Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/S9ocqjGcFu1Cf4J2r5peoX03BNY.roa
File: S9ocqjGcFu1Cf4J2r5peoX03BNY.roa (raw, json)
Hash identifier: 18DK65PX4wMmD/NRbaPyD5mocWaiL1ANHDlD5lH6UAA=
Subject key identifier: 4B:DA:1C:AA:31:9C:16:ED:42:7F:82:76:AF:9A:5E:A1:7D:37:04:D6
Certificate issuer: /CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Certificate serial: 09097C27
Authority key identifier: A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/S9ocqjGcFu1Cf4J2r5peoX03BNY.roa
Signing time: Sat 01 Jan 2022 12:59:57 +0000
ROA not before: Sat 01 Jan 2022 12:59:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50858
IP address blocks: 195.5.234.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151616551 (0x9097c27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e2ce3109480aee7b3fd2846ec8f8646885cdba
Validity
Not Before: Jan 1 12:59:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bda1caa319c16ed427f8276af9a5ea17d3704d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cc:a9:e6:61:49:39:0e:b7:be:15:9d:92:2e:
64:d9:d7:85:0b:2a:6b:de:9b:be:fe:ef:00:ca:1c:
25:b4:15:49:e8:73:20:81:38:3f:ee:8b:fa:49:e7:
c3:fa:93:e5:fa:f6:14:9b:6c:29:a1:ab:b9:94:26:
8a:2f:36:3f:3f:9e:0c:69:f8:98:c1:34:05:eb:e1:
84:47:c9:26:81:10:e5:0e:6c:47:e4:ad:ac:45:6a:
b6:b3:0b:1b:e0:97:53:84:62:bb:60:e2:ab:c7:c3:
c3:06:a5:52:0d:37:c7:03:85:37:2b:22:c8:69:54:
83:e7:0a:52:1e:5b:9f:64:92:91:d8:0b:6c:8e:d5:
fb:a9:b4:12:c1:df:25:a0:1f:5a:b1:bf:ae:05:b1:
0f:f1:41:fd:c7:cf:78:5e:8c:de:cb:35:c6:35:b5:
a3:9e:70:92:fd:bd:e9:29:04:8e:ef:7b:72:9e:78:
e2:74:4d:b8:1c:9b:15:f7:36:c7:e8:11:0b:e4:0d:
b2:ac:bb:a2:5f:bf:ea:e6:67:bc:c7:c6:d8:9a:5e:
c5:29:ec:6e:d0:a8:57:25:ae:4f:37:da:64:ae:d6:
e1:9b:e9:9d:7a:da:b3:49:52:24:c7:b7:ba:30:01:
be:8f:79:6a:4f:e6:69:07:89:42:55:96:41:e1:64:
bf:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DA:1C:AA:31:9C:16:ED:42:7F:82:76:AF:9A:5E:A1:7D:37:04:D6
X509v3 Authority Key Identifier:
keyid:A7:E2:CE:31:09:48:0A:EE:7B:3F:D2:84:6E:C8:F8:64:68:85:CD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-LOMQlICu57P9KEbsj4ZGiFzbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/S9ocqjGcFu1Cf4J2r5peoX03BNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/b61add-32f0-42f4-a301-7818a89456cb/1/p-LOMQlICu57P9KEbsj4ZGiFzbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.234.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:d7:0e:57:f4:70:1e:93:ec:5c:2a:0b:7d:89:8b:4c:ca:9f:
