Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Roe0gGj22yEgIlEokztU4b6QdPE.roa
File: Roe0gGj22yEgIlEokztU4b6QdPE.roa (raw, json)
Hash identifier: EyGSA4kL/07p0TQIiCeaDOUUuVHBA1F/Qn5DAsk5BI0=
Subject key identifier: 46:87:B4:80:68:F6:DB:21:20:22:51:28:93:3B:54:E1:BE:90:74:F1
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018A7444FC1BE1BEB19EFFF5CA1B83FB0D89
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Roe0gGj22yEgIlEokztU4b6QdPE.roa
Signing time: Fri 08 Sep 2023 10:09:52 +0000
ROA not before: Fri 08 Sep 2023 10:09:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56479
IP address blocks: 195.229.177.0/24 maxlen: 24
195.229.176.0/24 maxlen: 24
195.229.179.0/24 maxlen: 24
195.229.178.0/24 maxlen: 24
195.229.175.0/24 maxlen: 24
195.229.181.0/24 maxlen: 24
195.229.180.0/24 maxlen: 24
194.170.32.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:74:44:fc:1b:e1:be:b1:9e:ff:f5:ca:1b:83:fb:0d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Sep 8 10:09:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4687b48068f6db2120225128933b54e1be9074f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8f:18:7f:42:12:08:24:f6:cb:e8:dd:98:0d:
db:f8:2e:1b:97:63:e4:ac:19:0c:2b:ae:00:52:9d:
47:83:66:27:9a:64:06:99:3c:69:85:82:44:cd:86:
1f:ab:cb:7d:46:f9:af:b5:ce:3e:7e:df:89:8f:fa:
87:28:72:1f:fc:99:b1:e6:a3:1c:f4:23:20:22:5b:
f0:a0:82:3f:ca:b2:a4:9d:ab:86:9a:62:0c:85:e5:
e2:7d:f3:63:79:56:e0:66:3c:dc:c3:1f:b9:dd:c7:
73:3c:c6:ef:20:d7:cf:59:5e:5b:2b:5d:fd:08:27:
89:c5:d6:49:4d:44:51:14:14:ab:2f:33:2f:21:ba:
04:35:27:f9:e5:3f:ce:d3:bd:fa:e0:c9:12:f2:06:
5d:6c:1e:d8:1d:85:cf:ca:2f:8c:3b:4a:ec:b3:73:
1b:d5:03:36:bd:bf:8c:52:15:16:1c:4a:43:60:37:
42:ae:64:c7:b6:11:bb:5d:6d:b4:0c:1a:3a:7b:40:
27:88:6d:ba:f9:27:ec:3f:ec:db:1b:39:fa:c3:95:
91:34:d3:dc:fc:ee:76:7a:78:33:2b:54:7d:42:31:
aa:58:39:8f:75:e9:e1:71:57:19:f6:e5:46:2d:ff:
a8:ae:1b:8c:fc:3e:63:72:73:32:1e:6b:2c:30:0d:
81:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:87:B4:80:68:F6:DB:21:20:22:51:28:93:3B:54:E1:BE:90:74:F1
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Roe0gGj22yEgIlEokztU4b6QdPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.170.32.0/19
195.229.175.0-195.229.181.255
Signature Algorithm: sha256WithRSAEncryption
28:9f:4c:b8:c7:5d:4e:ce:22:6a:a3:66:20:e3:4b:02:67:70:
0b:99:46:bb:ed:ec:60:00:06:c8:87:29:2a:27:e6:02:40:35:
e0:fc:4b:e0:79:4f:9c:b8:b2:74:c2:d8:63:1d:05:7c:f3:81:
45:8b:42:41:ce:87:03:f9:bd:1a:48:2e:89:70:32:c8:b4:60:
ac:82:36:03:35:03:0d:39:1f:b0:1e:de:f8:de:47:3a:fc:c0:
3e:ec:9d:4c:28:40:2a:91:48:22:6e:0a:cf:34:2f:b3:19:9c:
3a:54:29:c0:69:fd:ea:2b:45:1c:37:b3:58:54:a9:ad:96:56:
19:43:fd:1b:02:ea:b1:a9:0f:ef:6a:02:4e:bd:bd:43:49:ca:
80:27:6b:ad:6a:51:0e:1e:a6:42:ec:92:28:ac:98:c6:b7:3b:
c9:0b:a6:da:dd:32:7f:55:49:80:6d:19:cd:8f:fa:e6:b5:02:
34:1a:0f:dc:bb:a6:54:8a:e0:91:ca:f9:e6:13:d6:ec:5c:cb:
f5:f9:30:7e:d9:23:5b:04:48:69:d3:d9:86:b9:d3:19:99:a9:
b9:06:6f:c3:c6:e3:03:a4:60:d4:24:a3:18:76:61:56:4d:0d:
0a:f1:65:46:18:fd:2d:8b:92:80:7d:46:e4:24:dc:85:22:e4:
fb:25:22:96
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYp0RPwb4b6xnv/1yhuD+w2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwOTA4MTAwOTUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Njg3YjQ4MDY4ZjZkYjIxMjAyMjUxMjg5MzNiNTRlMWJlOTA3NGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI8Yf0ISCCT2y+jdmA3b+C4bl2Pk
rBkMK64AUp1Hg2YnmmQGmTxphYJEzYYfq8t9Rvmvtc4+ft+Jj/qHKHIf/Jmx5qMc
9CMgIlvwoII/yrKknauGmmIMheXiffNjeVbgZjzcwx+53cdzPMbvINfPWV5bK139
CCeJxdZJTURRFBSrLzMvIboENSf55T/O07364MkS8gZdbB7YHYXPyi+MO0rss3Mb
1QM2vb+MUhUWHEpDYDdCrmTHthG7XW20DBo6e0AniG26+SfsP+zbGzn6w5WRNNPc
/O52engzK1R9QjGqWDmPdenhcVcZ9uVGLf+orhuM/D5jcnMyHmssMA2BYwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEaHtIBo9tshICJRKJM7VOG+kHTxMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvUm9lMGdHajIyeUVnSWxFb2t6dFU0YjZRZFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQFwqogMAwD
BADD5a8DBAHD5bQwDQYJKoZIhvcNAQELBQADggEBACifTLjHXU7OImqjZiDjSwJn
cAuZRrvt7GAABsiHKSon5gJANeD8S+B5T5y4snTC2GMdBXzzgUWLQkHOhwP5vRpI
LolwMsi0YKyCNgM1Aw05H7Ae3vjeRzr8wD7snUwoQCqRSCJuCs80L7MZnDpUKcBp
/eorRRw3s1hUqa2WVhlD/RsC6rGpD+9qAk69vUNJyoAna61qUQ4epkLskiismMa3
O8kLptrdMn9VSYBtGc2P+ua1AjQaD9y7plSK4JHK+eYT1uxcy/X5MH7ZI1sESGnT
2Ya50xmZqbkGb8PG4wOkYNQkoxh2YVZNDQrxZUYY/S2LkoB9RuQk3IUi5PslIpY=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:34:48 2025 by rpki-client