ed:
5a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6C:B9:47:22:B9:D9:4F:5C:D9:27:7C:3F:26:94:EB:5A:6D:11:AE
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/dGy5RyK52U9c2Sd8PyaU61ptEa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.98.0/24
Signature Algorithm: sha256WithRSAEncryption
98:0e:f4:8e:55:8b:8a:dd:7a:31:d7:4e:48:d4:69:9d:5d:4d:
80:a3:27:1a:5c:52:2b:81:47:51:64:a7:0a:dc:e0:a2:32:7b:
b8:d5:1a:1e:bd:f0:06:4b:2c:64:39:4c:59:43:89:84:a6:ef:
77:5b:46:c1:3a:bb:1f:c3:07:85:7f:05:08:98:f8:26:51:fe:
b6:e0:30:17:8a:f6:5b:c6:21:30:2f:64:c0:bc:ce:60:26:6b:
43:1b:61:0a:06:7c:30:e8:1f:47:66:8b:3f:78:b3:73:6a:b6:
a9:3b:ff:68:e1:c5:b5:d9:cf:25:89:ee:fd:a1:bf:48:46:5c:
2f:6e:35:6c:a2:e1:75:aa:3e:35:3b:70:eb:d6:fd:ca:e5:38:
4e:73:bd:ec:10:6f:ad:86:59:57:ac:3d:9b:b5:06:53:03:e8:
23:8f:bf:30:2d:57:29:91:07:94:05:8f:ca:94:cb:4e:d9:11:
24:0b:74:16:2f:67:9c:31:b0:21:1a:84:ed:90:08:ad:a3:ec:
ca:65:fd:6a:9c:72:c4:87:36:e4:33:16:19:37:87:60:e9:5b:
ab:4e:b9:3c:2e:9a:1f:c8:42:e5:ef:eb:1f:cf:20:97:99:68:
71:ee:15:28:90:ea:f0:d3:61:27:ea:42:41:11:b4:51:78:74:
db:48:ca:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYseKhNVJcKbuK38VYOAi+sXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTE0YmY3NmY0MmRhNGYyYWMwMDNhNmM2OWQ2MWMyMzIw
ZTJjZDgwHhcNMjMxMDExMDk1NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDZjYjk0NzIyYjlkOTRmNWNkOTI3N2MzZjI2OTRlYjVhNmQxMWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlytthfyYhjXzOxTPD7Am8Qylp8+6
//7o49iNLFB2txzSNMuyj62YEsJz1CHW01g0Q5+YKxlWpvsINXULTU/vlQqyZp3d
UBkZ1idSwu9px1Zk7HXbB8G17rGsZ9/lhDd7aNRE/jZWJ8rYlTT9KC8jxV0cdZMl
xDd0VCAtSWYz4xF/hLMzwGI/OB1nZID703xrS4NlP9WLbVyj1vRm3ExGaxW/VMaX
mcJC88iv4mLnF/kc22WVogm8WALyRpCLhZdYTsreCxxutyab8fv5M77RwA0AeAiM
rtg3/Bb8fLnkhxVyWHduOoRQFJzzYHFUt0DhUdhL7FNuduOG81+j0u1a7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHRsuUciudlPXNknfD8mlOtabRGuMB8GA1UdIwQY
MBaAFEnhS/dvQtpPKsADpsadYcIyDizYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEt
M2JlY2NhYWUzMzZkLzEvZEd5NVJ5SzUyVTljMlNkOFB5YVU2MXB0RWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC81NjE2N2YtNTMyNy00Yzg4LWI0ZWEtM2JlY2NhYWUzMzZk
LzEvU2VGTDkyOUMyazhxd0FPbXhwMWh3aklPTE5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+FiMA0G
CSqGSIb3DQEBCwUAA4IBAQCYDvSOVYuK3Xox105I1GmdXU2AoycaXFIrgUdRZKcK
3OCiMnu41RoevfAGSyxkOUxZQ4mEpu93W0bBOrsfwweFfwUImPgmUf624DAXivZb
xiEwL2TAvM5gJmtDG2EKBnww6B9HZos/eLNzarapO/9o4cW12c8lie79ob9IRlwv
bjVsouF1qj41O3Dr1v3K5ThOc73sEG+thllXrD2btQZTA+gjj78wLVcpkQeUBY/K
lMtO2REkC3QWL2ecMbAhGoTtkAito+zKZf1qnHLEhzbkMxYZN4dg6VurTrk8Lpof
yELl7+sfzyCXmWhx7hUokOrw02En6kJBEbRReHTbSMrJ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:53 2025 by rpki-client