Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/a3c055-b25a-425f-8d99-e5a7003e10de/1/orPR1NXaL_1iYNQ9oWmDDv8glqM.roa
File: orPR1NXaL_1iYNQ9oWmDDv8glqM.roa (raw, json)
Hash identifier: AACuAQonVz/mt8LCsYJ3VZZSDR4pCnLVTsw5hFtWiFw=
Subject key identifier: A2:B3:D1:D4:D5:DA:2F:FD:62:60:D4:3D:A1:69:83:0E:FF:20:96:A3
Certificate issuer: /CN=c64d2286b5cc7be42f8aebaeb6aae57e7ce7da2b
Certificate serial: 01856C25D2F5408E7FC1DA0C4595A439480C
Authority key identifier: C6:4D:22:86:B5:CC:7B:E4:2F:8A:EB:AE:B6:AA:E5:7E:7C:E7:DA:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk0ihrXMe-Qviuuutqrlfnzn2is.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/a3c055-b25a-425f-8d99-e5a7003e10de/1/orPR1NXaL_1iYNQ9oWmDDv8glqM.roa
Signing time: Sun 01 Jan 2023 07:04:56 +0000
ROA not before: Sun 01 Jan 2023 07:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48897
IP address blocks: 195.88.72.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:d2:f5:40:8e:7f:c1:da:0c:45:95:a4:39:48:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64d2286b5cc7be42f8aebaeb6aae57e7ce7da2b
Validity
Not Before: Jan 1 07:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2b3d1d4d5da2ffd6260d43da169830eff2096a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:24:31:21:65:56:b1:ac:b9:b2:dd:a0:2b:0b:
f4:db:da:1e:5c:93:d1:ef:c2:e0:b3:f6:21:8f:e0:
d0:ae:83:a0:f4:67:d6:7b:46:c2:ce:28:2e:3e:79:
4d:e2:fa:b5:9e:76:f7:43:bf:ee:b6:c4:75:3b:c4:
92:79:6a:63:51:89:b3:e5:93:37:b4:b1:c5:59:c3:
ef:aa:57:d5:70:d8:63:9f:86:46:2d:65:14:d2:46:
75:ab:45:e6:cb:67:0c:49:1e:fd:69:ec:74:2d:c1:
b6:52:a4:4b:7b:03:d7:ac:3d:23:8e:96:37:30:58:
4b:93:37:6f:69:8c:65:54:7e:81:cd:25:3d:7a:ab:
3b:17:e6:de:76:36:d9:74:1f:c4:03:f5:61:7b:fb:
4b:10:a6:3d:91:fc:1a:d2:cb:85:46:e1:4f:00:c5:
f1:f4:fd:af:f8:33:89:3f:a1:46:61:65:41:11:db:
73:01:62:91:3a:ce:67:94:52:62:6a:5a:db:7e:f9:
5a:00:1e:e6:75:e5:04:5e:29:27:66:2d:0e:b5:67:
b9:a4:e0:fc:3a:95:51:a8:24:4f:7f:a0:25:6c:75:
8c:2a:52:6a:9c:4c:9a:65:85:2e:50:c1:5a:ef:a9:
23:37:24:0d:5d:3e:cd:fe:c8:4b:3e:e8:6b:7a:56:
34:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B3:D1:D4:D5:DA:2F:FD:62:60:D4:3D:A1:69:83:0E:FF:20:96:A3
X509v3 Authority Key Identifier:
keyid:C6:4D:22:86:B5:CC:7B:E4:2F:8A:EB:AE:B6:AA:E5:7E:7C:E7:DA:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk0ihrXMe-Qviuuutqrlfnzn2is.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a3c055-b25a-425f-8d99-e5a7003e10de/1/orPR1NXaL_1iYNQ9oWmDDv8glqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/a3c055-b25a-425f-8d99-e5a7003e10de/1/xk0ihrXMe-Qviuuutqrlfnzn2is.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.72.0/23
