Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/IYtJKnH_FW3IAVKM19rFfTxVSII.roa
File: IYtJKnH_FW3IAVKM19rFfTxVSII.roa (raw, json)
Hash identifier: ZI8tQx9Lm59XKqvc6TAUjMM0fXN90hl3k5K31ikM4MI=
Subject key identifier: 21:8B:49:2A:71:FF:15:6D:C8:01:52:8C:D7:DA:C5:7D:3C:55:48:82
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018572BA4B52397A0AA1C5971AD97FA338CB
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/IYtJKnH_FW3IAVKM19rFfTxVSII.roa
Signing time: Mon 02 Jan 2023 13:44:49 +0000
ROA not before: Mon 02 Jan 2023 13:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201374
IP address blocks: 195.251.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:4b:52:39:7a:0a:a1:c5:97:1a:d9:7f:a3:38:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 2 13:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=218b492a71ff156dc801528cd7dac57d3c554882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b4:6e:76:56:65:77:65:38:48:64:2e:71:32:
10:fe:df:62:14:89:3c:3b:8a:e1:2c:82:5e:db:07:
77:43:9c:7d:a5:89:95:8c:c2:fa:68:1b:ff:29:70:
38:d0:a5:95:5e:79:53:46:96:fd:bf:bc:0c:c3:8d:
3b:4e:83:ec:50:45:33:31:58:39:56:5a:f8:dd:9e:
18:43:84:2a:24:0f:4d:6b:18:77:bf:8f:e0:f0:83:
9b:56:2a:2a:3e:07:38:e8:c6:11:d5:bf:77:be:b5:
a5:54:79:96:3a:12:a1:c3:03:10:c3:c4:d2:51:5b:
16:56:87:01:13:8b:89:62:e0:a5:43:e5:62:3d:c9:
87:c0:13:c1:e6:07:91:2c:80:34:61:cd:77:b2:14:
30:ca:6e:f7:2c:2f:28:32:3f:ca:46:f6:ce:19:3c:
fa:f1:56:54:e4:e9:68:2b:f1:94:80:01:ed:30:9b:
51:2d:49:7a:96:4b:f6:33:09:87:d3:d4:4c:09:3a:
a8:56:1b:20:71:63:fe:6e:2c:05:d8:37:d4:76:3e:
73:c4:e5:5e:33:38:10:e8:c7:25:c3:49:61:f0:f1:
2e:62:e2:fc:4f:0d:5b:40:d4:83:57:ac:54:30:3d:
50:66:ba:48:97:dc:21:54:39:f4:fe:e1:d6:7c:9a:
f7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8B:49:2A:71:FF:15:6D:C8:01:52:8C:D7:DA:C5:7D:3C:55:48:82
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/IYtJKnH_FW3IAVKM19rFfTxVSII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.251.32.0/24
Signature Algorithm: sha256WithRSAEncryption
42:22:dc:fc:7b:c4:4b:67:fd:15:5c:eb:0c:a8:8e:f7:0b:69:
90:e8:e5:29:e0:c4:ba:f3:d9:d1:4c:30:d5:79:d3:45:8e:ca:
79:94:52:ec:3d:1b:db:67:6b:11:ca:6f:b0:6e:b9:d9:10:d5:
02:a8:46:aa:ea:b9:81:b3:c3:5c:4a:d0:ed:27:59:64:a5:a4:
75:7c:bc:eb:9a:92:51:4c:a2:59:f3:71:3c:2e:44:92:16:96:
26:78:dd:5a:3d:b6:24:9c:7c:35:ee:26:f9:16:09:f3:b4:26:
22:7d:60:f3:c6:d5:22:c0:ac:03:51:f4:27:5e:b1:35:3d:38:
b8:d7:dc:2d:45:0a:e3:12:03:a4:c1:8e:f0:ca:7b:ff:02:a6:
b7:09:53:90:bb:d4:c2:d6:da:94:c2:1d:6d:07:71:33:56:ee:
c0:dd:7e:86:16:df:ea:bf:7e:be:2d:04:f6:a0:64:82:d1:e9:
fc:9a:1d:59:db:93:63:8d:68:21:f4:3b:c7:ea:c1:bf:20:a0:
2c:43:61:f0:f4:89:fa:40:c6:67:e7:99:3b:0c:dc:e2:a9:55:
56:c6:91:32:22:f1:47:57:cf:74:ae:00:16:6d:6a:43:fd:d6:
2a:a4:e0:66:d1:8b:18:aa:85:00:f3:ee:68:82:51:b0:76:4d:
2b:9f:81:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyuktSOXoKocWXGtl/ozjLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjMwMTAyMTM0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThiNDkyYTcxZmYxNTZkYzgwMTUyOGNkN2RhYzU3ZDNjNTU0ODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybRudlZld2U4SGQucTIQ/t9iFIk8
O4rhLIJe2wd3Q5x9pYmVjML6aBv/KXA40KWVXnlTRpb9v7wMw407ToPsUEUzMVg5
Vlr43Z4YQ4QqJA9Naxh3v4/g8IObVioqPgc46MYR1b93vrWlVHmWOhKhwwMQw8TS
UVsWVocBE4uJYuClQ+ViPcmHwBPB5geRLIA0Yc13shQwym73LC8oMj/KRvbOGTz6
8VZU5OloK/GUgAHtMJtRLUl6lkv2MwmH09RMCTqoVhsgcWP+biwF2DfUdj5zxOVe
MzgQ6Mclw0lh8PEuYuL8Tw1bQNSDV6xUMD1QZrpIl9whVDn0/uHWfJr3cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCGLSSpx/xVtyAFSjNfaxX08VUiCMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvSVl0SktuSF9GVzNJQVZLTTE5ckZmVHhWU0lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw/sgMA0G
CSqGSIb3DQEBCwUAA4IBAQBCItz8e8RLZ/0VXOsMqI73C2mQ6OUp4MS689nRTDDV
edNFjsp5lFLsPRvbZ2sRym+wbrnZENUCqEaq6rmBs8NcStDtJ1lkpaR1fLzrmpJR
TKJZ83E8LkSSFpYmeN1aPbYknHw17ib5FgnztCYifWDzxtUiwKwDUfQnXrE1PTi4
19wtRQrjEgOkwY7wynv/Aqa3CVOQu9TC1tqUwh1tB3EzVu7A3X6GFt/qv36+LQT2
oGSC0en8mh1Z25NjjWgh9DvH6sG/IKAsQ2Hw9In6QMZn55k7DNziqVVWxpEyIvFH
V890rgAWbWpD/dYqpOBm0YsYqoUA8+5oglGwdk0rn4Fl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:41 2025 by rpki-client