Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/s8vNue4jqCJDjlG_Jrrgvck2pbA.roa
File: s8vNue4jqCJDjlG_Jrrgvck2pbA.roa (raw, json)
Hash identifier: 12Osx12k2vzAhvsrm+DtKokW7NyFzPC6uz24UG4Ep9U=
Subject key identifier: B3:CB:CD:B9:EE:23:A8:22:43:8E:51:BF:26:BA:E0:BD:C9:36:A5:B0
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018570CBCF9FFCA55388E56B7F82B6A979E2
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/s8vNue4jqCJDjlG_Jrrgvck2pbA.roa
Signing time: Mon 02 Jan 2023 04:44:43 +0000
ROA not before: Mon 02 Jan 2023 04:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2119
IP address blocks: 195.198.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:cb:cf:9f:fc:a5:53:88:e5:6b:7f:82:b6:a9:79:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: Jan 2 04:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3cbcdb9ee23a822438e51bf26bae0bdc936a5b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:80:d4:ee:07:c3:23:34:2d:b8:60:f0:a4:35:
a3:0a:a5:88:71:e9:43:33:4a:b8:0b:1d:f2:79:cf:
5f:63:2a:41:ac:8b:82:3e:01:21:f1:fb:b7:fa:a7:
62:5c:dd:ef:00:be:f3:2f:69:c8:36:9d:1c:bd:f2:
32:f0:13:7a:e1:c3:58:3e:f1:57:57:f9:f6:f3:8f:
dd:65:dd:51:1e:a9:2d:21:4a:8b:b2:a0:ed:6d:e4:
6e:75:5f:0d:29:c1:71:a9:26:26:d1:b8:92:4b:5f:
2b:55:39:56:ee:b6:71:22:69:d2:64:5b:b1:40:f7:
19:9d:a4:a4:e3:79:93:06:d9:b4:02:dc:45:aa:ee:
ea:a4:a4:af:67:a8:e7:a5:6c:b5:ac:34:8d:ab:55:
a7:3a:d2:b1:43:a9:ab:55:86:28:d7:14:ca:54:00:
c2:dc:8d:c5:dd:25:79:63:cd:1e:91:46:19:ef:eb:
6b:e6:7e:f4:e8:4b:27:1b:14:68:f5:e4:37:ac:69:
3f:76:58:66:03:bf:f6:ec:6d:6c:ab:30:49:db:89:
f7:96:38:2f:f9:27:90:26:9d:c2:a2:82:0e:b8:cd:
fe:0e:70:ea:56:ca:ff:cb:c2:23:d6:e8:5f:7c:3c:
4a:4f:c7:c4:47:81:2f:9c:02:8b:b6:e2:76:35:95:
f7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:CB:CD:B9:EE:23:A8:22:43:8E:51:BF:26:BA:E0:BD:C9:36:A5:B0
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/s8vNue4jqCJDjlG_Jrrgvck2pbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.198.52.0/24
Signature Algorithm: sha256WithRSAEncryption
d0:09:b4:df:93:6d:76:c7:23:b7:49:87:bc:4a:ee:e2:45:a8:
a1:c5:bc:42:ca:bc:ec:de:d0:e3:c2:ca:e2:1b:ad:05:1c:e4:
0c:c5:5e:3f:ce:0e:d7:d6:82:12:c3:7f:48:fb:d6:ea:ae:95:
55:5d:b7:5d:40:8b:ed:96:d8:7c:24:f2:cc:d6:26:34:d1:72:
1b:ee:fd:d3:7c:6f:d1:18:5c:fb:7f:86:38:31:21:e2:7c:9e:
d9:78:c6:ad:a0:9e:49:1b:91:86:92:7a:fd:1b:2d:e9:42:bd:
38:a9:4c:10:08:11:24:42:1a:68:2a:ad:67:99:0c:b8:5f:71:
18:49:10:c2:36:84:37:d6:4f:e4:84:c0:24:44:0a:a3:f8:c5:
8e:f4:fc:6a:58:11:dd:08:fd:47:03:15:de:10:30:aa:a7:3c:
21:da:a1:a3:f0:c9:64:32:35:59:e6:65:ba:89:20:8d:0c:64:
e8:54:81:72:25:47:fa:25:e1:92:89:ed:e6:69:4e:1d:72:60:
b1:29:b6:98:d5:a6:97:5f:13:b4:72:bd:34:d5:d8:9c:b9:58:
8b:bf:54:83:89:0c:23:19:64:0e:eb:ce:11:72:40:fa:98:40:
8a:a9:89:56:d3:7f:bc:62:a7:c8:18:0d:21:94:f8:c9:c9:89:
62:2e:de:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwy8+f/KVTiOVrf4K2qXniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjMwMTAyMDQ0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2NiY2RiOWVlMjNhODIyNDM4ZTUxYmYyNmJhZTBiZGM5MzZhNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoDU7gfDIzQtuGDwpDWjCqWIcelD
M0q4Cx3yec9fYypBrIuCPgEh8fu3+qdiXN3vAL7zL2nINp0cvfIy8BN64cNYPvFX
V/n284/dZd1RHqktIUqLsqDtbeRudV8NKcFxqSYm0biSS18rVTlW7rZxImnSZFux
QPcZnaSk43mTBtm0AtxFqu7qpKSvZ6jnpWy1rDSNq1WnOtKxQ6mrVYYo1xTKVADC
3I3F3SV5Y80ekUYZ7+tr5n706EsnGxRo9eQ3rGk/dlhmA7/27G1sqzBJ24n3ljgv
+SeQJp3CooIOuM3+DnDqVsr/y8Ij1uhffDxKT8fER4EvnAKLtuJ2NZX3ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLPLzbnuI6giQ45Rvya64L3JNqWwMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvczh2TnVlNGpxQ0pEamxHX0pycmd2Y2sycGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw8Y0MA0G
CSqGSIb3DQEBCwUAA4IBAQDQCbTfk212xyO3SYe8Su7iRaihxbxCyrzs3tDjwsri
G60FHOQMxV4/zg7X1oISw39I+9bqrpVVXbddQIvtlth8JPLM1iY00XIb7v3TfG/R
GFz7f4Y4MSHifJ7ZeMatoJ5JG5GGknr9Gy3pQr04qUwQCBEkQhpoKq1nmQy4X3EY
SRDCNoQ31k/khMAkRAqj+MWO9PxqWBHdCP1HAxXeEDCqpzwh2qGj8MlkMjVZ5mW6
iSCNDGToVIFyJUf6JeGSie3maU4dcmCxKbaY1aaXXxO0cr001dicuViLv1SDiQwj
GWQO684RckD6mECKqYlW03+8YqfIGA0hlPjJyYliLt7/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:41 2025 by rpki-client