Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/_yzmQhPhuxTUKK45uVdKEUD0OZM.roa
File: _yzmQhPhuxTUKK45uVdKEUD0OZM.roa (raw, json)
Hash identifier: k2WOv4tF3PhFspCyyJO97ncgcJxnqHRfS9MazcZVdgA=
Subject key identifier: FF:2C:E6:42:13:E1:BB:14:D4:28:AE:39:B9:57:4A:11:40:F4:39:93
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 0187226FFAAC780D8486CCD2C37C7B51BDC2
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/_yzmQhPhuxTUKK45uVdKEUD0OZM.roa
Signing time: Mon 27 Mar 2023 09:39:36 +0000
ROA not before: Mon 27 Mar 2023 09:39:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25261
IP address blocks: 195.53.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:22:6f:fa:ac:78:0d:84:86:cc:d2:c3:7c:7b:51:bd:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Mar 27 09:39:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ff2ce64213e1bb14d428ae39b9574a1140f43993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:94:28:74:81:bc:6b:ca:e9:5e:39:0a:20:3b:
50:bd:ff:64:73:94:f2:57:c0:9e:d5:29:10:4e:10:
0a:79:6c:ee:63:8f:ad:b6:34:cc:fd:fa:85:7d:3c:
08:77:27:71:5d:a4:b8:ac:68:6f:94:ed:93:49:17:
62:25:fd:08:df:c9:e4:b1:db:32:88:39:c2:b3:ba:
f2:5a:c8:ad:2d:c6:9b:77:a7:71:45:37:da:9c:91:
91:c9:35:f7:4f:ce:d0:9d:dc:7f:b9:a1:e4:f7:df:
b5:7f:1c:bb:bb:b0:d2:a1:2b:7e:11:5f:60:51:4e:
b1:db:f9:42:63:10:d5:f0:c7:b1:7e:52:b4:a2:9a:
12:4e:49:5c:66:fe:eb:9f:71:33:78:46:19:0b:5b:
e5:5f:24:55:4a:bc:29:bc:98:a9:8b:f5:de:91:d9:
c2:40:bd:88:f5:54:25:68:59:cd:5f:7f:86:16:4d:
57:7f:a7:4c:9a:28:6f:cf:f5:32:23:5c:83:ea:40:
ce:47:e5:c9:03:32:c3:cc:6f:c4:19:69:6f:21:44:
1f:87:83:89:50:02:b1:91:7f:ec:73:df:f2:d9:3f:
3f:83:70:d2:07:7c:98:e9:df:80:4e:be:76:0e:16:
3a:b6:95:75:33:aa:78:45:eb:60:d0:68:3f:d1:32:
6a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2C:E6:42:13:E1:BB:14:D4:28:AE:39:B9:57:4A:11:40:F4:39:93
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/_yzmQhPhuxTUKK45uVdKEUD0OZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.53.213.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:21:c9:1c:ea:9f:b0:74:f2:23:68:d2:76:2a:8f:02:64:7d:
f1:0a:75:0d:90:7e:c2:79:f1:f4:4d:d4:ee:79:12:09:52:38:
2f:b7:06:1a:15:4f:d1:b0:41:07:d8:1d:8b:8c:ef:d2:84:bf:
f4:9b:15:1d:83:7e:33:a1:f7:b4:0b:b2:0c:48:6e:42:b9:6a:
0f:7e:8f:12:56:d9:c8:34:d6:97:ba:ab:f8:d5:43:b1:88:8f:
96:3e:02:7b:7c:2e:25:9f:0a:50:3f:0c:37:3c:06:27:18:82:
dd:f0:cb:06:f9:99:5d:7f:90:89:f5:61:c0:f9:5e:f2:48:ab:
cd:3a:cb:95:64:55:b1:8a:89:56:a5:91:02:e0:ae:b8:89:57:
9d:41:a9:26:8e:75:bf:7a:81:af:8f:a7:fb:3b:e8:c3:a7:19:
bf:c7:95:4c:b3:77:4d:ec:be:42:bd:b3:7d:62:23:d0:5d:ee:
91:f4:b4:c1:1a:cd:31:ec:bf:4e:1f:6a:f6:ac:0a:14:d4:ad:
9c:1d:a2:cf:a4:f2:59:50:08:f9:c1:9c:b7:33:02:c2:b9:76:
aa:d3:32:cd:0f:7c:50:4f:63:1c:77:77:5a:ab:77:54:24:24:
6a:2d:44:cb:35:b7:8e:72:98:19:89:db:43:47:be:e7:4b:ce:
1e:0a:88:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcib/qseA2EhszSw3x7Ub3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjMwMzI3MDkzOTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjJjZTY0MjEzZTFiYjE0ZDQyOGFlMzliOTU3NGExMTQwZjQzOTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAopQodIG8a8rpXjkKIDtQvf9kc5Ty
V8Ce1SkQThAKeWzuY4+ttjTM/fqFfTwIdydxXaS4rGhvlO2TSRdiJf0I38nksdsy
iDnCs7ryWsitLcabd6dxRTfanJGRyTX3T87Qndx/uaHk99+1fxy7u7DSoSt+EV9g
UU6x2/lCYxDV8MexflK0opoSTklcZv7rn3EzeEYZC1vlXyRVSrwpvJipi/XekdnC
QL2I9VQlaFnNX3+GFk1Xf6dMmihvz/UyI1yD6kDOR+XJAzLDzG/EGWlvIUQfh4OJ
UAKxkX/sc9/y2T8/g3DSB3yY6d+ATr52DhY6tpV1M6p4Retg0Gg/0TJqgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8s5kIT4bsU1CiuOblXShFA9DmTMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvX3l6bVFoUGh1eFRVS0s0NXVWZEtFVUQwT1pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzXVMA0G
CSqGSIb3DQEBCwUAA4IBAQDGIckc6p+wdPIjaNJ2Ko8CZH3xCnUNkH7CefH0TdTu
eRIJUjgvtwYaFU/RsEEH2B2LjO/ShL/0mxUdg34zofe0C7IMSG5CuWoPfo8SVtnI
NNaXuqv41UOxiI+WPgJ7fC4lnwpQPww3PAYnGILd8MsG+Zldf5CJ9WHA+V7ySKvN
OsuVZFWxiolWpZEC4K64iVedQakmjnW/eoGvj6f7O+jDpxm/x5VMs3dN7L5CvbN9
YiPQXe6R9LTBGs0x7L9OH2r2rAoU1K2cHaLPpPJZUAj5wZy3MwLCuXaq0zLND3xQ
T2Mcd3daq3dUJCRqLUTLNbeOcpgZidtDR77nS84eCohI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:02 2025 by rpki-client