Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/433c47-bf3e-4728-8b93-b070ec34d4c1/1/_XfrgmDHAhxB3SVT7zCqJJ2IgQk.roa
File: _XfrgmDHAhxB3SVT7zCqJJ2IgQk.roa (raw, json)
Hash identifier: 9y4kVZyGN9fVklnNVj9Em9Htiie9RUbp6w/QiEZuprE=
Subject key identifier: FD:77:EB:82:60:C7:02:1C:41:DD:25:53:EF:30:AA:24:9D:88:81:09
Certificate issuer: /CN=073cc18fc706df5a9933b0be20dccb04675bf474
Certificate serial: 018572B42F33807B81BF5BD66ED8F05D780A
Authority key identifier: 07:3C:C1:8F:C7:06:DF:5A:99:33:B0:BE:20:DC:CB:04:67:5B:F4:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BzzBj8cG31qZM7C-INzLBGdb9HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/433c47-bf3e-4728-8b93-b070ec34d4c1/1/_XfrgmDHAhxB3SVT7zCqJJ2IgQk.roa
Signing time: Mon 02 Jan 2023 13:38:09 +0000
ROA not before: Mon 02 Jan 2023 13:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29686
IP address blocks: 195.43.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:2f:33:80:7b:81:bf:5b:d6:6e:d8:f0:5d:78:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073cc18fc706df5a9933b0be20dccb04675bf474
Validity
Not Before: Jan 2 13:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd77eb8260c7021c41dd2553ef30aa249d888109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8d:2e:86:fe:42:3e:b7:3d:df:c1:ed:10:25:
75:8b:ed:a2:42:9d:db:c9:ed:46:d3:70:8a:c0:04:
ea:4b:29:45:62:88:9b:eb:e3:b8:09:92:70:ca:e4:
65:30:51:aa:4a:c8:51:c0:b5:6e:d2:b7:9d:3a:e4:
cd:89:6a:bc:0c:d4:83:77:9f:3d:08:da:e3:63:12:
3e:f5:1a:8f:6b:52:c3:1a:4b:dc:ef:50:9c:c9:3c:
df:0e:bb:83:ad:d4:9d:66:d5:4e:bc:aa:3d:52:23:
20:f3:db:1b:90:4f:e3:13:c8:95:be:5b:be:cd:8d:
d2:b0:7f:c4:ac:19:b9:cc:62:d8:29:ea:c3:bc:7d:
47:a4:6b:67:d7:41:4c:91:3d:3c:79:65:c9:f9:9e:
1b:47:2b:75:f4:e5:28:0e:62:31:18:68:71:dd:46:
9d:69:d5:49:b3:78:4d:fd:4b:a5:e7:07:16:85:f6:
58:70:24:4e:9f:e1:a1:04:be:a4:e9:27:95:22:78:
f7:e3:a2:de:cf:20:83:00:c6:46:be:79:c5:21:4a:
66:ee:1f:2f:82:57:06:e0:28:8f:14:3d:cc:b9:33:
e3:99:3d:b0:fe:25:ab:97:97:fa:8f:88:bf:03:82:
6b:10:96:1a:f8:14:b8:03:d1:a1:41:f4:eb:d9:34:
79:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:77:EB:82:60:C7:02:1C:41:DD:25:53:EF:30:AA:24:9D:88:81:09
X509v3 Authority Key Identifier:
keyid:07:3C:C1:8F:C7:06:DF:5A:99:33:B0:BE:20:DC:CB:04:67:5B:F4:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BzzBj8cG31qZM7C-INzLBGdb9HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/433c47-bf3e-4728-8b93-b070ec34d4c1/1/_XfrgmDHAhxB3SVT7zCqJJ2IgQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/433c47-bf3e-4728-8b93-b070ec34d4c1/1/BzzBj8cG31qZM7C-INzLBGdb9HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.141.0/24
