Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/R-Y5JhysuCqOQtU0tlDgXypXxLw.roa
File: R-Y5JhysuCqOQtU0tlDgXypXxLw.roa (raw, json)
Hash identifier: NhT7NY33Vq56Pl9mLoJp35s1zrsDYILwL2Qg3t1nm70=
Subject key identifier: 47:E6:39:26:1C:AC:B8:2A:8E:42:D5:34:B6:50:E0:5F:2A:57:C4:BC
Certificate issuer: /CN=dd55ec175f6ee7a1fc1f89adf754bb2a0862578a
Certificate serial: 01856CF85A83FB28BC5B79161DCEBDDFA483
Authority key identifier: DD:55:EC:17:5F:6E:E7:A1:FC:1F:89:AD:F7:54:BB:2A:08:62:57:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VXsF19u56H8H4mt91S7KghiV4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/R-Y5JhysuCqOQtU0tlDgXypXxLw.roa
Signing time: Sun 01 Jan 2023 10:54:53 +0000
ROA not before: Sun 01 Jan 2023 10:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8787
IP address blocks: 195.88.10.0/23 maxlen: 23
2001:67c:2090::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:5a:83:fb:28:bc:5b:79:16:1d:ce:bd:df:a4:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd55ec175f6ee7a1fc1f89adf754bb2a0862578a
Validity
Not Before: Jan 1 10:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47e639261cacb82a8e42d534b650e05f2a57c4bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f9:6b:e2:f1:0c:bc:63:88:66:cc:bc:dd:a9:
a0:04:3c:14:92:c2:c7:8e:63:f8:c2:58:ad:12:e0:
bf:22:89:74:fe:57:54:aa:ca:c5:e7:f2:9e:a3:6b:
20:4c:4d:9a:e0:5d:11:b9:b0:6d:0f:17:fc:4e:a9:
b7:fa:6b:c1:b0:c0:55:c1:03:9f:e0:e9:ed:50:02:
20:67:15:ac:da:52:da:46:2c:5a:45:1e:98:89:24:
35:9c:32:cf:64:0c:56:38:80:9c:89:e5:65:cf:98:
07:25:98:d3:4d:dc:c5:75:fe:d3:a1:e3:da:32:98:
d7:df:5a:47:01:e3:d8:05:a0:82:0f:15:99:18:b7:
8c:35:f3:89:f7:09:df:76:cd:bf:03:36:45:cc:a1:
a9:1a:b0:07:cc:6f:cf:df:b0:f3:0e:3f:06:3d:c2:
46:9c:cb:4e:9f:0d:ac:6d:37:82:90:af:17:54:2a:
fc:dd:ca:ff:c6:6e:01:6b:c7:e0:a7:5c:a0:ef:8a:
c7:70:12:2d:11:4f:b3:db:08:02:10:e7:32:8f:e3:
a8:34:ab:71:f3:89:71:52:d2:9f:9e:b7:22:7a:f8:
de:c6:17:4f:68:24:0d:6a:ab:5f:27:94:43:68:02:
99:b9:a1:10:a0:59:23:16:9f:fa:15:7e:a7:e5:3e:
97:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E6:39:26:1C:AC:B8:2A:8E:42:D5:34:B6:50:E0:5F:2A:57:C4:BC
X509v3 Authority Key Identifier:
keyid:DD:55:EC:17:5F:6E:E7:A1:FC:1F:89:AD:F7:54:BB:2A:08:62:57:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VXsF19u56H8H4mt91S7KghiV4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/R-Y5JhysuCqOQtU0tlDgXypXxLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/40d407-1eac-4381-8fa6-46c2cc2802f1/1/3VXsF19u56H8H4mt91S7KghiV4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.10.0/23
IPv6:
2001:67c:2090::/48
