Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/2d8efc-b9fa-432c-9727-8b85b28fbb79/1/5xr2aw1PsOZK2EKlLxMK8MmXi6Q.roa
File: 5xr2aw1PsOZK2EKlLxMK8MmXi6Q.roa (raw, json)
Hash identifier: tvpu0e86TrNaWSxQu9sd3sbDUHip8N+ALi2MnVNDVzM=
Subject key identifier: E7:1A:F6:6B:0D:4F:B0:E6:4A:D8:42:A5:2F:13:0A:F0:C9:97:8B:A4
Certificate issuer: /CN=daaec597d1b379ea83236312c6f8b2bce7439773
Certificate serial: 018B8C58DD6CB49B4F6322172E5F39E7EBF4
Authority key identifier: DA:AE:C5:97:D1:B3:79:EA:83:23:63:12:C6:F8:B2:BC:E7:43:97:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q7Fl9GzeeqDI2MSxviyvOdDl3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/2d8efc-b9fa-432c-9727-8b85b28fbb79/1/5xr2aw1PsOZK2EKlLxMK8MmXi6Q.roa
Signing time: Wed 01 Nov 2023 19:25:15 +0000
ROA not before: Wed 01 Nov 2023 19:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28820
IP address blocks: 195.225.252.0/22 maxlen: 22
193.29.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:8c:58:dd:6c:b4:9b:4f:63:22:17:2e:5f:39:e7:eb:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaec597d1b379ea83236312c6f8b2bce7439773
Validity
Not Before: Nov 1 19:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e71af66b0d4fb0e64ad842a52f130af0c9978ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:dd:6b:a5:fd:23:b1:cb:f9:12:f6:6e:25:32:
0c:a3:06:c1:77:fc:cb:d8:6b:75:02:3b:24:30:be:
56:a6:d7:ef:76:9a:7b:5e:a0:58:70:3e:59:22:72:
5b:ef:85:9c:9e:2b:12:90:11:7a:d5:af:5e:22:db:
64:a4:2b:8f:da:3d:6e:52:1c:ce:66:59:7d:19:c4:
6c:cc:0c:b4:80:b5:fa:22:51:c6:1b:0a:40:0b:d1:
7b:bc:9e:0e:61:50:42:00:27:47:4a:fc:55:91:09:
0e:7d:f3:bf:97:69:4c:f5:4b:b9:56:e4:8e:64:45:
06:29:54:3b:23:fa:be:2b:21:f6:a0:2d:db:4d:9f:
0f:ca:7f:a2:4b:65:66:00:76:8a:4c:03:4b:d4:34:
f6:ee:fb:23:3c:dd:ad:fe:fe:1a:14:85:a3:cb:5f:
f2:55:8f:68:c5:fa:c6:e9:ee:6e:5a:50:a0:1f:a3:
72:8a:4f:62:87:7a:dd:e9:42:20:da:f3:95:04:26:
57:b7:47:22:8a:c6:40:0f:0c:dd:f8:e1:c2:0f:eb:
be:0f:f7:d9:66:b1:f5:70:e9:ed:8c:ad:42:08:14:
cb:d0:27:be:52:1e:8f:08:8e:5e:93:6f:ba:2b:68:
52:70:7c:6b:45:8f:d1:4e:02:90:15:d0:a0:6d:7b:
db:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:1A:F6:6B:0D:4F:B0:E6:4A:D8:42:A5:2F:13:0A:F0:C9:97:8B:A4
X509v3 Authority Key Identifier:
keyid:DA:AE:C5:97:D1:B3:79:EA:83:23:63:12:C6:F8:B2:BC:E7:43:97:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q7Fl9GzeeqDI2MSxviyvOdDl3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2d8efc-b9fa-432c-9727-8b85b28fbb79/1/5xr2aw1PsOZK2EKlLxMK8MmXi6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/2d8efc-b9fa-432c-9727-8b85b28fbb79/1/2q7Fl9GzeeqDI2MSxviyvOdDl3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.55.0/24
