Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/11evC7OX6UDJ13fYIQXSg6su77k.roa
File: 11evC7OX6UDJ13fYIQXSg6su77k.roa (raw, json)
Hash identifier: Mw6OYnPDs4Ko9MJHC+TImEb9vbsi6aV9qrmQKPkszhg=
Subject key identifier: D7:57:AF:0B:B3:97:E9:40:C9:D7:77:D8:21:05:D2:83:AB:2E:EF:B9
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 394601CE
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/11evC7OX6UDJ13fYIQXSg6su77k.roa
Signing time: Sat 01 Jan 2022 03:53:04 +0000
ROA not before: Sat 01 Jan 2022 03:53:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31563
IP address blocks: 195.251.244.0/24 maxlen: 24
195.251.244.0/23 maxlen: 23
195.251.245.0/24 maxlen: 24
195.251.246.0/24 maxlen: 24
2001:648:2420::/48 maxlen: 48
2001:648:2421::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 960889294 (0x394601ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 03:53:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d757af0bb397e940c9d777d82105d283ab2eefb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:35:31:dd:ac:86:83:59:3b:d9:7f:86:dd:75:
67:f0:86:50:c3:78:4f:61:03:c1:ad:c8:6a:e3:f7:
4e:4e:ac:d0:9d:af:b7:cd:c3:08:02:e1:21:af:dd:
d1:23:21:f0:8a:8a:8b:41:15:93:dd:ae:32:a6:dd:
e1:55:e4:95:43:4e:96:c2:0e:44:f4:5b:76:3d:1c:
73:d0:9b:ca:0d:44:91:7b:5f:38:23:3a:1f:10:4d:
2a:2e:9b:2d:ca:a0:fa:bb:e7:32:2d:4f:6c:96:3f:
49:8a:00:64:33:22:65:e0:bf:ee:56:c2:1f:77:87:
7b:94:65:21:0b:84:ad:a8:a4:00:51:0a:07:cf:3d:
05:c0:a6:bb:01:76:ae:80:09:bd:52:73:b7:c7:33:
e9:f8:89:bf:d7:a8:b7:13:e2:84:5c:cb:1c:77:7f:
19:a5:97:72:af:da:9a:80:1b:ea:71:91:04:bb:f2:
5b:b9:bd:b4:1d:dc:3b:52:fa:c4:ff:1d:2d:26:19:
dd:1b:65:c1:79:f2:5e:23:79:52:3c:c0:5b:9e:c6:
57:39:4c:c9:dc:7a:a5:5b:8c:55:0d:94:1f:6c:ca:
31:f6:da:cb:7d:88:57:3d:30:40:6f:98:1c:3b:38:
f6:c5:f7:22:44:8a:0d:38:9e:af:da:3b:d9:f9:57:
e2:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:57:AF:0B:B3:97:E9:40:C9:D7:77:D8:21:05:D2:83:AB:2E:EF:B9
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/11evC7OX6UDJ13fYIQXSg6su77k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.251.244.0-195.251.246.255
IPv6:
2001:648:2420::/47
Signature Algorithm: sha256WithRSAEncryption
0d:5c:f0:b2:6e:62:40:35:71:70:0a:1c:4e:22:4b:2f:a0:a0:
35:30:e2:9c:89:50:4b:ca:11:26:59:ae:02:80:f0:4b:22:72:
e3:91:83:8c:5d:1b:5e:7e:43:8e:ba:69:7e:96:9c:c1:10:34:
81:e8:78:e0:4c:85:d0:9e:4a:82:b9:3f:58:93:1b:42:58:69:
50:c5:a5:c3:54:4d:93:e0:6d:b4:07:bc:00:bf:11:42:65:ea:
0b:66:91:2a:a3:61:26:80:2f:aa:6c:e1:75:c4:85:ba:e4:8c:
8d:50:2a:8f:81:52:b5:5e:62:65:df:2b:5d:63:e3:06:81:9c:
a4:ae:5b:8b:a4:fb:f4:e3:5c:3c:5d:84:ab:34:67:d1:e7:b4:
10:24:39:99:de:da:bc:0a:1c:89:40:7e:a3:3b:6c:12:8f:34:
7b:d2:01:ce:19:7a:c5:38:41:fc:56:3e:0b:73:3b:8b:ec:4b:
04:b8:ca:ee:49:fb:8c:fe:3f:e6:7b:6c:c9:bd:d4:cd:ef:9d:
94:56:13:4b:c6:7a:7d:e5:aa:e3:c2:4e:7c:c2:8a:1d:02:e5:
0b:c0:39:80:43:9f:e7:21:c0:ce:62:e4:a2:c8:f3:2c:21:49:
28:c5:31:97:b1:42:82:59:f6:10:1b:1e:88:5a:85:db:00:3a:
48:82:c3:82
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIEOUYBzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTZmOTI5NTUyMWRmMzBhMTU4ZjUwNmJhN2NiODczYWI5NTI5ZGMzMB4XDTIyMDEw
MTAzNTMwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc1N2FmMGJiMzk3
ZTk0MGM5ZDc3N2Q4MjEwNWQyODNhYjJlZWZiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJs1Md2shoNZO9l/ht11Z/CGUMN4T2EDwa3IauP3Tk6s0J2v
t83DCALhIa/d0SMh8IqKi0EVk92uMqbd4VXklUNOlsIORPRbdj0cc9Cbyg1EkXtf
OCM6HxBNKi6bLcqg+rvnMi1PbJY/SYoAZDMiZeC/7lbCH3eHe5RlIQuEraikAFEK
B889BcCmuwF2roAJvVJzt8cz6fiJv9eotxPihFzLHHd/GaWXcq/amoAb6nGRBLvy
W7m9tB3cO1L6xP8dLSYZ3RtlwXnyXiN5UjzAW57GVzlMydx6pVuMVQ2UH2zKMfba
y32IVz0wQG+YHDs49sX3IkSKDTier9o72flX4j8CAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBTXV68Ls5fpQMnXd9ghBdKDqy7vuTAfBgNVHSMEGDAWgBRab5KVUh3zChWP
UGuny4c6uVKdwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtLVNsVklkOHdvVmoxQnJwOHVIT3JsU25jTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8x
LzExZXZDN09YNlVESjEzZllJUVhTZzZzdTc3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8xL1dtLVNsVklkOHdv
VmoxQnJwOHVIT3JsU25jTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwFAQCAAEwDjAMAwQCw/v0AwQAw/v2MA8EAgACMAkD
BwEgAQZIJCAwDQYJKoZIhvcNAQELBQADggEBAA1c8LJuYkA1cXAKHE4iSy+goDUw
4pyJUEvKESZZrgKA8EsicuORg4xdG15+Q466aX6WnMEQNIHoeOBMhdCeSoK5P1iT
G0JYaVDFpcNUTZPgbbQHvAC/EUJl6gtmkSqjYSaAL6ps4XXEhbrkjI1QKo+BUrVe
YmXfK11j4waBnKSuW4uk+/TjXDxdhKs0Z9HntBAkOZne2rwKHIlAfqM7bBKPNHvS
Ac4ZesU4QfxWPgtzO4vsSwS4yu5J+4z+P+Z7bMm91M3vnZRWE0vGen3lquPCTnzC
ih0C5QvAOYBDn+chwM5i5KLI8ywhSSjFMZexQoJZ9hAbHohahdsAOkiCw4I=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:01 2025 by rpki-client