Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/AF-BYhmifUMURhHrfb1Tg6dLzNs.roa
File: AF-BYhmifUMURhHrfb1Tg6dLzNs.roa (raw, json)
Hash identifier: QZLdyD7H4axY5sfFY1+6K+jpBK0jTwoB+YVXUPYaaHI=
Subject key identifier: 00:5F:81:62:19:A2:7D:43:14:46:11:EB:7D:BD:53:83:A7:4B:CC:DB
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 01844DE34183FC32F55300358F2C149000F4
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/AF-BYhmifUMURhHrfb1Tg6dLzNs.roa
Signing time: Sun 06 Nov 2022 17:00:49 +0000
ROA not before: Sun 06 Nov 2022 17:00:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212939
IP address blocks: 195.238.247.0/24 maxlen: 24
195.238.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:4d:e3:41:83:fc:32:f5:53:00:35:8f:2c:14:90:00:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Nov 6 17:00:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=005f816219a27d43144611eb7dbd5383a74bccdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:23:10:c4:8b:d9:61:31:ee:80:06:f7:d0:cb:
e8:45:2f:05:4e:f5:47:68:6a:e6:9f:d0:ea:c9:0d:
21:fc:18:c8:ba:f8:9f:a9:be:ba:80:e0:90:d0:95:
a6:50:6f:be:80:e0:2c:8d:5f:64:44:94:b8:29:d9:
4f:30:2b:56:24:b4:45:fc:3c:f1:29:db:58:1e:65:
61:06:48:92:53:48:69:a4:05:a6:2a:73:99:1a:fa:
81:e7:f1:c6:83:03:65:0f:8d:9b:56:d9:a5:5f:0b:
ae:43:8e:18:1b:52:ae:16:8c:3c:32:2f:f6:1f:5a:
af:65:d6:13:99:90:86:73:1e:88:4a:35:13:3a:5c:
3e:70:15:eb:78:1d:82:1f:1f:97:9e:81:00:04:86:
3d:93:97:9e:53:33:96:39:ce:3d:a3:59:dc:f4:0f:
51:ed:4a:e3:32:3d:5c:cb:b8:f4:62:44:4e:58:1f:
6f:26:82:d2:6b:10:a1:fb:58:d9:92:e6:1c:ce:f8:
8d:c7:0a:28:80:9a:9a:0a:9c:d1:48:07:d6:3c:ec:
de:b6:d4:a0:95:8e:09:dc:ed:a9:e3:d5:12:81:75:
7f:ae:fc:f0:5c:47:c6:c0:79:9f:70:02:ab:bb:e9:
d7:2a:6c:05:e8:d1:27:53:73:f5:eb:7c:8a:cf:a0:
fe:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5F:81:62:19:A2:7D:43:14:46:11:EB:7D:BD:53:83:A7:4B:CC:DB
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/AF-BYhmifUMURhHrfb1Tg6dLzNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.231.0/24
195.238.247.0/24
Signature Algorithm: sha256WithRSAEncryption
21:ce:e5:74:7f:b9:51:88:30:f1:6c:4f:89:c5:d5:f2:4b:23:
77:19:89:fe:25:21:9c:97:28:d0:60:06:e8:d1:53:de:56:2b:
6e:8a:48:0b:79:9c:a7:f2:20:c6:4f:1b:c1:fa:9f:4e:bd:58:
f2:5d:86:bd:b2:0c:25:1b:10:5e:f1:65:6d:0e:08:ec:ae:a9:
a1:60:46:7f:a2:31:a2:28:8b:9c:76:d7:58:22:d2:36:b7:09:
d3:81:04:0b:ed:a3:c1:94:d8:aa:ae:bc:88:29:7c:7a:9b:a9:
83:db:61:6f:b5:f7:c6:48:92:05:87:26:6c:ec:e2:0b:3b:ff:
b4:35:f4:65:f8:09:31:a9:07:f3:db:b2:3d:b3:0b:a3:e4:2f:
be:04:59:1b:35:d0:9d:5f:87:8a:9a:c4:87:d4:a4:90:cc:b2:
a0:95:a1:44:4f:ce:da:f8:9a:b8:4e:99:c6:0b:23:ba:0e:de:
fe:5a:db:91:0d:e1:2b:87:4e:73:92:de:90:bd:1a:2d:e4:13:
bb:54:b3:3e:ab:43:8f:50:f1:24:24:7a:c5:81:4c:72:10:39:
ff:61:27:94:e0:7b:a6:4a:3c:32:7e:fc:7b:87:b9:f3:50:ee:
4d:5d:88:59:aa:00:64:94:05:6f:c4:58:9f:fc:84:bd:7c:cb:
ae:f7:0a:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRN40GD/DL1UwA1jywUkAD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjIxMTA2MTcwMDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDVmODE2MjE5YTI3ZDQzMTQ0NjExZWI3ZGJkNTM4M2E3NGJjY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSMQxIvZYTHugAb30MvoRS8FTvVH
aGrmn9DqyQ0h/BjIuvifqb66gOCQ0JWmUG++gOAsjV9kRJS4KdlPMCtWJLRF/Dzx
KdtYHmVhBkiSU0hppAWmKnOZGvqB5/HGgwNlD42bVtmlXwuuQ44YG1KuFow8Mi/2
H1qvZdYTmZCGcx6ISjUTOlw+cBXreB2CHx+XnoEABIY9k5eeUzOWOc49o1nc9A9R
7UrjMj1cy7j0YkROWB9vJoLSaxCh+1jZkuYczviNxwoogJqaCpzRSAfWPOzettSg
lY4J3O2p49USgXV/rvzwXEfGwHmfcAKru+nXKmwF6NEnU3P163yKz6D+6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFABfgWIZon1DFEYR6329U4OnS8zbMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvQUYtQllobWlmVU1VUmhIcmZiMVRnNmRMek5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw+7nAwQA
w+73MA0GCSqGSIb3DQEBCwUAA4IBAQAhzuV0f7lRiDDxbE+JxdXySyN3GYn+JSGc
lyjQYAbo0VPeVituikgLeZyn8iDGTxvB+p9OvVjyXYa9sgwlGxBe8WVtDgjsrqmh
YEZ/ojGiKIucdtdYItI2twnTgQQL7aPBlNiqrryIKXx6m6mD22FvtffGSJIFhyZs
7OILO/+0NfRl+AkxqQfz27I9swuj5C++BFkbNdCdX4eKmsSH1KSQzLKglaFET87a
+Jq4TpnGCyO6Dt7+WtuRDeErh05zkt6QvRot5BO7VLM+q0OPUPEkJHrFgUxyEDn/
YSeU4HumSjwyfvx7h7nzUO5NXYhZqgBklAVvxFif/IS9fMuu9wpC
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:43:44 2025 by rpki-client