Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/8hARF7jXMdPBADRqYj1owMpaLVA.roa
File: 8hARF7jXMdPBADRqYj1owMpaLVA.roa (raw, json)
Hash identifier: gj1OcJCMEhXGfIbE2fKU4J5K4R/cjtbPDy8QZlgGA5g=
Subject key identifier: F2:10:11:17:B8:D7:31:D3:C1:00:34:6A:62:3D:68:C0:CA:5A:2D:50
Certificate issuer: /CN=dd55ec175f6ee7a1fc1f89adf754bb2a0862578a
Certificate serial: 06A7D70B
Authority key identifier: DD:55:EC:17:5F:6E:E7:A1:FC:1F:89:AD:F7:54:BB:2A:08:62:57:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VXsF19u56H8H4mt91S7KghiV4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/8hARF7jXMdPBADRqYj1owMpaLVA.roa
Signing time: Sat 01 Jan 2022 15:01:12 +0000
ROA not before: Sat 01 Jan 2022 15:01:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8787
IP address blocks: 195.88.10.0/23 maxlen: 23
2001:67c:2090::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111662859 (0x6a7d70b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd55ec175f6ee7a1fc1f89adf754bb2a0862578a
Validity
Not Before: Jan 1 15:01:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2101117b8d731d3c100346a623d68c0ca5a2d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d2:bd:7b:8a:93:65:64:f8:9e:2f:87:22:5f:
fb:7c:94:84:32:d6:5b:44:9f:49:35:b8:ed:c7:d1:
14:f7:63:8d:50:31:2b:32:c2:1a:e7:b5:b2:fb:d9:
e4:91:45:39:71:9a:09:ce:02:90:47:64:3f:b7:62:
d5:27:ed:69:da:10:5f:d5:c5:f1:d2:d6:bf:ed:b7:
fa:54:5b:af:49:87:d8:e7:7d:48:07:f5:87:69:43:
ff:ba:f9:3e:90:88:dc:fd:6b:88:0d:ce:f1:78:24:
3e:bc:82:c9:55:53:e7:dd:51:4f:1c:3d:fa:a4:36:
57:bb:cf:ce:f4:d3:3c:6f:8b:de:cc:96:7a:e1:e5:
08:8e:3e:e6:76:7a:fe:93:e1:22:34:5a:0e:a3:e0:
a1:ec:1a:e5:ad:e8:7e:0a:04:72:e6:8f:f7:88:d7:
bf:45:14:a4:ab:f4:02:c6:1f:0b:cf:e5:99:f3:2a:
f7:5e:0b:2c:05:fa:58:43:27:3e:ad:65:d0:9b:39:
16:26:51:d0:0b:68:6f:48:ca:ab:98:f7:20:73:db:
3f:a3:98:5c:f9:3c:d3:0a:50:72:d3:f9:80:c3:bb:
13:37:7e:05:d4:61:f3:10:b9:b6:af:2c:9e:64:1a:
fe:c5:58:76:00:c6:b5:a2:0a:a6:9c:6d:b9:6b:88:
36:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:10:11:17:B8:D7:31:D3:C1:00:34:6A:62:3D:68:C0:CA:5A:2D:50
X509v3 Authority Key Identifier:
keyid:DD:55:EC:17:5F:6E:E7:A1:FC:1F:89:AD:F7:54:BB:2A:08:62:57:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VXsF19u56H8H4mt91S7KghiV4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/8hARF7jXMdPBADRqYj1owMpaLVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/3VXsF19u56H8H4mt91S7KghiV4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.10.0/23
IPv6:
2001:67c:2090::/48
Signature Algorithm: sha256WithRSAEncryption