Signature Algorithm: sha256WithRSAEncryption
53:47:58:4e:56:43:74:cf:0a:8e:eb:2c:0a:a3:23:af:eb:b1:
97:68:ca:a3:15:0e:fe:dc:50:8f:e7:07:28:e0:18:82:d1:65:
f7:74:ea:d2:69:f6:25:f1:bd:25:65:c4:35:34:11:3b:c4:42:
95:70:9e:45:3a:1a:49:97:26:ae:4c:e3:d9:d9:70:a6:aa:9c:
25:46:e2:53:a9:79:fb:2c:99:7d:62:af:9c:18:60:ee:73:a7:
b8:09:67:89:81:60:58:a1:6b:e3:8f:f6:d5:5b:56:34:91:2d:
f5:53:8d:75:79:2c:3b:d8:8d:32:fc:4a:0e:a2:27:1d:e7:55:
9a:78:d1:da:9e:12:5a:38:7d:23:52:fc:c3:2a:9d:cd:3c:38:
4e:84:89:e7:5e:28:7b:01:08:b0:e3:2d:c3:91:59:91:e2:4d:
db:20:b5:a3:c3:8b:4c:70:ff:5c:22:2f:7d:ff:d2:f3:61:5b:
02:c4:1d:05:8e:e3:1d:0d:1b:d8:07:6a:f2:2f:88:5f:19:1b:
b6:39:6d:f1:9a:5c:30:da:33:cb:9b:c6:1b:5d:50:d3:03:c2:
f4:69:2c:88:55:bb:b8:a7:ca:16:a3:6a:8a:4a:c5:68:49:08:
08:2e:99:32:f1:0a:61:8a:b8:78:1e:2e:f6:60:36:00:10:23:
15:48:23:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsJdL1QI5/wdoMRZWkOUgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGQyMjg2YjVjYzdiZTQyZjhhZWJhZWI2YWFlNTdlN2Nl
N2RhMmIwHhcNMjMwMTAxMDcwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmIzZDFkNGQ1ZGEyZmZkNjI2MGQ0M2RhMTY5ODMwZWZmMjA5NmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviQxIWVWsay5st2gKwv029oeXJPR
78Lgs/Yhj+DQroOg9GfWe0bCziguPnlN4vq1nnb3Q7/utsR1O8SSeWpjUYmz5ZM3
tLHFWcPvqlfVcNhjn4ZGLWUU0kZ1q0Xmy2cMSR79aex0LcG2UqRLewPXrD0jjpY3
MFhLkzdvaYxlVH6BzSU9eqs7F+bedjbZdB/EA/Vhe/tLEKY9kfwa0suFRuFPAMXx
9P2v+DOJP6FGYWVBEdtzAWKROs5nlFJialrbfvlaAB7mdeUEXiknZi0OtWe5pOD8
OpVRqCRPf6AlbHWMKlJqnEyaZYUuUMFa76kjNyQNXT7N/shLPuhrelY0XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKz0dTV2i/9YmDUPaFpgw7/IJajMB8GA1UdIwQY
MBaAFMZNIoa1zHvkL4rrrraq5X5859orMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGswaWhyWE1lLVF2aXV1dXRxcmxmbnpuMmlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9hM2MwNTUtYjI1YS00MjVmLThkOTkt
ZTVhNzAwM2UxMGRlLzEvb3JQUjFOWGFMXzFpWU5ROW9XbUREdjhnbHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9hM2MwNTUtYjI1YS00MjVmLThkOTktZTVhNzAwM2UxMGRl
LzEveGswaWhyWE1lLVF2aXV1dXRxcmxmbnpuMmlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1hIMA0G
CSqGSIb3DQEBCwUAA4IBAQBTR1hOVkN0zwqO6ywKoyOv67GXaMqjFQ7+3FCP5wco
4BiC0WX3dOrSafYl8b0lZcQ1NBE7xEKVcJ5FOhpJlyauTOPZ2XCmqpwlRuJTqXn7
LJl9Yq+cGGDuc6e4CWeJgWBYoWvjj/bVW1Y0kS31U411eSw72I0y/EoOoicd51Wa
eNHanhJaOH0jUvzDKp3NPDhOhInnXih7AQiw4y3DkVmR4k3bILWjw4tMcP9cIi99
/9LzYVsCxB0FjuMdDRvYB2ryL4hfGRu2OW3xmlww2jPLm8YbXVDTA8L0aSyIVbu4
p8oWo2qKSsVoSQgILpky8Qphirh4Hi72YDYAECMVSCM3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:32 2025 by rpki-client