Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/aPrfjpmNqrdTsxJmodkJka4we_o.roa
File: aPrfjpmNqrdTsxJmodkJka4we_o.roa (raw, json)
Hash identifier: S7rbT7lzaCZygdOJnmkE3a3LE1Ys9AOvyA5wi6Rwn/U=
Subject key identifier: 68:FA:DF:8E:99:8D:AA:B7:53:B3:12:66:A1:D9:09:91:AE:30:7B:FA
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 0183790278854BF5CBF8D9873A9946FA5D00
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/aPrfjpmNqrdTsxJmodkJka4we_o.roa
Signing time: Mon 26 Sep 2022 08:55:48 +0000
ROA not before: Mon 26 Sep 2022 08:55:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212939
IP address blocks: 195.238.247.0/24 maxlen: 24
103.215.222.0/23 maxlen: 23
195.238.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:79:02:78:85:4b:f5:cb:f8:d9:87:3a:99:46:fa:5d:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Sep 26 08:55:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68fadf8e998daab753b31266a1d90991ae307bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:64:fe:75:b6:5c:ee:4a:2c:6b:e0:75:30:7a:
bd:6e:8b:7c:cc:4c:99:24:a6:0d:37:f8:95:0a:f1:
f4:11:12:47:7a:96:f5:ea:e0:8d:f7:02:f7:f3:96:
fc:c9:97:75:28:da:e4:fd:39:30:75:01:c6:3f:65:
f4:c6:ef:9c:a9:b2:76:a1:ac:e1:f1:79:b9:03:7e:
b5:8a:42:e3:ad:b5:ed:48:21:33:4f:66:42:22:84:
d6:9c:a5:94:8e:ed:e5:01:be:ac:db:91:13:ef:eb:
db:a8:d0:76:d0:bf:0f:7c:ae:05:ab:ea:9b:65:6f:
62:52:3f:0f:46:21:a4:09:68:fa:04:fc:ff:19:8d:
e9:6c:dc:72:e0:27:8d:ee:ea:fd:77:f0:ec:e6:f8:
a3:0c:15:ad:9f:55:67:cc:89:09:16:09:ce:ad:cd:
24:68:60:8b:c5:e6:6e:33:72:99:98:3b:38:ff:97:
a8:3a:38:0f:82:07:9c:37:33:a3:97:85:44:a4:d0:
d0:d5:af:b7:2c:67:42:56:44:9f:91:07:8b:ba:dd:
3a:83:cd:0a:67:ee:b0:78:8a:ea:f0:12:cb:8f:2d:
26:c1:c8:dc:79:1a:84:b9:db:a5:ae:2d:00:33:51:
47:10:a0:3e:d6:eb:38:04:e6:34:85:e8:52:29:86:
61:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FA:DF:8E:99:8D:AA:B7:53:B3:12:66:A1:D9:09:91:AE:30:7B:FA
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/aPrfjpmNqrdTsxJmodkJka4we_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.215.222.0/23
195.238.231.0/24
195.238.247.0/24
Signature Algorithm: sha256WithRSAEncryption
98:b0:99:5d:4c:3c:e1:91:3f:7e:1f:02:06:9b:59:45:49:e5:
59:a2:ec:5b:8d:9f:f5:fb:00:28:d6:e9:87:bf:35:b0:8c:fa:
3b:f7:33:5e:85:5f:82:79:01:d3:27:70:a2:41:5b:58:ee:70:
5b:06:c4:01:0a:e6:32:66:79:2f:bb:ad:1b:8f:36:5a:8c:ae:
63:42:50:cf:e4:36:b5:68:a8:1b:de:15:f8:57:ba:d2:61:fc:
a0:3b:12:30:69:bc:5f:e5:d0:e6:49:34:cf:79:2a:2c:7e:a2:
99:7c:aa:fd:68:2e:7b:06:04:34:4f:ba:7c:5f:7a:a8:0e:07:
f9:7f:94:f0:bd:e6:f9:63:45:7b:ba:b4:f7:bc:a0:07:49:44:
41:76:05:9c:48:3e:0b:56:3d:3e:30:ee:66:02:f4:da:5e:99:
41:d6:fc:c9:aa:b3:0e:6e:4c:d3:14:e5:40:e9:79:8f:4e:31:
91:d8:ad:99:7c:27:e3:18:12:c2:59:40:76:92:94:be:97:ae:
5a:bd:22:0d:6a:45:3f:93:de:03:39:2b:a2:9f:2e:f3:d1:34:
8f:26:dc:fa:dd:a5:ce:a3:f3:de:ac:e3:0f:b5:47:75:ca:b6:
ee:b7:86:53:0b:de:27:ba:ca:9c:1d:32:dd:4f:f1:b6:0a:e5:
4d:e3:78:36
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYN5AniFS/XL+NmHOplG+l0AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjIwOTI2MDg1NTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGZhZGY4ZTk5OGRhYWI3NTNiMzEyNjZhMWQ5MDk5MWFlMzA3YmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWT+dbZc7kosa+B1MHq9bot8zEyZ
JKYNN/iVCvH0ERJHepb16uCN9wL385b8yZd1KNrk/TkwdQHGP2X0xu+cqbJ2oazh
8Xm5A361ikLjrbXtSCEzT2ZCIoTWnKWUju3lAb6s25ET7+vbqNB20L8PfK4Fq+qb
ZW9iUj8PRiGkCWj6BPz/GY3pbNxy4CeN7ur9d/Ds5vijDBWtn1VnzIkJFgnOrc0k
aGCLxeZuM3KZmDs4/5eoOjgPggecNzOjl4VEpNDQ1a+3LGdCVkSfkQeLut06g80K
Z+6weIrq8BLLjy0mwcjceRqEudulri0AM1FHEKA+1us4BOY0hehSKYZhAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGj6346Zjaq3U7MSZqHZCZGuMHv6MB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvYVByZmpwbU5xcmRUc3hKbW9ka0prYTR3ZV9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBZ9feAwQA
w+7nAwQAw+73MA0GCSqGSIb3DQEBCwUAA4IBAQCYsJldTDzhkT9+HwIGm1lFSeVZ
ouxbjZ/1+wAo1umHvzWwjPo79zNehV+CeQHTJ3CiQVtY7nBbBsQBCuYyZnkvu60b
jzZajK5jQlDP5Da1aKgb3hX4V7rSYfygOxIwabxf5dDmSTTPeSosfqKZfKr9aC57
BgQ0T7p8X3qoDgf5f5Twveb5Y0V7urT3vKAHSURBdgWcSD4LVj0+MO5mAvTaXplB
1vzJqrMObkzTFOVA6XmPTjGR2K2ZfCfjGBLCWUB2kpS+l65avSINakU/k94DOSui
ny7z0TSPJtz63aXOo/PerOMPtUd1yrbut4ZTC94nusqcHTLdT/G2CuVN43g2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:43 2025 by rpki-client