Signature Algorithm: sha256WithRSAEncryption
30:ee:6e:11:f7:14:54:1e:50:21:9c:09:15:f5:30:29:a4:f4:
86:6c:e1:de:41:f6:c2:0c:4f:b2:28:41:ed:47:4e:77:34:25:
a6:ae:6a:54:e8:14:11:16:37:f0:87:bf:cd:3b:a0:62:4a:7b:
22:c6:99:43:2f:7d:aa:a1:24:f4:e5:76:e8:58:9f:d7:af:e5:
a0:96:27:dc:12:ea:35:a1:6b:79:77:cd:c9:12:bb:09:99:d7:
8b:b2:48:25:90:95:43:02:56:ca:ae:8c:02:c0:ab:30:c4:ee:
3d:c0:8c:f7:b8:ef:1b:f4:07:07:b0:48:8c:81:8f:27:15:ba:
7f:c4:7b:64:0f:fc:ac:d8:2f:ef:61:ad:f1:71:0b:66:2f:e1:
f0:f7:9a:29:92:a8:4e:da:3d:1e:16:38:f4:d1:be:6b:c1:c1:
fc:6a:74:8f:9f:c0:3b:70:67:98:13:3e:e1:4d:82:96:b5:4a:
b9:a1:99:70:36:71:b8:3b:66:52:47:37:9a:d3:da:58:ec:eb:
a0:c1:87:b3:57:70:89:fb:4b:1b:08:11:d1:81:7a:65:20:22:
f3:df:58:27:56:0e:a1:3a:bc:e3:27:e0:ba:09:d2:0b:13:75:
48:21:3d:b0:51:56:51:04:1c:bd:de:bb:d3:51:9f:63:82:6d:
d5:40:08:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVytC8zgHuBv1vWbtjwXXgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2NjMThmYzcwNmRmNWE5OTMzYjBiZTIwZGNjYjA0Njc1
YmY0NzQwHhcNMjMwMTAyMTMzODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc3ZWI4MjYwYzcwMjFjNDFkZDI1NTNlZjMwYWEyNDlkODg4MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY0uhv5CPrc938HtECV1i+2iQp3b
ye1G03CKwATqSylFYoib6+O4CZJwyuRlMFGqSshRwLVu0redOuTNiWq8DNSDd589
CNrjYxI+9RqPa1LDGkvc71CcyTzfDruDrdSdZtVOvKo9UiMg89sbkE/jE8iVvlu+
zY3SsH/ErBm5zGLYKerDvH1HpGtn10FMkT08eWXJ+Z4bRyt19OUoDmIxGGhx3Uad
adVJs3hN/Uul5wcWhfZYcCROn+GhBL6k6SeVInj346LezyCDAMZGvnnFIUpm7h8v
glcG4CiPFD3MuTPjmT2w/iWrl5f6j4i/A4JrEJYa+BS4A9GhQfTr2TR5bQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP1364JgxwIcQd0lU+8wqiSdiIEJMB8GA1UdIwQY
MBaAFAc8wY/HBt9amTOwviDcywRnW/R0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp6Qmo4Y0czMXFaTTdDLUlOekxCR2RiOUhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi80MzNjNDctYmYzZS00NzI4LThiOTMt
YjA3MGVjMzRkNGMxLzEvX1hmcmdtREhBaHhCM1NWVDd6Q3FKSjJJZ1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi80MzNjNDctYmYzZS00NzI4LThiOTMtYjA3MGVjMzRkNGMx
LzEvQnp6Qmo4Y0czMXFaTTdDLUlOekxCR2RiOUhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyuNMA0G
CSqGSIb3DQEBCwUAA4IBAQAw7m4R9xRUHlAhnAkV9TAppPSGbOHeQfbCDE+yKEHt
R053NCWmrmpU6BQRFjfwh7/NO6BiSnsixplDL32qoST05XboWJ/Xr+WglifcEuo1
oWt5d83JErsJmdeLskglkJVDAlbKrowCwKswxO49wIz3uO8b9AcHsEiMgY8nFbp/
xHtkD/ys2C/vYa3xcQtmL+Hw95opkqhO2j0eFjj00b5rwcH8anSPn8A7cGeYEz7h
TYKWtUq5oZlwNnG4O2ZSRzea09pY7OugwYezV3CJ+0sbCBHRgXplICLz31gnVg6h
OrzjJ+C6CdILE3VIIT2wUVZRBBy93rvTUZ9jgm3VQAjz
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:22 2025 by rpki-client