Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/1-X9Ii-K35c_obtHqLBFhpaiIAig.roa
File: 1-X9Ii-K35c_obtHqLBFhpaiIAig.roa (raw, json)
Hash identifier: 7Sn8iUtoBZXL84YddzzCyHlKT99bEhgu/88vWH/bJwE=
Subject key identifier: F9:7F:48:8B:E2:B7:E5:CF:E8:6E:D1:EA:2C:11:61:A5:A8:88:02:28
Certificate issuer: /CN=76e2ae4fe0c0d6cb0749b877ae155a629fe2afd6
Certificate serial: 01857067419A78301634141FFC299A757FBA
Authority key identifier: 76:E2:AE:4F:E0:C0:D6:CB:07:49:B8:77:AE:15:5A:62:9F:E2:AF:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duKuT-DA1ssHSbh3rhVaYp_ir9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/1-X9Ii-K35c_obtHqLBFhpaiIAig.roa
Signing time: Mon 02 Jan 2023 02:54:53 +0000
ROA not before: Mon 02 Jan 2023 02:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44761
IP address blocks: 195.28.18.0/23 maxlen: 23
195.28.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:41:9a:78:30:16:34:14:1f:fc:29:9a:75:7f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76e2ae4fe0c0d6cb0749b877ae155a629fe2afd6
Validity
Not Before: Jan 2 02:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f97f488be2b7e5cfe86ed1ea2c1161a5a8880228
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ff:f5:7f:27:55:68:a1:71:79:c6:70:1f:cf:
36:61:20:cd:41:a4:78:e8:fb:19:ea:a1:ca:8a:c2:
c2:05:26:92:7c:11:fb:bf:c2:94:ae:d5:4d:32:cc:
8b:17:fd:72:5a:51:7e:3d:7e:69:74:61:9e:99:a8:
b9:8e:67:7a:c6:90:d3:c2:50:cd:aa:0c:dc:ec:e6:
75:d4:eb:ee:1f:fb:13:bb:4e:88:1c:82:48:9a:53:
51:d6:62:eb:48:1c:e6:80:16:1d:fc:2a:9a:75:eb:
d5:85:b5:3a:74:3d:21:38:6c:da:24:07:a8:68:68:
29:dc:1b:14:2f:54:f8:04:a6:6e:e3:f4:78:34:b4:
e8:29:78:b2:4b:d3:ee:16:6c:5d:cf:fe:78:6e:32:
97:5e:f6:49:46:f0:23:04:48:b0:5b:7d:e6:c5:1b:
38:d9:b2:23:55:e5:aa:ae:2c:f3:cf:c8:5b:06:aa:
f0:e3:38:db:7e:af:f6:81:fd:f0:5a:98:76:50:8b:
9e:24:16:4b:a8:7c:01:ad:96:ca:ca:87:73:37:8c:
93:fb:6d:74:3e:04:da:39:94:4a:05:da:6f:17:63:
d5:af:e7:04:61:a3:cb:ce:83:21:97:32:69:55:ca:
55:76:4f:93:4b:2e:94:60:df:0e:e7:75:c9:b3:53:
2f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:7F:48:8B:E2:B7:E5:CF:E8:6E:D1:EA:2C:11:61:A5:A8:88:02:28
X509v3 Authority Key Identifier:
keyid:76:E2:AE:4F:E0:C0:D6:CB:07:49:B8:77:AE:15:5A:62:9F:E2:AF:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duKuT-DA1ssHSbh3rhVaYp_ir9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/1-X9Ii-K35c_obtHqLBFhpaiIAig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/9a52fd-0364-4150-aaca-41602fdc9fde/1/duKuT-DA1ssHSbh3rhVaYp_ir9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.28.18.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:2d:9a:2d:02:2c:1a:48:83:2d:cf:c8:95:4b:17:6e:4f:a9:
