Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/y7kUnouX40tiymxrDGRIuhJKC7g.roa
File: y7kUnouX40tiymxrDGRIuhJKC7g.roa (raw, json)
Hash identifier: 7MbSEkKlJ0qZesg1acz0SwijZrKq0uLiuRnylxJFQGs=
Subject key identifier: CB:B9:14:9E:8B:97:E3:4B:62:CA:6C:6B:0C:64:48:BA:12:4A:0B:B8
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 01856F42DCF0B07EB9DFA893C885615FDC51
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/y7kUnouX40tiymxrDGRIuhJKC7g.roa
Signing time: Sun 01 Jan 2023 21:35:30 +0000
ROA not before: Sun 01 Jan 2023 21:35:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212939
IP address blocks: 195.238.247.0/24 maxlen: 24
195.238.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:dc:f0:b0:7e:b9:df:a8:93:c8:85:61:5f:dc:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 21:35:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cbb9149e8b97e34b62ca6c6b0c6448ba124a0bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:52:ab:29:cf:e2:c8:89:7f:18:06:b5:b9:bc:
42:d6:f4:a5:7c:2f:d7:6c:c0:3b:7e:d4:36:4a:93:
64:4c:cf:db:83:85:ff:90:91:92:16:af:bd:3d:3b:
57:39:d9:a9:64:71:f3:a0:a5:e0:56:4f:87:de:c5:
08:f1:a1:d8:3e:21:49:9b:20:79:44:31:ea:e7:4a:
e5:22:d2:d2:f7:d1:5b:be:22:7c:aa:9a:d9:c4:57:
b0:c0:d4:77:e4:8a:1e:7a:62:f8:d3:ba:d3:b0:0e:
aa:d9:34:44:0c:d3:10:5b:c7:68:eb:75:21:3b:34:
46:3d:d1:17:8c:f8:00:d6:c8:18:5b:0c:25:0f:72:
61:1e:6d:8f:03:dd:97:f4:fd:a3:ed:8a:05:18:4a:
ab:dc:a5:89:a9:59:b0:c8:b5:ed:75:f6:1c:c1:e3:
80:64:28:70:1d:d1:26:06:c2:d4:46:b2:90:dd:40:
58:3d:79:c5:df:e6:a4:ad:b8:e3:09:61:db:cf:65:
0e:c4:be:c6:46:84:9a:df:2b:7d:7a:6a:d6:c4:55:
18:3b:91:d0:89:c6:83:e9:0c:21:0c:71:03:42:f8:
2b:82:8b:1a:f7:e1:8e:75:e1:fb:3f:17:8e:9f:75:
44:f2:30:24:11:ad:df:e8:70:08:26:9e:bd:36:9c:
30:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:B9:14:9E:8B:97:E3:4B:62:CA:6C:6B:0C:64:48:BA:12:4A:0B:B8
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/y7kUnouX40tiymxrDGRIuhJKC7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.238.231.0/24
195.238.247.0/24
Signature Algorithm: sha256WithRSAEncryption
22:5e:34:68:90:57:b4:71:cd:3b:05:33:d8:11:af:76:68:9e:
2a:c5:e4:83:51:1a:f2:4f:31:12:9b:9c:3d:3a:31:f0:85:31:
73:4c:03:35:53:f9:8b:b5:c0:40:35:a2:8e:d6:cc:a0:cf:2e:
6c:f9:26:3e:2c:3f:3b:2b:ad:ec:35:cd:da:ae:f2:e1:80:e4:
e2:e0:b7:a0:01:5f:fd:e1:9c:20:f9:13:7a:c7:d0:e2:02:7d:
94:d8:e4:a5:b5:4f:13:53:db:03:c9:62:9a:2d:2f:1c:d5:c0:
4e:ce:d1:a9:4e:26:8d:50:cc:35:0f:f7:37:7a:fa:84:17:b2:
35:69:9c:1b:d2:0d:57:a1:06:86:62:07:4f:f2:89:61:7e:76:
e3:42:10:cf:0f:69:5b:81:48:f0:46:c6:51:4d:ae:c9:a1:9f:
8e:14:8b:80:1e:6f:5e:a8:4a:1f:75:1a:7c:f1:65:97:0c:68:
e4:15:11:12:16:cb:0c:06:47:95:ca:51:1c:28:84:33:3a:24:
01:f8:e3:ac:39:a6:63:86:47:60:36:c6:71:ab:c6:bb:83:c4:
a5:70:5c:64:1d:3e:18:89:2a:b3:fb:f8:ce:c9:9c:29:86:ea:
c0:ae:7c:61:f6:13:5c:9a:3f:79:ab:8a:69:6b:d4:80:52:8c:
32:79:16:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvQtzwsH6536iTyIVhX9xRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjMwMTAxMjEzNTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmI5MTQ5ZThiOTdlMzRiNjJjYTZjNmIwYzY0NDhiYTEyNGEwYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lKrKc/iyIl/GAa1ubxC1vSlfC/X
bMA7ftQ2SpNkTM/bg4X/kJGSFq+9PTtXOdmpZHHzoKXgVk+H3sUI8aHYPiFJmyB5
RDHq50rlItLS99FbviJ8qprZxFewwNR35IoeemL407rTsA6q2TREDNMQW8do63Uh
OzRGPdEXjPgA1sgYWwwlD3JhHm2PA92X9P2j7YoFGEqr3KWJqVmwyLXtdfYcweOA
ZChwHdEmBsLURrKQ3UBYPXnF3+akrbjjCWHbz2UOxL7GRoSa3yt9emrWxFUYO5HQ
icaD6QwhDHEDQvgrgosa9+GOdeH7PxeOn3VE8jAkEa3f6HAIJp69NpwwAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMu5FJ6Ll+NLYspsawxkSLoSSgu4MB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEveTdrVW5vdVg0MHRpeW14ckRHUkl1aEpLQzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw+7nAwQA
w+73MA0GCSqGSIb3DQEBCwUAA4IBAQAiXjRokFe0cc07BTPYEa92aJ4qxeSDURry
TzESm5w9OjHwhTFzTAM1U/mLtcBANaKO1sygzy5s+SY+LD87K63sNc3arvLhgOTi
4LegAV/94Zwg+RN6x9DiAn2U2OSltU8TU9sDyWKaLS8c1cBOztGpTiaNUMw1D/c3
evqEF7I1aZwb0g1XoQaGYgdP8olhfnbjQhDPD2lbgUjwRsZRTa7JoZ+OFIuAHm9e
qEofdRp88WWXDGjkFRESFssMBkeVylEcKIQzOiQB+OOsOaZjhkdgNsZxq8a7g8Sl
cFxkHT4YiSqz+/jOyZwphurArnxh9hNcmj95q4ppa9SAUowyeRZ9
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:37 2025 by rpki-client