Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/RrP0X1JjhNRW5vJVwfjiMZIcJlw.roa
File: RrP0X1JjhNRW5vJVwfjiMZIcJlw.roa (raw, json)
Hash identifier: OeWCnPye17dUfL0YfPq1SD/RAipqyk6inFZb4gkn/UE=
Subject key identifier: 46:B3:F4:5F:52:63:84:D4:56:E6:F2:55:C1:F8:E2:31:92:1C:26:5C
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018573438CF78CF4A1131CB69D5540E44892
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/RrP0X1JjhNRW5vJVwfjiMZIcJlw.roa
Signing time: Mon 02 Jan 2023 16:14:44 +0000
ROA not before: Mon 02 Jan 2023 16:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202242
IP address blocks: 195.231.0.0/18 maxlen: 24
195.231.64.0/20 maxlen: 24
195.231.80.0/21 maxlen: 24
217.61.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:8c:f7:8c:f4:a1:13:1c:b6:9d:55:40:e4:48:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 2 16:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=46b3f45f526384d456e6f255c1f8e231921c265c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:76:f5:46:f7:c0:49:c0:f2:67:f3:65:a6:39:
d7:17:4f:c0:d6:c5:19:d3:2c:be:a3:d0:22:4f:d0:
22:1a:20:57:9e:6d:ef:6e:54:97:47:8b:65:53:cf:
a7:7a:e3:16:4e:e8:58:0b:97:82:6b:5c:74:c3:23:
03:63:1f:2f:e9:07:e8:00:b4:2a:5f:01:76:95:7e:
20:cf:c4:5b:d1:ee:a9:2d:d8:54:e6:f1:36:39:89:
e5:18:f0:69:40:c6:6e:ed:e4:b0:13:9a:ef:e2:32:
bf:e4:36:57:c7:c8:a4:85:65:37:10:f6:05:18:4d:
3d:87:c2:e3:c2:fa:e5:d1:57:28:4e:b7:ae:7f:0c:
83:30:ab:ee:89:5c:85:2f:c4:66:2c:a6:75:57:1e:
92:f6:39:a1:fb:7a:59:e9:15:16:8f:35:6b:0e:ec:
69:19:1e:b9:42:0b:e7:4f:aa:ba:8a:dd:9d:c9:4b:
f3:50:ff:7d:3c:eb:f2:11:48:7d:e7:d9:ea:f7:eb:
b8:8c:40:7e:47:f5:e8:e3:14:cc:bb:52:0b:90:19:
e3:33:3a:71:48:9d:e6:72:e1:b9:44:83:db:b7:87:
c4:45:67:17:27:91:6e:c3:ed:f8:e4:32:cc:5f:00:
32:30:35:46:79:4d:b6:73:f2:5e:1f:4c:15:2f:00:
6f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:B3:F4:5F:52:63:84:D4:56:E6:F2:55:C1:F8:E2:31:92:1C:26:5C
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/RrP0X1JjhNRW5vJVwfjiMZIcJlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.231.0.0-195.231.87.255
217.61.56.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:d2:55:41:50:d5:40:13:a6:c6:2b:de:3e:47:ac:30:43:12:
8e:49:8e:a8:a4:76:f9:d2:aa:a0:11:f3:56:66:44:59:43:2d:
d4:bb:6b:14:19:8c:8d:83:7a:73:e1:ae:00:f3:e5:8a:f7:17:
d5:9a:86:86:58:5b:2f:fd:1d:72:3d:1d:39:01:a7:30:da:ac:
10:d3:aa:6e:e8:02:10:a1:75:e0:11:dd:5c:0c:9a:13:5f:35:
d6:af:58:b3:63:3d:bb:9b:b8:52:bf:1b:7a:75:89:7b:74:58:
98:f7:c1:1c:18:e6:7b:5d:71:c8:d5:a3:01:3c:84:a1:4c:2c:
a2:39:48:85:8d:9d:7a:f7:ac:a0:8b:11:aa:8c:bb:dd:30:e8:
18:92:f0:e0:55:ad:70:bf:e7:7f:5c:d8:6f:a9:19:2e:74:8a:
ef:64:c0:74:d4:d7:d2:26:3d:f1:c2:52:24:36:9e:fd:ec:02:
8c:e3:6e:1d:6b:04:09:05:e2:b5:77:22:df:24:2f:d7:48:dd:
4d:ab:65:fe:48:54:44:76:f2:c4:0c:65:56:96:81:c5:19:f7:
a8:73:dd:cb:ec:db:db:77:c8:56:71:4b:ef:57:ff:96:ab:4a:
4a:31:30:13:ad:c9:28:e1:14:b2:38:d4:69:f9:c3:6d:fe:b4:
18:24:4b:60
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYVzQ4z3jPShExy2nVVA5EiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMwMTAyMTYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmIzZjQ1ZjUyNjM4NGQ0NTZlNmYyNTVjMWY4ZTIzMTkyMWMyNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHb1RvfAScDyZ/NlpjnXF0/A1sUZ
0yy+o9AiT9AiGiBXnm3vblSXR4tlU8+neuMWTuhYC5eCa1x0wyMDYx8v6QfoALQq
XwF2lX4gz8Rb0e6pLdhU5vE2OYnlGPBpQMZu7eSwE5rv4jK/5DZXx8ikhWU3EPYF
GE09h8Ljwvrl0VcoTreufwyDMKvuiVyFL8RmLKZ1Vx6S9jmh+3pZ6RUWjzVrDuxp
GR65QgvnT6q6it2dyUvzUP99POvyEUh959nq9+u4jEB+R/Xo4xTMu1ILkBnjMzpx
SJ3mcuG5RIPbt4fERWcXJ5Fuw+345DLMXwAyMDVGeU22c/JeH0wVLwBvQQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFEaz9F9SY4TUVubyVcH44jGSHCZcMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvUnJQMFgxSmpoTlJXNXZKVndmamlNWkljSmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwDD5wME
A8PnUAMEA9k9ODANBgkqhkiG9w0BAQsFAAOCAQEATNJVQVDVQBOmxivePkesMEMS
jkmOqKR2+dKqoBHzVmZEWUMt1LtrFBmMjYN6c+GuAPPlivcX1ZqGhlhbL/0dcj0d
OQGnMNqsENOqbugCEKF14BHdXAyaE1811q9Ys2M9u5u4Ur8benWJe3RYmPfBHBjm
e11xyNWjATyEoUwsojlIhY2devesoIsRqoy73TDoGJLw4FWtcL/nf1zYb6kZLnSK
72TAdNTX0iY98cJSJDae/ewCjONuHWsECQXitXci3yQv10jdTatl/khURHbyxAxl
VpaBxRn3qHPdy+zb23fIVnFL71f/lqtKSjEwE63JKOEUsjjUafnDbf60GCRLYA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:54 2025 by rpki-client