Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/_k0waC8OibqDrrqAbOAQ-rA0EAM.roa
File: _k0waC8OibqDrrqAbOAQ-rA0EAM.roa (raw, json)
Hash identifier: lYolxvDyRtjSD+gliW5Mjw1jCIGVPGhgUgXMVDtjwew=
Subject key identifier: FE:4D:30:68:2F:0E:89:BA:83:AE:BA:80:6C:E0:10:FA:B0:34:10:03
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018703F2F7B5A06466FDE75A32DCA986A032
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/_k0waC8OibqDrrqAbOAQ-rA0EAM.roa
Signing time: Tue 21 Mar 2023 11:34:27 +0000
ROA not before: Tue 21 Mar 2023 11:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57163
IP address blocks: 195.229.145.0/24 maxlen: 24
195.229.146.0/24 maxlen: 24
195.229.147.0/24 maxlen: 24
195.229.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:f2:f7:b5:a0:64:66:fd:e7:5a:32:dc:a9:86:a0:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Mar 21 11:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe4d30682f0e89ba83aeba806ce010fab0341003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1d:4e:99:53:26:a6:01:68:45:a4:97:d0:0e:
e0:a0:f2:ae:8c:8c:51:79:24:ec:08:69:65:fd:c9:
04:bb:f3:81:49:ad:74:c8:61:5d:e4:07:47:fc:5c:
1d:f1:dd:6b:b7:3a:00:b7:6f:3a:22:57:72:c3:d9:
4b:17:ec:f1:5d:58:1a:37:19:ae:ab:03:58:b7:29:
80:ef:88:a2:ec:c0:f2:f3:c3:fc:bf:d8:23:de:56:
9e:69:ae:48:ce:b3:5e:b4:74:6e:4c:2a:91:75:c2:
18:f6:16:72:e4:f2:07:70:73:2d:1f:e3:31:6b:ec:
63:1e:dc:dd:02:65:44:55:76:b6:b9:5a:52:c4:e8:
75:26:3d:aa:48:d5:d7:3b:a3:55:c8:36:bc:58:3a:
a1:07:9a:09:a3:93:43:04:6a:13:6e:04:ec:a4:d1:
27:3e:37:bd:e0:59:bb:91:a5:a4:13:60:d3:4e:79:
14:cf:18:94:10:3a:4c:99:3c:ad:89:e9:bd:6e:dd:
33:30:0d:02:99:ea:0b:b2:f3:8b:61:15:2b:6b:2b:
e5:ef:dc:85:11:c0:e6:31:45:2a:c3:ac:19:23:76:
0e:2b:8b:49:74:81:bd:05:8a:e0:f2:db:ab:73:a4:
ef:14:ba:60:2b:72:d5:8a:de:ad:21:5a:cb:5f:b3:
4f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4D:30:68:2F:0E:89:BA:83:AE:BA:80:6C:E0:10:FA:B0:34:10:03
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/_k0waC8OibqDrrqAbOAQ-rA0EAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.229.145.0-195.229.148.255
Signature Algorithm: sha256WithRSAEncryption
05:46:1d:41:e1:dc:8c:cc:a9:b9:ee:72:45:4b:c4:84:ae:87:
c8:02:f3:2e:43:c4:de:ad:c9:c1:21:0e:e9:78:e7:71:b5:4a:
0a:21:a9:6a:8d:37:34:7a:7c:1b:07:0f:db:f1:8b:f2:9d:66:
f1:5c:6d:d8:3a:33:82:be:53:d0:82:70:62:af:bf:3a:0e:6a:
d0:03:76:9e:a6:a2:a4:88:00:e5:54:a2:85:07:12:87:1b:7b:
b0:5f:94:ca:58:c6:96:4a:9b:1d:ba:41:b9:a2:3b:7c:89:a1:
24:d4:70:48:47:3b:94:03:11:53:b7:bc:49:47:84:44:fd:3f:
a3:d9:63:62:15:de:95:a6:93:ab:de:5c:3b:70:05:a9:c7:5a:
15:39:0d:ca:83:e1:13:00:cc:5d:22:e9:8c:78:77:7b:5e:69:
05:85:2f:d8:25:e8:77:69:96:97:d8:6c:fa:f9:c5:eb:c0:65:
9c:f8:2e:bd:01:0d:f2:df:41:b6:b2:cc:f8:cd:3e:af:54:15:
69:ce:d5:36:24:a5:a5:e2:1e:2d:bb:c0:af:fd:a9:e0:00:ff:
1d:c5:22:5c:12:f6:ed:09:b7:83:4e:22:78:84:37:9e:2b:9d:
17:42:d7:30:9a:f2:4d:2f:aa:46:40:69:e1:88:a4:7b:79:9d:
20:1f:a5:e0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYcD8ve1oGRm/edaMtyphqAyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwMzIxMTEzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTRkMzA2ODJmMGU4OWJhODNhZWJhODA2Y2UwMTBmYWIwMzQxMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2h1OmVMmpgFoRaSX0A7goPKujIxR
eSTsCGll/ckEu/OBSa10yGFd5AdH/Fwd8d1rtzoAt286Ildyw9lLF+zxXVgaNxmu
qwNYtymA74ii7MDy88P8v9gj3laeaa5IzrNetHRuTCqRdcIY9hZy5PIHcHMtH+Mx
a+xjHtzdAmVEVXa2uVpSxOh1Jj2qSNXXO6NVyDa8WDqhB5oJo5NDBGoTbgTspNEn
Pje94Fm7kaWkE2DTTnkUzxiUEDpMmTytiem9bt0zMA0CmeoLsvOLYRUrayvl79yF
EcDmMUUqw6wZI3YOK4tJdIG9BYrg8turc6TvFLpgK3LVit6tIVrLX7NPWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP5NMGgvDom6g666gGzgEPqwNBADMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvX2swd2FDOE9pYnFEcnJxQWJPQVEtckEwRUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADD5ZED
BADD5ZQwDQYJKoZIhvcNAQELBQADggEBAAVGHUHh3IzMqbnuckVLxISuh8gC8y5D
xN6tycEhDul453G1SgohqWqNNzR6fBsHD9vxi/KdZvFcbdg6M4K+U9CCcGKvvzoO
atADdp6moqSIAOVUooUHEocbe7BflMpYxpZKmx26QbmiO3yJoSTUcEhHO5QDEVO3
vElHhET9P6PZY2IV3pWmk6veXDtwBanHWhU5DcqD4RMAzF0i6Yx4d3teaQWFL9gl
6HdplpfYbPr5xevAZZz4Lr0BDfLfQbayzPjNPq9UFWnO1TYkpaXiHi27wK/9qeAA
/x3FIlwS9u0Jt4NOIniEN54rnRdC1zCa8k0vqkZAaeGIpHt5nSAfpeA=
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:33:51 2025 by rpki-client