Signature Algorithm: sha256WithRSAEncryption
c0:00:d4:1a:80:64:b8:8a:ba:3c:b9:35:fe:28:86:21:0d:c8:
9d:88:80:78:21:e3:7e:24:5e:3a:02:b8:df:75:41:44:6f:f3:
0f:73:5c:c7:32:e4:64:35:aa:4c:11:21:45:fc:db:55:9b:b1:
a5:06:8a:3d:85:e7:03:88:35:21:d4:ce:66:0e:8a:f2:55:6e:
cd:46:23:8d:8c:55:14:4e:46:68:b1:e5:b4:26:14:5b:fd:3a:
83:af:1e:6c:b5:a6:6e:c5:39:0d:6b:3a:c7:a3:ed:9a:8e:12:
e7:d2:16:51:a4:28:fe:b0:fe:fb:41:85:4b:c8:47:c4:0e:53:
63:88:54:3b:50:75:41:44:00:69:21:ed:3a:63:7e:21:e7:37:
86:7f:b5:81:df:8d:f9:36:68:56:96:9f:c8:11:cb:e6:ca:db:
0e:91:85:23:65:1c:5d:cf:62:98:54:39:c3:44:15:3d:9e:ba:
24:46:79:31:47:a9:c8:c8:a9:fd:bb:41:63:95:5a:2f:bd:06:
00:41:f6:7b:40:0b:d6:17:88:10:3d:79:da:27:e3:31:3d:c2:
92:6a:08:94:7b:f8:a4:8b:42:a2:be:a4:8b:e7:23:73:74:27:
5c:2c:b6:5d:21:18:cb:c5:90:f5:96:75:62:b3:12:fb:7b:86:
f3:07:ca:2f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVs+FqD+yi8W3kWHc6936SDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNTVlYzE3NWY2ZWU3YTFmYzFmODlhZGY3NTRiYjJhMDg2
MjU3OGEwHhcNMjMwMTAxMTA1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2U2MzkyNjFjYWNiODJhOGU0MmQ1MzRiNjUwZTA1ZjJhNTdjNGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmflr4vEMvGOIZsy83amgBDwUksLH
jmP4wlitEuC/Iol0/ldUqsrF5/Keo2sgTE2a4F0RubBtDxf8Tqm3+mvBsMBVwQOf
4OntUAIgZxWs2lLaRixaRR6YiSQ1nDLPZAxWOICcieVlz5gHJZjTTdzFdf7ToePa
MpjX31pHAePYBaCCDxWZGLeMNfOJ9wnfds2/AzZFzKGpGrAHzG/P37DzDj8GPcJG
nMtOnw2sbTeCkK8XVCr83cr/xm4Ba8fgp1yg74rHcBItEU+z2wgCEOcyj+OoNKtx
84lxUtKfnrcievjexhdPaCQNaqtfJ5RDaAKZuaEQoFkjFp/6FX6n5T6XNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEfmOSYcrLgqjkLVNLZQ4F8qV8S8MB8GA1UdIwQY
MBaAFN1V7Bdfbueh/B+JrfdUuyoIYleKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1ZYc0YxOXU1Nkg4SDRtdDkxUzdLZ2hpVjRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80MGQ0MDctMWVhYy00MzgxLThmYTYt
NDZjMmNjMjgwMmYxLzEvUi1ZNUpoeXN1Q3FPUXRVMHRsRGdYeXBYeEx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80MGQ0MDctMWVhYy00MzgxLThmYTYtNDZjMmNjMjgwMmYx
LzEvM1ZYc0YxOXU1Nkg4SDRtdDkxUzdLZ2hpVjRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw1gKMA8E
AgACMAkDBwAgAQZ8IJAwDQYJKoZIhvcNAQELBQADggEBAMAA1BqAZLiKujy5Nf4o
hiENyJ2IgHgh434kXjoCuN91QURv8w9zXMcy5GQ1qkwRIUX821WbsaUGij2F5wOI
NSHUzmYOivJVbs1GI42MVRRORmix5bQmFFv9OoOvHmy1pm7FOQ1rOsej7ZqOEufS
FlGkKP6w/vtBhUvIR8QOU2OIVDtQdUFEAGkh7TpjfiHnN4Z/tYHfjfk2aFaWn8gR
y+bK2w6RhSNlHF3PYphUOcNEFT2euiRGeTFHqcjIqf27QWOVWi+9BgBB9ntAC9YX
iBA9edon4zE9wpJqCJR7+KSLQqK+pIvnI3N0J1wstl0hGMvFkPWWdWKzEvt7hvMH
yi8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:49 2025 by rpki-client