Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/7BhMcOZaaAhXba6QI8AY5Tnsm-c.roa
File: 7BhMcOZaaAhXba6QI8AY5Tnsm-c.roa (raw, json)
Hash identifier: ZPISx57Z+Cn2mOIx5Mv6UqzKOhzfmo9/V7JO7C0+0QI=
Subject key identifier: EC:18:4C:70:E6:5A:68:08:57:6D:AE:90:23:C0:18:E5:39:EC:9B:E7
Certificate issuer: /CN=02cc691476a6e7895b0e456116444f91937bf01e
Certificate serial: 37E23B0A
Authority key identifier: 02:CC:69:14:76:A6:E7:89:5B:0E:45:61:16:44:4F:91:93:7B:F0:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AsxpFHam54lbDkVhFkRPkZN78B4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/7BhMcOZaaAhXba6QI8AY5Tnsm-c.roa
Signing time: Sat 01 Jan 2022 16:04:52 +0000
ROA not before: Sat 01 Jan 2022 16:04:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29471
IP address blocks: 195.158.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 937573130 (0x37e23b0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02cc691476a6e7895b0e456116444f91937bf01e
Validity
Not Before: Jan 1 16:04:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec184c70e65a6808576dae9023c018e539ec9be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:30:3e:73:f9:13:f6:44:6d:31:54:d6:ba:f0:
17:5f:02:b9:94:58:fc:a2:e1:2b:74:22:32:dd:ff:
a6:b6:15:01:fd:98:30:4b:0f:d4:19:5c:03:e4:90:
b5:32:0a:93:16:40:6a:ff:b0:2f:8e:a5:8f:c1:bd:
76:73:bc:ef:52:22:91:2a:4c:1d:ba:c7:67:c1:e7:
10:d6:f6:d1:e0:bd:06:aa:c5:0f:0a:ff:58:3a:e2:
99:aa:f7:3e:5d:9f:c0:02:fa:7a:33:fe:00:32:84:
a1:e8:9d:5f:67:a8:b3:a5:e7:d5:16:d9:24:e2:2b:
8c:4a:4e:be:f5:18:5c:8a:a6:c2:f5:ea:f2:4d:16:
9b:2e:ae:d4:53:ca:3b:2f:14:29:9f:65:5d:3e:65:
9d:e3:f8:e4:7b:2d:0c:3c:1a:ea:87:2f:cf:e2:a3:
ef:77:54:78:e7:dc:82:3d:07:96:3b:d2:cb:72:ef:
23:4a:0a:bd:5e:4f:cd:09:f3:64:5b:11:ab:6f:e4:
00:ec:24:0b:17:c8:39:9e:88:d8:f3:43:80:97:99:
3b:14:1d:3d:28:50:11:7e:9d:da:d6:34:1f:fd:35:
03:7c:ca:e7:36:f6:d5:32:f4:72:26:9d:22:c9:35:
18:b3:29:99:bb:2d:23:08:1a:81:fa:d2:c6:63:3f:
81:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:18:4C:70:E6:5A:68:08:57:6D:AE:90:23:C0:18:E5:39:EC:9B:E7
X509v3 Authority Key Identifier:
keyid:02:CC:69:14:76:A6:E7:89:5B:0E:45:61:16:44:4F:91:93:7B:F0:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AsxpFHam54lbDkVhFkRPkZN78B4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/7BhMcOZaaAhXba6QI8AY5Tnsm-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/9a6860-224f-4b34-a9b6-bc192bb73025/1/AsxpFHam54lbDkVhFkRPkZN78B4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.158.54.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:23:9c:91:ef:aa:df:87:4d:da:b8:7c:93:a2:a9:b7:06:2e:
