Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/m9FZpoqRFy6e7mFQorj5gIA4IEc.roa
File: m9FZpoqRFy6e7mFQorj5gIA4IEc.roa (raw, json)
Hash identifier: gYXNMvfzB36YhtpoWlBYKvNE21Szwfu5Iy4uV1dlh1A=
Subject key identifier: 9B:D1:59:A6:8A:91:17:2E:9E:EE:61:50:A2:B8:F9:80:80:38:20:47
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018703F2F7FA6A83EE19687D0F3A90CC1730
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/m9FZpoqRFy6e7mFQorj5gIA4IEc.roa
Signing time: Tue 21 Mar 2023 11:34:27 +0000
ROA not before: Tue 21 Mar 2023 11:34:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57171
IP address blocks: 195.229.132.0/23 maxlen: 23
195.229.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:03:f2:f7:fa:6a:83:ee:19:68:7d:0f:3a:90:cc:17:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Mar 21 11:34:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9bd159a68a91172e9eee6150a2b8f98080382047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4c:00:de:ac:e3:e5:59:40:d8:1b:5b:7c:30:
82:41:ac:4b:61:54:83:bf:19:9f:03:83:29:2c:a6:
f9:41:ed:fd:50:d8:8a:57:75:ce:50:46:7f:4c:9b:
90:2d:cf:b0:62:be:cd:73:a3:d6:12:6c:d4:c2:b2:
c6:59:68:32:33:11:10:e0:fc:c3:ed:ad:d3:01:c6:
a0:39:2e:42:73:58:e3:2d:5c:44:4a:39:d4:d1:59:
89:76:ce:92:08:3e:e7:98:5c:a1:7f:31:02:bf:31:
02:f9:a3:55:1d:d8:7b:2a:1c:fd:51:25:c3:af:64:
55:72:2c:4b:f0:9c:8c:f9:81:43:35:1b:d0:38:e5:
77:5e:3d:df:b7:f4:7c:87:ee:13:11:69:ad:84:47:
50:5c:f9:98:d0:7b:b6:d6:cf:0a:ba:7d:96:7b:9e:
f8:41:26:b7:8e:77:e6:4f:c5:7c:bb:9c:52:51:dd:
de:df:f3:8d:04:90:73:6d:b9:5d:11:46:b5:43:f4:
31:8b:68:ad:e5:77:11:9d:3a:ba:6e:76:45:97:2f:
4c:dc:64:02:c3:09:e3:28:a0:96:d2:a0:f2:57:87:
cf:bc:2e:3d:9f:b7:20:b5:e3:11:4d:38:57:d3:e3:
a6:24:ce:9e:9f:19:c8:0f:9f:52:26:a4:09:28:67:
1a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:D1:59:A6:8A:91:17:2E:9E:EE:61:50:A2:B8:F9:80:80:38:20:47
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/m9FZpoqRFy6e7mFQorj5gIA4IEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.229.132.0/23
195.229.156.0/22
Signature Algorithm: sha256WithRSAEncryption
74:d9:e6:4b:9f:11:13:16:2f:36:39:8a:aa:b0:39:8f:4a:e3:
84:63:cc:72:65:10:83:1d:2a:bc:ed:b6:4f:16:94:0a:9d:ad:
e4:71:4e:bd:de:c1:28:34:4e:80:69:95:91:67:85:d8:29:9f:
ac:28:72:a1:7c:27:78:30:b8:7c:e1:c1:05:0a:88:cb:34:a1:
91:9c:65:30:2b:e1:77:12:84:f3:d3:71:2d:68:94:6d:69:a5:
c5:f5:1b:0d:46:9c:38:b0:1b:6a:fa:da:13:1a:9a:0a:4d:ae:
77:20:90:7b:aa:20:10:2f:bc:dc:90:84:c6:9d:ee:54:1f:06:
b7:81:4a:44:7b:ed:21:9e:50:d2:81:16:bd:2e:7c:10:eb:83:
de:44:b3:65:4c:d6:72:cc:01:e4:11:35:31:ba:8e:87:7c:25:
39:16:68:98:12:c8:6c:73:7d:2d:06:16:2a:b2:74:1b:a9:37:
91:cc:66:33:86:03:31:7a:ef:73:55:3c:53:b8:05:fa:fd:94:
90:aa:42:10:b4:3b:5a:af:46:50:e8:e7:cd:31:f0:73:17:60:
6e:92:3c:05:1b:93:d3:cc:61:f5:05:a7:d0:b4:70:f1:a1:ed:
69:f1:c9:f9:2e:2b:42:72:28:bf:c4:d2:bd:64:c4:46:89:5e:
3c:af:d5:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYcD8vf6aoPuGWh9DzqQzBcwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjMwMzIxMTEzNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmQxNTlhNjhhOTExNzJlOWVlZTYxNTBhMmI4Zjk4MDgwMzgyMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEwA3qzj5VlA2BtbfDCCQaxLYVSD
vxmfA4MpLKb5Qe39UNiKV3XOUEZ/TJuQLc+wYr7Nc6PWEmzUwrLGWWgyMxEQ4PzD
7a3TAcagOS5Cc1jjLVxESjnU0VmJds6SCD7nmFyhfzECvzEC+aNVHdh7Khz9USXD
r2RVcixL8JyM+YFDNRvQOOV3Xj3ft/R8h+4TEWmthEdQXPmY0Hu21s8Kun2We574
QSa3jnfmT8V8u5xSUd3e3/ONBJBzbbldEUa1Q/Qxi2it5XcRnTq6bnZFly9M3GQC
wwnjKKCW0qDyV4fPvC49n7cgteMRTThX0+OmJM6enxnID59SJqQJKGcagwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJvRWaaKkRcunu5hUKK4+YCAOCBHMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvbTlGWnBvcVJGeTZlN21GUW9yajVnSUE0SUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw+WEAwQC
w+WcMA0GCSqGSIb3DQEBCwUAA4IBAQB02eZLnxETFi82OYqqsDmPSuOEY8xyZRCD
HSq87bZPFpQKna3kcU693sEoNE6AaZWRZ4XYKZ+sKHKhfCd4MLh84cEFCojLNKGR
nGUwK+F3EoTz03EtaJRtaaXF9RsNRpw4sBtq+toTGpoKTa53IJB7qiAQL7zckITG
ne5UHwa3gUpEe+0hnlDSgRa9LnwQ64PeRLNlTNZyzAHkETUxuo6HfCU5FmiYEshs
c30tBhYqsnQbqTeRzGYzhgMxeu9zVTxTuAX6/ZSQqkIQtDtar0ZQ6OfNMfBzF2Bu
kjwFG5PTzGH1BafQtHDxoe1p8cn5LitCcii/xNK9ZMRGiV48r9Xq
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:31:55 2025 by rpki-client