Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/2ye7xKE5pfE29ykUfOhNaj6wOZU.roa
File: 2ye7xKE5pfE29ykUfOhNaj6wOZU.roa (raw, json)
Hash identifier: JG/WuDEisB7LWnndH+RKphuOPl6T9HuFkQGhG8ea/kk=
Subject key identifier: DB:27:BB:C4:A1:39:A5:F1:36:F7:29:14:7C:E8:4D:6A:3E:B0:39:95
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 018856CA657D9295F22AB6A2462A27D5E7E3
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/2ye7xKE5pfE29ykUfOhNaj6wOZU.roa
Signing time: Fri 26 May 2023 06:41:24 +0000
ROA not before: Fri 26 May 2023 06:41:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210995
IP address blocks: 195.53.239.0/24 maxlen: 24
195.76.62.0/24 maxlen: 24
195.76.62.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:56:ca:65:7d:92:95:f2:2a:b6:a2:46:2a:27:d5:e7:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: May 26 06:41:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db27bbc4a139a5f136f729147ce84d6a3eb03995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:cd:1c:a1:ed:76:e7:ea:9a:98:31:28:a4:3f:
62:19:7e:35:ca:11:14:7f:e1:5e:38:9e:96:56:c5:
7f:a1:6a:c6:92:a2:0a:9b:ba:d5:53:80:9e:54:ee:
94:97:73:71:dc:39:0f:9f:37:d0:74:cf:b3:51:9f:
de:a3:ec:01:4e:b0:ff:57:ea:29:48:48:bc:69:64:
f3:9c:5d:71:8f:7f:2f:96:b9:b1:16:c9:e1:38:7a:
e6:30:19:08:9f:51:a1:08:3e:30:fc:0e:55:0c:88:
83:f7:95:b1:69:17:45:0c:d7:a6:0b:77:8c:70:aa:
00:74:ee:e7:b2:8d:9f:1a:08:87:3b:31:0c:01:b5:
2d:d1:e9:f4:63:7f:e9:51:cc:b4:1a:47:aa:2b:5a:
2a:16:d6:1a:5b:80:db:3f:ba:16:85:e4:16:8e:21:
14:4b:f5:df:f4:75:d7:09:8f:53:c0:cf:7f:fb:2f:
40:93:3e:e9:23:9a:ed:fd:2d:d9:cf:f1:12:86:79:
c1:e3:2e:78:d1:5e:82:61:a1:1c:40:53:46:50:21:
a4:99:ca:88:06:dc:b0:04:6c:79:d3:3a:10:2b:4d:
cc:c0:90:af:54:93:9a:af:16:61:90:06:33:47:88:
b2:7c:f5:6a:b5:97:14:76:93:f1:dc:96:39:2a:38:
b1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:27:BB:C4:A1:39:A5:F1:36:F7:29:14:7C:E8:4D:6A:3E:B0:39:95
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/2ye7xKE5pfE29ykUfOhNaj6wOZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.53.239.0/24
195.76.62.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:13:84:68:df:6c:47:c8:ea:18:35:71:b5:e7:ea:28:c6:1d:
75:50:81:ea:8a:2d:08:65:2b:ec:7b:e9:31:04:36:06:fd:1d:
5b:ce:57:ee:d9:2a:78:eb:aa:f2:6a:74:39:04:07:17:33:74:
8e:2c:bb:ee:94:7b:b3:12:dc:29:39:2e:21:a7:cd:e4:86:b2:
d1:1f:4a:40:82:a1:57:c4:3b:12:6c:d6:15:8c:c3:5f:02:7d:
d7:10:e5:84:53:ae:53:77:e8:9b:b0:61:90:ee:0a:66:04:6f:
37:b5:a4:72:27:3d:fd:26:91:42:d5:6f:94:84:0a:a1:df:85:
4c:b3:5d:e6:11:69:7e:3d:9f:c9:82:0a:e6:cb:9f:89:51:b7:
32:5a:07:ec:ce:a8:0e:a6:23:05:87:ac:82:00:0d:31:c7:05:
44:3b:14:a5:2c:03:7f:cf:4d:0e:bd:45:b0:18:13:73:49:36:
33:13:bc:e3:0c:00:32:e0:8a:5c:42:e5:e6:9b:cb:20:c3:0c:
42:ba:16:5c:59:88:4d:4c:0e:7b:37:19:be:c5:3b:5a:90:22:
82:a0:1b:34:91:2b:06:9a:1e:6f:22:28:9d:68:28:8c:30:63:
35:a7:26:09:1f:7e:5c:6c:ff:26:d0:96:c9:a4:ea:00:4b:8f:
72:6e:08:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhWymV9kpXyKraiRion1efjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwNTI2MDY0MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjI3YmJjNGExMzlhNWYxMzZmNzI5MTQ3Y2U4NGQ2YTNlYjAzOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgM0coe125+qamDEopD9iGX41yhEU
f+FeOJ6WVsV/oWrGkqIKm7rVU4CeVO6Ul3Nx3DkPnzfQdM+zUZ/eo+wBTrD/V+op
SEi8aWTznF1xj38vlrmxFsnhOHrmMBkIn1GhCD4w/A5VDIiD95WxaRdFDNemC3eM
cKoAdO7nso2fGgiHOzEMAbUt0en0Y3/pUcy0GkeqK1oqFtYaW4DbP7oWheQWjiEU
S/Xf9HXXCY9TwM9/+y9Akz7pI5rt/S3Zz/EShnnB4y540V6CYaEcQFNGUCGkmcqI
BtywBGx50zoQK03MwJCvVJOarxZhkAYzR4iyfPVqtZcUdpPx3JY5Kjix0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNsnu8ShOaXxNvcpFHzoTWo+sDmVMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvMnllN3hLRTVwZkUyOXlrVWZPaE5hajZ3T1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwzXvAwQB
w0w+MA0GCSqGSIb3DQEBCwUAA4IBAQAPE4Ro32xHyOoYNXG15+ooxh11UIHqii0I
ZSvse+kxBDYG/R1bzlfu2Sp466ryanQ5BAcXM3SOLLvulHuzEtwpOS4hp83khrLR
H0pAgqFXxDsSbNYVjMNfAn3XEOWEU65Td+ibsGGQ7gpmBG83taRyJz39JpFC1W+U
hAqh34VMs13mEWl+PZ/Jggrmy5+JUbcyWgfszqgOpiMFh6yCAA0xxwVEOxSlLAN/
z00OvUWwGBNzSTYzE7zjDAAy4IpcQuXmm8sgwwxCuhZcWYhNTA57Nxm+xTtakCKC
oBs0kSsGmh5vIiidaCiMMGM1pyYJH35cbP8m0JbJpOoAS49ybggm
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:01 2025 by rpki-client