8c:d2:1b:74:a3:fc:6d:11:7c:4c:29:9f:47:37:b9:e1:e2:1c:
9a:7d:e0:5c:26:03:f9:b9:53:2a:4b:50:01:fc:12:c7:24:82:
b4:a1:aa:12:eb:9b:89:fd:81:6b:be:6f:03:a7:3d:a8:76:18:
28:bb:ba:c1:3e:cd:24:33:cf:ce:88:5c:d2:f5:7b:81:cb:97:
1f:ca:93:29:77:90:5c:de:0c:fd:cd:08:b0:2f:f8:e0:0a:99:
ba:44:ed:eb:a8:9d:ee:fa:91:ea:66:49:2b:f4:ba:36:bb:fe:
e9:08:a3:09:49:0f:a8:9f:3d:42:08:48:93:a8:76:dc:cd:cd:
68:b1:94:ad:60:b5:fa:8c:87:1d:2c:09:d3:cb:78:04:fa:bf:
bc:f3:ce:b2:a7:6d:58:ab:d4:32:30:2f:58:ef:1a:0a:02:df:
91:ac:8c:ae:f7:38:56:b0:40:c7:ad:9b:16:37:b7:e4:88:e6:
c3:86:ab:2e:6b:2e:53:d2:33:9a:06:3c:6d:73:f3:4c:9c:cb:
a8:f0:e4:38:7a:5d:07:c2:0d:f1:a7:00:26:1a:66:01:c8:c5:
ee:30:ac:f5:34:88:c8:ed:08:d1:fd:1a:13:f8:a4:fc:60:c1:
75:a2:77:30
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN+I7CjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MmNjNjkxNDc2YTZlNzg5NWIwZTQ1NjExNjQ0NGY5MTkzN2JmMDFlMB4XDTIyMDEw
MTE2MDQ1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMxODRjNzBlNjVh
NjgwODU3NmRhZTkwMjNjMDE4ZTUzOWVjOWJlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwwPnP5E/ZEbTFU1rrwF18CuZRY/KLhK3QiMt3/prYVAf2Y
MEsP1BlcA+SQtTIKkxZAav+wL46lj8G9dnO871IikSpMHbrHZ8HnENb20eC9BqrF
Dwr/WDrimar3Pl2fwAL6ejP+ADKEoeidX2eos6Xn1RbZJOIrjEpOvvUYXIqmwvXq
8k0Wmy6u1FPKOy8UKZ9lXT5lneP45HstDDwa6ocvz+Kj73dUeOfcgj0HljvSy3Lv
I0oKvV5PzQnzZFsRq2/kAOwkCxfIOZ6I2PNDgJeZOxQdPShQEX6d2tY0H/01A3zK
5zb21TL0ciadIsk1GLMpmbstIwgagfrSxmM/gRECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTsGExw5lpoCFdtrpAjwBjlOeyb5zAfBgNVHSMEGDAWgBQCzGkUdqbniVsO
RWEWRE+Rk3vwHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FzeHBGSGFtNTRsYkRrVmhGa1JQa1pONzhCNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvOWE2ODYwLTIyNGYtNGIzNC1hOWI2LWJjMTkyYmI3MzAyNS8x
LzdCaE1jT1phYUFoWGJhNlFJOEFZNVRuc20tYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
OWE2ODYwLTIyNGYtNGIzNC1hOWI2LWJjMTkyYmI3MzAyNS8xL0FzeHBGSGFtNTRs
YkRrVmhGa1JQa1pONzhCNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOeNjANBgkqhkiG9w0BAQsFAAOC
AQEALyOcke+q34dN2rh8k6KptwYujNIbdKP8bRF8TCmfRze54eIcmn3gXCYD+blT
KktQAfwSxySCtKGqEuubif2Ba75vA6c9qHYYKLu6wT7NJDPPzohc0vV7gcuXH8qT
KXeQXN4M/c0IsC/44AqZukTt66id7vqR6mZJK/S6Nrv+6QijCUkPqJ89QghIk6h2
3M3NaLGUrWC1+oyHHSwJ08t4BPq/vPPOsqdtWKvUMjAvWO8aCgLfkayMrvc4VrBA
x62bFje35Ijmw4arLmsuU9IzmgY8bXPzTJzLqPDkOHpdB8IN8acAJhpmAcjF7jCs
9TSIyO0I0f0aE/ik/GDBdaJ3MA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:15 2025 by rpki-client