Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/DE4tbHCHG7RjTNSVc0nqfXWA9no.roa
File: DE4tbHCHG7RjTNSVc0nqfXWA9no.roa (raw, json)
Hash identifier: 4GpPx3OGXGezAgxyuk6YF8uhJPxNmJqnUaLBIYbkv54=
Subject key identifier: 0C:4E:2D:6C:70:87:1B:B4:63:4C:D4:95:73:49:EA:7D:75:80:F6:7A
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 0188528F20873DD277B3E528D983EC96EBF5
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/DE4tbHCHG7RjTNSVc0nqfXWA9no.roa
Signing time: Thu 25 May 2023 10:58:11 +0000
ROA not before: Thu 25 May 2023 10:58:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204705
IP address blocks: 195.53.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:8f:20:87:3d:d2:77:b3:e5:28:d9:83:ec:96:eb:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: May 25 10:58:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0c4e2d6c70871bb4634cd4957349ea7d7580f67a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c4:f3:12:c2:5a:86:07:96:28:19:1f:7d:67:
dd:0e:7d:fc:94:1b:d0:9b:dc:80:79:30:15:00:4e:
47:bb:7a:27:19:63:cd:18:e8:20:34:ae:57:6e:63:
3d:c5:95:68:f9:59:e8:39:18:8c:63:50:b0:bc:e4:
f3:b3:2d:05:f6:38:2d:b6:dc:af:4a:28:80:26:2a:
32:30:78:be:20:0f:78:74:a1:c9:11:14:49:0e:e7:
a2:6a:31:30:9d:0b:3b:8d:cc:50:1d:19:5e:a5:45:
73:9b:c8:2f:1a:77:3d:7e:93:bd:1c:3d:66:e6:8e:
a2:97:52:28:56:14:8b:2e:96:e9:1a:da:ee:77:4a:
2b:25:a1:69:48:e3:ea:65:34:ff:d7:a3:66:49:a2:
1f:17:bd:a7:8f:46:52:86:bb:21:dc:69:12:85:0b:
00:0f:be:67:8c:d7:af:a3:3c:af:29:05:da:c9:44:
ca:57:5f:33:e0:9f:0a:2a:ca:43:d8:aa:96:75:ff:
53:6a:4a:32:b4:b2:54:f6:5b:d2:02:ff:0b:c8:88:
21:70:51:c7:dc:38:cb:1a:4a:4d:e8:71:65:af:7f:
cb:79:5a:d3:0f:06:8f:b8:d7:ed:f0:78:d5:e6:0a:
3c:65:95:ff:68:e1:35:9c:ee:4f:d1:62:ca:cb:60:
84:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:4E:2D:6C:70:87:1B:B4:63:4C:D4:95:73:49:EA:7D:75:80:F6:7A
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/DE4tbHCHG7RjTNSVc0nqfXWA9no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.53.177.0/24
Signature Algorithm: sha256WithRSAEncryption
be:83:ae:90:e6:ba:09:57:c0:d1:24:56:e4:78:bd:d3:54:87:
7a:0a:10:05:fa:d3:7a:1d:ff:5f:4b:e7:36:e8:11:11:fd:5e:
07:f6:a8:32:7a:48:0b:76:2e:8f:56:f9:71:d9:49:24:21:cb:
ee:a2:42:8e:f4:32:5e:ce:e3:cf:06:a7:24:91:8d:2f:c3:53:
26:52:dc:8c:81:53:07:42:b7:b8:c9:1e:61:00:64:cc:da:6f:
48:05:95:30:42:a0:c1:42:44:e8:5c:a2:29:ac:17:30:19:86:
4f:a5:cc:23:eb:23:7c:73:5e:d5:5b:a7:02:73:fa:26:8d:11:
4e:75:f7:ca:d4:e6:b7:d0:6c:2d:e2:16:c5:ec:29:f9:da:44:
58:e3:00:98:99:f3:60:10:82:f5:59:16:cd:3e:c6:bb:14:8b:
7d:2b:4b:58:b0:09:01:a6:e4:7c:6f:11:40:a1:21:63:e4:4f:
4f:d3:38:3e:f8:db:6d:f5:fe:fb:54:56:6e:bd:ce:c6:af:04:
59:fe:c2:34:5b:7d:93:df:4d:2e:cb:ab:a4:c9:bd:c2:88:16:
75:57:8f:97:31:c4:e9:86:87:49:23:09:5e:67:53:5c:80:f0:
d2:91:1f:11:2a:ec:95:44:54:5e:e2:c7:bf:de:11:ba:30:ff:
4d:ac:f2:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYhSjyCHPdJ3s+Uo2YPsluv1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwNTI1MTA1ODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzRlMmQ2YzcwODcxYmI0NjM0Y2Q0OTU3MzQ5ZWE3ZDc1ODBmNjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsTzEsJahgeWKBkffWfdDn38lBvQ
m9yAeTAVAE5Hu3onGWPNGOggNK5XbmM9xZVo+VnoORiMY1CwvOTzsy0F9jgtttyv
SiiAJioyMHi+IA94dKHJERRJDueiajEwnQs7jcxQHRlepUVzm8gvGnc9fpO9HD1m
5o6il1IoVhSLLpbpGtrud0orJaFpSOPqZTT/16NmSaIfF72nj0ZShrsh3GkShQsA
D75njNevozyvKQXayUTKV18z4J8KKspD2KqWdf9TakoytLJU9lvSAv8LyIghcFHH
3DjLGkpN6HFlr3/LeVrTDwaPuNft8HjV5go8ZZX/aOE1nO5P0WLKy2CEJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAxOLWxwhxu0Y0zUlXNJ6n11gPZ6MB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvREU0dGJIQ0hHN1JqVE5TVmMwbnFmWFdBOW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzWxMA0G
CSqGSIb3DQEBCwUAA4IBAQC+g66Q5roJV8DRJFbkeL3TVId6ChAF+tN6Hf9fS+c2
6BER/V4H9qgyekgLdi6PVvlx2UkkIcvuokKO9DJezuPPBqckkY0vw1MmUtyMgVMH
Qre4yR5hAGTM2m9IBZUwQqDBQkToXKIprBcwGYZPpcwj6yN8c17VW6cCc/omjRFO
dffK1Oa30Gwt4hbF7Cn52kRY4wCYmfNgEIL1WRbNPsa7FIt9K0tYsAkBpuR8bxFA
oSFj5E9P0zg++Ntt9f77VFZuvc7GrwRZ/sI0W32T300uy6ukyb3CiBZ1V4+XMcTp
hodJIwleZ1NcgPDSkR8RKuyVRFRe4se/3hG6MP9NrPJQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:52 2025 by rpki-client