195.225.252.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:5a:7c:5d:b6:bc:6f:0a:cb:71:58:e9:da:81:a8:92:1d:b1:
25:c1:7a:87:67:fa:5d:bb:9e:7b:3d:87:b1:bf:3a:bc:47:c7:
9b:3e:d6:6c:83:71:d1:c9:50:55:36:80:29:24:ac:24:8c:58:
48:00:36:8f:f4:c7:69:4d:f1:86:ac:85:51:fa:30:64:71:1d:
2f:2c:d4:12:9f:75:86:09:1b:ee:d5:87:79:f6:28:9c:6c:1d:
b9:39:a4:33:6d:42:fd:43:86:2c:be:3c:1c:48:6c:69:0a:3c:
1c:08:dd:d9:82:87:12:b7:51:2c:e4:2f:15:a2:7d:cd:be:bc:
ca:e1:38:90:e3:58:8d:0e:15:ff:6f:f4:29:6b:7f:67:bb:67:
3f:a2:cb:92:5a:a9:e6:e1:97:28:85:2b:f2:c9:2d:32:d9:3d:
6b:1c:2a:af:5c:ec:9d:62:91:1f:4a:91:0e:76:ae:b1:c8:1c:
0c:f3:64:d4:fc:fc:9a:67:95:7d:99:35:78:c1:e2:33:88:f8:
c8:93:28:e8:37:01:20:2b:83:15:c3:07:df:96:80:79:d9:12:
01:a0:d1:e0:54:71:1d:59:9c:40:3f:20:dc:6e:60:b6:3e:82:
b3:3f:b6:ea:82:81:ff:19:7b:1c:a2:9d:76:4e:19:46:81:92:
5b:b7:df:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuMWN1stJtPYyIXLl855+v0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWVjNTk3ZDFiMzc5ZWE4MzIzNjMxMmM2ZjhiMmJjZTc0
Mzk3NzMwHhcNMjMxMTAxMTkyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzFhZjY2YjBkNGZiMGU2NGFkODQyYTUyZjEzMGFmMGM5OTc4YmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA691rpf0jscv5EvZuJTIMowbBd/zL
2Gt1AjskML5Wptfvdpp7XqBYcD5ZInJb74WcnisSkBF61a9eIttkpCuP2j1uUhzO
Zll9GcRszAy0gLX6IlHGGwpAC9F7vJ4OYVBCACdHSvxVkQkOffO/l2lM9Uu5VuSO
ZEUGKVQ7I/q+KyH2oC3bTZ8Pyn+iS2VmAHaKTANL1DT27vsjPN2t/v4aFIWjy1/y
VY9oxfrG6e5uWlCgH6Nyik9ih3rd6UIg2vOVBCZXt0ciisZADwzd+OHCD+u+D/fZ
ZrH1cOntjK1CCBTL0Ce+Uh6PCI5ek2+6K2hScHxrRY/RTgKQFdCgbXvbpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOca9msNT7DmSthCpS8TCvDJl4ukMB8GA1UdIwQY
MBaAFNquxZfRs3nqgyNjEsb4srznQ5dzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE3Rmw5R3plZXFESTJNU3h2aXl2T2REbDNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8yZDhlZmMtYjlmYS00MzJjLTk3Mjct
OGI4NWIyOGZiYjc5LzEvNXhyMmF3MVBzT1pLMkVLbEx4TUs4TW1YaTZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8yZDhlZmMtYjlmYS00MzJjLTk3MjctOGI4NWIyOGZiYjc5
LzEvMnE3Rmw5R3plZXFESTJNU3h2aXl2T2REbDNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwR03AwQC
w+H8MA0GCSqGSIb3DQEBCwUAA4IBAQAtWnxdtrxvCstxWOnagaiSHbElwXqHZ/pd
u557PYexvzq8R8ebPtZsg3HRyVBVNoApJKwkjFhIADaP9MdpTfGGrIVR+jBkcR0v
LNQSn3WGCRvu1Yd59iicbB25OaQzbUL9Q4YsvjwcSGxpCjwcCN3ZgocSt1Es5C8V
on3NvrzK4TiQ41iNDhX/b/Qpa39nu2c/osuSWqnm4ZcohSvyyS0y2T1rHCqvXOyd
YpEfSpEOdq6xyBwM82TU/PyaZ5V9mTV4weIziPjIkyjoNwEgK4MVwwffloB52RIB
oNHgVHEdWZxAPyDcbmC2PoKzP7bqgoH/GXscop12ThlGgZJbt9+q
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:26 2025 by rpki-client