b7:5d:66:67:47:a6:76:65:67:ad:ed:af:45:b5:e7:43:28:29:
2b:67:85:10:43:17:4f:b0:53:e8:21:5a:a8:23:04:83:99:ad:
c1:41:ad:7e:2a:70:62:bf:12:1c:06:6e:9f:3c:7e:c5:95:ee:
72:01:0b:36:2a:96:c8:c4:16:40:98:2e:f4:ab:fe:fe:75:52:
d8:38:c6:21:33:a9:b1:96:86:4c:b9:35:27:e7:0a:06:f5:ac:
a9:6c:24:30:f2:18:25:d9:a6:cb:e5:2b:7a:1c:7b:fe:27:c9:
85:6c:6e:8d:48:b6:04:fc:67:69:1d:7c:d1:3a:dc:21:47:12:
40:44:bf:8a:4a:47:91:a3:fe:b3:92:f2:f1:b1:6f:1b:20:65:
eb:2b:55:ab:3e:12:2f:ab:45:e9:d1:6e:ce:71:31:2f:de:b4:
8f:d5:fe:bc:43:42:6d:c0:3e:e2:13:1a:0e:a2:8b:a2:ac:bd:
8e:b5:39:a5:fc:fb:35:b5:77:59:4e:32:88:c8:20:61:9b:1b:
20:c3:62:64:f1:4c:5e:d6:0e:7a:fe:6a:83:de:b2:39:95:83:
fa:e5:ed:b3:1c:7b:22:06:d7:75:97:7a:13:d1:65:96:94:2e:
5c:e6:3e:9d:f2:77:56:42:0d:e6:53:4f:1e:f7:ee:7c:ea:90:
3f:d4:48:81
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBqfXCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDU1ZWMxNzVmNmVlN2ExZmMxZjg5YWRmNzU0YmIyYTA4NjI1NzhhMB4XDTIyMDEw
MTE1MDExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIxMDExMTdiOGQ3
MzFkM2MxMDAzNDZhNjIzZDY4YzBjYTVhMmQ1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN3SvXuKk2Vk+J4vhyJf+3yUhDLWW0SfSTW47cfRFPdjjVAx
KzLCGue1svvZ5JFFOXGaCc4CkEdkP7di1SftadoQX9XF8dLWv+23+lRbr0mH2Od9
SAf1h2lD/7r5PpCI3P1riA3O8XgkPryCyVVT591RTxw9+qQ2V7vPzvTTPG+L3syW
euHlCI4+5nZ6/pPhIjRaDqPgoewa5a3ofgoEcuaP94jXv0UUpKv0AsYfC8/lmfMq
914LLAX6WEMnPq1l0Js5FiZR0Atob0jKq5j3IHPbP6OYXPk80wpQctP5gMO7Ezd+
BdRh8xC5tq8snmQa/sVYdgDGtaIKppxtuWuINk8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTyEBEXuNcx08EANGpiPWjAylotUDAfBgNVHSMEGDAWgBTdVewXX27nofwf
ia33VLsqCGJXijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNWWHNGMTl1NTZIOEg0bXQ5MVM3S2doaVY0by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNDBkNDA3LTFlYWMtNDM4MS04ZmE2LTQ2YzJjYzI4MDJmMS8x
LzhoQVJGN2pYTWRQQkFEUnFZajFvd01wYUxWQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NDBkNDA3LTFlYWMtNDM4MS04ZmE2LTQ2YzJjYzI4MDJmMS8xLzNWWHNGMTl1NTZI
OEg0bXQ5MVM3S2doaVY0by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAcNYCjAPBAIAAjAJAwcAIAEGfCCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC3XWZnR6Z2ZWet7a9FtedDKCkrZ4UQQxdPsFPo
IVqoIwSDma3BQa1+KnBivxIcBm6fPH7Fle5yAQs2KpbIxBZAmC70q/7+dVLYOMYh
M6mxloZMuTUn5woG9aypbCQw8hgl2abL5St6HHv+J8mFbG6NSLYE/GdpHXzROtwh
RxJARL+KSkeRo/6zkvLxsW8bIGXrK1WrPhIvq0Xp0W7OcTEv3rSP1f68Q0JtwD7i
ExoOoouirL2OtTml/Ps1tXdZTjKIyCBhmxsgw2Jk8Uxe1g56/mqD3rI5lYP65e2z
HHsiBtd1l3oT0WWWlC5c5j6d8ndWQg3mU08e9+586pA/1EiB
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:29 2025 by rpki-client