Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/Agf_H-ue-sTtvsOQjyLfQTqS4_k.roa
File: Agf_H-ue-sTtvsOQjyLfQTqS4_k.roa (raw, json)
Hash identifier: SOA2UNLS8KxqUZZfYDmyRUYdwwwsdT3/W4NEAIMbJW4=
Subject key identifier: 02:07:FF:1F:EB:9E:FA:C4:ED:BE:C3:90:8F:22:DF:41:3A:92:E3:F9
Certificate issuer: /CN=6cff3d899e26fc84fb4379fb325f174b5075ce0d
Certificate serial: 01856D5D281EC10E231020A7192AE18E2213
Authority key identifier: 6C:FF:3D:89:9E:26:FC:84:FB:43:79:FB:32:5F:17:4B:50:75:CE:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bP89iZ4m_IT7Q3n7Ml8XS1B1zg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/Agf_H-ue-sTtvsOQjyLfQTqS4_k.roa
Signing time: Sun 01 Jan 2023 12:44:59 +0000
ROA not before: Sun 01 Jan 2023 12:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29317
IP address blocks: 195.137.210.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:5d:28:1e:c1:0e:23:10:20:a7:19:2a:e1:8e:22:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cff3d899e26fc84fb4379fb325f174b5075ce0d
Validity
Not Before: Jan 1 12:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0207ff1feb9efac4edbec3908f22df413a92e3f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a2:80:8c:3d:0a:2c:b3:87:02:79:7f:cf:03:
95:bb:c6:b5:80:65:39:8a:18:e1:ab:b0:00:ee:5d:
50:20:5f:2a:7e:74:ed:8e:79:c7:b8:f0:de:30:76:
8a:cb:97:9b:7d:51:fa:c7:a5:ec:13:30:2d:d4:14:
3c:98:fa:7a:23:0a:1d:58:9f:86:72:c5:4a:28:10:
0e:09:04:ff:2d:01:89:a0:ac:e3:c2:10:f4:d4:bd:
5d:72:dd:00:e9:45:fb:e4:f4:a0:e1:6e:56:ca:64:
71:d2:52:21:86:d2:31:5e:74:d8:12:69:23:37:a6:
73:78:5f:7b:71:0f:7a:fd:ab:29:2f:a4:44:65:95:
66:36:58:c7:49:d0:12:21:8e:cc:d4:08:d7:59:15:
a8:f3:14:08:d7:15:fc:b5:3b:aa:86:c4:33:3f:cc:
dd:93:13:33:33:31:18:3d:f5:ed:12:a2:29:38:85:
9c:fe:90:d6:77:f6:29:67:75:39:db:66:2c:45:cc:
95:f9:a9:62:17:a5:9c:61:39:26:51:91:7d:ce:db:
ce:bf:c3:eb:e2:e5:a2:ea:e0:bc:33:fc:76:b8:46:
7f:26:c3:0e:b7:86:4e:bf:df:7c:68:10:94:81:4a:
76:2c:d0:ef:c9:3e:90:85:d7:4e:e0:1a:96:d9:ae:
a9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:07:FF:1F:EB:9E:FA:C4:ED:BE:C3:90:8F:22:DF:41:3A:92:E3:F9
X509v3 Authority Key Identifier:
keyid:6C:FF:3D:89:9E:26:FC:84:FB:43:79:FB:32:5F:17:4B:50:75:CE:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bP89iZ4m_IT7Q3n7Ml8XS1B1zg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/Agf_H-ue-sTtvsOQjyLfQTqS4_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b0c875-24e1-444d-b01d-5408f8d9dfb1/1/bP89iZ4m_IT7Q3n7Ml8XS1B1zg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.210.0/23