1a:e2:45:96:91:c5:f2:43:7d:2c:a4:ed:82:26:ab:da:ec:d8:
cd:38:84:16:02:f0:a0:ac:41:15:49:34:62:82:7d:34:66:91:
a3:ba:04:6f:23:ff:7c:e4:e3:4b:b4:9e:00:6c:71:2b:7c:1c:
ad:f5:8c:9b:73:c8:0d:89:6b:69:ef:d7:1b:ad:0f:56:45:09:
ea:8c:c4:fe:5b:82:60:fe:09:d0:b1:6f:34:18:5c:28:68:6c:
3c:b7:77:62:0f:72:6d:fd:73:10:34:a6:8d:ac:a7:51:b7:92:
3a:8f:27:87:7f:67:d2:37:db:17:ff:ce:32:0f:6c:1a:83:a5:
07:c1:8c:34:45:fd:02:8d:5a:95:f3:e7:62:ce:cc:13:22:dd:
e8:d7:19:32:2f:60:3d:a9:2b:3d:35:78:2d:01:65:c1:e5:d2:
dc:74:18:4e:5f:60:9f:5c:13:b5:f2:93:0c:15:16:a3:d0:a1:
c6:78:cc:af:03:20:40:91:46:8b:1f:d5:ff:76:a0:72:ab:81:
fe:aa:80:31:ba:b8:09:06:f2:10:61:2c:c8:03:e8:49:f9:c8:
a0:39:f3:3b:90:fc:09:74:cc:be:60:b5:62:0c:ec:65:7f:59:
0b:48:4b:c2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECQl8JzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
N2UyY2UzMTA5NDgwYWVlN2IzZmQyODQ2ZWM4Zjg2NDY4ODVjZGJhMB4XDTIyMDEw
MTEyNTk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJkYTFjYWEzMTlj
MTZlZDQyN2Y4Mjc2YWY5YTVlYTE3ZDM3MDRkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLMqeZhSTkOt74VnZIuZNnXhQsqa96bvv7vAMocJbQVSehz
IIE4P+6L+knnw/qT5fr2FJtsKaGruZQmii82Pz+eDGn4mME0BevhhEfJJoEQ5Q5s
R+StrEVqtrMLG+CXU4Riu2Diq8fDwwalUg03xwOFNysiyGlUg+cKUh5bn2SSkdgL
bI7V+6m0EsHfJaAfWrG/rgWxD/FB/cfPeF6M3ss1xjW1o55wkv296SkEju97cp54
4nRNuBybFfc2x+gRC+QNsqy7ol+/6uZnvMfG2JpexSnsbtCoVyWuTzfaZK7W4Zvp
nXras0lSJMe3ujABvo95ak/maQeJQlWWQeFkv5cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRL2hyqMZwW7UJ/gnavml6hfTcE1jAfBgNVHSMEGDAWgBSn4s4xCUgK7ns/
0oRuyPhkaIXNujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3AtTE9NUWxJQ3U1N1A5S0Vic2o0WkdpRnpiby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvYjYxYWRkLTMyZjAtNDJmNC1hMzAxLTc4MThhODk0NTZjYi8x
L1M5b2NxakdjRnUxQ2Y0SjJyNXBlb1gwM0JOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
YjYxYWRkLTMyZjAtNDJmNC1hMzAxLTc4MThhODk0NTZjYi8xL3AtTE9NUWxJQ3U1
N1A5S0Vic2o0WkdpRnpiby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcMF6jANBgkqhkiG9w0BAQsFAAOC
AQEAX9cOV/RwHpPsXCoLfYmLTMqfGuJFlpHF8kN9LKTtgiar2uzYzTiEFgLwoKxB
FUk0YoJ9NGaRo7oEbyP/fOTjS7SeAGxxK3wcrfWMm3PIDYlrae/XG60PVkUJ6ozE
/luCYP4J0LFvNBhcKGhsPLd3Yg9ybf1zEDSmjaynUbeSOo8nh39n0jfbF//OMg9s
GoOlB8GMNEX9Ao1alfPnYs7MEyLd6NcZMi9gPakrPTV4LQFlweXS3HQYTl9gn1wT
tfKTDBUWo9ChxnjMrwMgQJFGix/V/3agcquB/qqAMbq4CQbyEGEsyAPoSfnIoDnz
O5D8CXTMvmC1YgzsZX9ZC0hLwg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:07 2025 by rpki-client