bc:ee:45:f7:33:a6:d2:5b:14:e6:55:f6:cc:a3:55:b8:77:40:
3f:f3:d6:dd:2d:58:04:ce:4d:c0:76:40:34:a6:7f:1e:bf:28:
85:9b:d4:94:50:c5:ee:91:3f:9a:ac:ff:bc:02:67:fd:21:c4:
d0:c6:f3:90:5e:cb:ba:ad:85:c0:77:2f:15:a2:7a:5b:0f:09:
94:06:e3:46:b9:71:6d:a7:bc:8d:76:95:d0:dd:db:2c:03:26:
f0:2a:c7:62:4f:c2:a7:e2:1f:24:da:70:60:1b:b8:b2:d4:e5:
0d:e9:a3:84:0f:8c:ac:bd:34:e3:b1:e6:47:68:0e:09:74:e8:
83:61:76:6d:43:0f:21:63:dc:e2:4e:47:26:79:5f:b3:2c:c1:
78:28:17:4c:e4:b0:8d:27:39:d7:da:63:1b:85:f5:32:e7:ac:
14:4d:5a:c2:3f:64:32:7b:ce:7f:42:1d:dd:95:55:5f:d4:d3:
2f:6a:5b:fc:d9:c7:ef:80:5d:f8:76:07:ad:74:51:99:14:68:
32:2f:9e:5d:42:4f:7f:ca:b0:48:e6:07:af:8c:8e:91:9f:02:
4d:82:76:7f:3b:73:c4:20:fe:94:e3:60:ff:55:6c:01:dc:c9:
e8:10:6c:70
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVwZ0GaeDAWNBQf/CmadX+6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZTJhZTRmZTBjMGQ2Y2IwNzQ5Yjg3N2FlMTU1YTYyOWZl
MmFmZDYwHhcNMjMwMTAyMDI1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTdmNDg4YmUyYjdlNWNmZTg2ZWQxZWEyYzExNjFhNWE4ODgwMjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi//1fydVaKFxecZwH882YSDNQaR4
6PsZ6qHKisLCBSaSfBH7v8KUrtVNMsyLF/1yWlF+PX5pdGGemai5jmd6xpDTwlDN
qgzc7OZ11OvuH/sTu06IHIJImlNR1mLrSBzmgBYd/CqadevVhbU6dD0hOGzaJAeo
aGgp3BsUL1T4BKZu4/R4NLToKXiyS9PuFmxdz/54bjKXXvZJRvAjBEiwW33mxRs4
2bIjVeWqrizzz8hbBqrw4zjbfq/2gf3wWph2UIueJBZLqHwBrZbKyodzN4yT+210
PgTaOZRKBdpvF2PVr+cEYaPLzoMhlzJpVcpVdk+TSy6UYN8O53XJs1MvYQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPl/SIvit+XP6G7R6iwRYaWoiAIoMB8GA1UdIwQY
MBaAFHbirk/gwNbLB0m4d64VWmKf4q/WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHVLdVQtREExc3NIU2JoM3JoVmFZcF9pcjlZLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC85YTUyZmQtMDM2NC00MTUwLWFhY2Et
NDE2MDJmZGM5ZmRlLzEvMS1YOUlpLUszNWNfb2J0SHFMQkZocGFpSUFpZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjQvOWE1MmZkLTAzNjQtNDE1MC1hYWNhLTQxNjAyZmRjOWZk
ZS8xL2R1S3VULURBMXNzSFNiaDNyaFZhWXBfaXI5WS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcMcEjAN
BgkqhkiG9w0BAQsFAAOCAQEAHy2aLQIsGkiDLc/IlUsXbk+pvO5F9zOm0lsU5lX2
zKNVuHdAP/PW3S1YBM5NwHZANKZ/Hr8ohZvUlFDF7pE/mqz/vAJn/SHE0MbzkF7L
uq2FwHcvFaJ6Ww8JlAbjRrlxbae8jXaV0N3bLAMm8CrHYk/Cp+IfJNpwYBu4stTl
DemjhA+MrL0047HmR2gOCXTog2F2bUMPIWPc4k5HJnlfsyzBeCgXTOSwjSc519pj
G4X1MuesFE1awj9kMnvOf0Id3ZVVX9TTL2pb/NnH74Bd+HYHrXRRmRRoMi+eXUJP
f8qwSOYHr4yOkZ8CTYJ2fztzxCD+lONg/1VsAdzJ6BBscA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:33 2025 by rpki-client