Signature Algorithm: sha256WithRSAEncryption
14:ca:db:e2:25:26:60:10:08:73:0a:94:cb:ed:4b:c4:8e:ba:
f1:5e:5f:26:7b:8e:18:71:e0:d6:7d:35:ec:b6:00:58:56:22:
57:80:8b:da:38:8b:ae:9e:12:71:d4:22:84:59:5c:67:de:4d:
34:38:05:2c:ae:85:79:77:2a:42:b3:34:60:9a:67:50:df:41:
94:d5:d9:34:62:36:be:19:47:79:09:81:5c:0d:5f:b4:8f:0a:
24:b9:41:48:28:ca:6b:ee:0d:d3:69:40:f9:31:fd:5f:1f:04:
7d:5c:39:be:56:a1:03:ce:6e:8c:97:4f:60:7e:90:88:e0:4b:
70:d5:2b:44:b3:e6:59:c1:d3:22:90:c9:cc:c4:41:01:ef:85:
9f:07:99:9c:69:ce:1e:d8:2c:4c:fb:27:47:e0:77:bd:18:b1:
c9:03:4d:bf:53:eb:2d:05:b0:50:f2:b1:62:ea:f0:61:a5:e6:
d4:6f:86:8a:3e:db:cf:ca:9f:91:8f:a1:96:e3:db:fb:7f:e7:
a0:eb:aa:cf:25:4c:63:73:e6:bb:f9:22:d3:20:e9:85:28:28:
ef:7e:d3:60:68:77:6f:93:ac:4b:6a:ca:74:7a:0c:85:06:61:
f1:5f:c3:b0:1e:4a:57:a3:4a:d5:ea:46:fc:31:37:eb:8a:8a:
d2:d7:09:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtXSgewQ4jECCnGSrhjiITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZmYzZDg5OWUyNmZjODRmYjQzNzlmYjMyNWYxNzRiNTA3
NWNlMGQwHhcNMjMwMTAxMTI0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjA3ZmYxZmViOWVmYWM0ZWRiZWMzOTA4ZjIyZGY0MTNhOTJlM2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaKAjD0KLLOHAnl/zwOVu8a1gGU5
ihjhq7AA7l1QIF8qfnTtjnnHuPDeMHaKy5ebfVH6x6XsEzAt1BQ8mPp6IwodWJ+G
csVKKBAOCQT/LQGJoKzjwhD01L1dct0A6UX75PSg4W5WymRx0lIhhtIxXnTYEmkj
N6ZzeF97cQ96/aspL6REZZVmNljHSdASIY7M1AjXWRWo8xQI1xX8tTuqhsQzP8zd
kxMzMzEYPfXtEqIpOIWc/pDWd/YpZ3U522YsRcyV+aliF6WcYTkmUZF9ztvOv8Pr
4uWi6uC8M/x2uEZ/JsMOt4ZOv998aBCUgUp2LNDvyT6QhddO4BqW2a6p4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIH/x/rnvrE7b7DkI8i30E6kuP5MB8GA1UdIwQY
MBaAFGz/PYmeJvyE+0N5+zJfF0tQdc4NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlA4OWlaNG1fSVQ3UTNuN01sOFhTMUIxemcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iMGM4NzUtMjRlMS00NDRkLWIwMWQt
NTQwOGY4ZDlkZmIxLzEvQWdmX0gtdWUtc1R0dnNPUWp5TGZRVHFTNF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iMGM4NzUtMjRlMS00NDRkLWIwMWQtNTQwOGY4ZDlkZmIx
LzEvYlA4OWlaNG1fSVQ3UTNuN01sOFhTMUIxemcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw4nSMA0G
CSqGSIb3DQEBCwUAA4IBAQAUytviJSZgEAhzCpTL7UvEjrrxXl8me44YceDWfTXs
tgBYViJXgIvaOIuunhJx1CKEWVxn3k00OAUsroV5dypCszRgmmdQ30GU1dk0Yja+
GUd5CYFcDV+0jwokuUFIKMpr7g3TaUD5Mf1fHwR9XDm+VqEDzm6Ml09gfpCI4Etw
1StEs+ZZwdMikMnMxEEB74WfB5mcac4e2CxM+ydH4He9GLHJA02/U+stBbBQ8rFi
6vBhpebUb4aKPtvPyp+Rj6GW49v7f+eg66rPJUxjc+a7+SLTIOmFKCjvftNgaHdv
k6xLasp0egyFBmHxX8OwHkpXo0rV6kb8MTfriorS1wlt
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:53:59 2025 by rpki-client