Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Vu6i1jMWvmnibkAZpmPUIgDVoAo.roa
File: Vu6i1jMWvmnibkAZpmPUIgDVoAo.roa (raw, json)
Hash identifier: IgsoxnwlXWHKhdTW/8MreolR5LQAwJ3UmRj9kMTyvII=
Subject key identifier: 56:EE:A2:D6:33:16:BE:69:E2:6E:40:19:A6:63:D4:22:00:D5:A0:0A
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018572BA3EB3DF42739712A5CF947A9DD72B
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Vu6i1jMWvmnibkAZpmPUIgDVoAo.roa
Signing time: Mon 02 Jan 2023 13:44:46 +0000
ROA not before: Mon 02 Jan 2023 13:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5489
IP address blocks: 195.251.120.0/22 maxlen: 22
195.251.240.0/22 maxlen: 22
195.251.238.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:3e:b3:df:42:73:97:12:a5:cf:94:7a:9d:d7:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 2 13:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=56eea2d63316be69e26e4019a663d42200d5a00a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:66:ad:54:9c:de:bc:d8:8f:ff:dc:6c:c5:db:
1d:88:66:d2:79:ba:5e:84:0a:fd:f8:79:fa:e2:88:
e8:96:f7:47:9a:75:52:ce:23:1d:68:2a:7e:2a:d4:
a0:ab:a1:02:5f:f8:0e:94:cf:e9:6e:6a:f7:10:91:
81:13:02:9d:3e:16:f5:c5:82:ac:45:3f:98:c2:78:
b4:d1:e6:43:ca:5c:cf:cd:d4:f1:84:e6:d4:3c:03:
3a:66:2c:ad:9e:18:08:72:01:55:c3:a6:be:4f:cb:
48:a6:74:57:5e:8a:6b:91:f1:fb:11:92:00:00:d0:
2b:92:27:69:89:5d:65:0f:a5:77:12:d3:17:f8:0e:
40:ff:64:29:f0:51:23:c7:9a:4c:7a:68:9f:fa:16:
1e:d9:ad:1f:63:99:50:7f:4e:00:e9:2a:99:a9:54:
36:65:02:42:23:ac:58:27:bd:10:0f:00:1d:e1:61:
9b:75:bf:df:8b:ee:72:a4:b5:0d:0a:29:7c:2b:7e:
37:89:84:c5:7a:7e:1b:60:f9:49:39:67:f1:61:b2:
d9:b7:ab:3f:5f:0d:ef:4e:fb:99:5c:e1:a9:ee:f8:
3e:36:72:c9:35:63:d8:0f:e5:34:12:cd:b3:16:44:
6a:ba:b7:cc:e5:e6:a4:47:fb:d4:e4:c8:3d:b5:cb:
3f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:EE:A2:D6:33:16:BE:69:E2:6E:40:19:A6:63:D4:22:00:D5:A0:0A
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Vu6i1jMWvmnibkAZpmPUIgDVoAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.251.120.0/22
195.251.238.0-195.251.243.255
Signature Algorithm: sha256WithRSAEncryption
16:ed:be:c5:ad:d1:53:29:3b:13:6b:25:25:85:29:ec:09:ef:
e3:25:8c:3a:b6:d2:55:10:c4:27:8d:bb:c7:6d:75:a3:4f:ea:
7d:53:e2:50:d8:22:e6:7f:bd:91:c6:db:ca:ae:0d:5c:b5:05:
f7:0a:a8:e1:19:1f:00:7b:41:c6:84:01:2e:55:64:90:97:db:
9c:c6:bc:94:42:1b:c0:54:fa:ac:72:69:22:76:45:bc:5d:a9:
a1:50:d3:43:b6:b0:f1:61:5d:45:89:48:23:10:61:04:66:d0:
87:ce:3b:d0:46:53:89:ac:7f:6c:c4:3b:ed:c5:67:27:c5:1d:
ff:1b:6c:37:d8:e0:41:4c:ab:95:68:dd:1e:88:40:f7:40:e2:
92:79:91:f2:ae:a0:f7:82:a4:b7:a4:9b:b5:f5:a6:81:f1:6a:
73:d3:53:57:e2:91:6d:a6:c6:2b:cc:0c:2d:c3:2f:a0:13:c6:
b0:96:0d:6b:67:cf:a3:18:c6:81:4d:c5:3f:85:99:8d:77:3c:
d3:37:2c:e2:37:51:91:5f:57:05:93:d4:d1:11:8d:af:df:91:
db:3d:da:72:75:1a:12:81:5a:62:6f:bb:46:fa:7d:af:3f:a8:
69:4e:2e:eb:a4:a9:88:6d:04:2b:3b:ee:b1:aa:d8:7e:7e:f3:
3c:7e:78:29
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyuj6z30JzlxKlz5R6ndcrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjMwMTAyMTM0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmVlYTJkNjMzMTZiZTY5ZTI2ZTQwMTlhNjYzZDQyMjAwZDVhMDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvmatVJzevNiP/9xsxdsdiGbSebpe
hAr9+Hn64ojolvdHmnVSziMdaCp+KtSgq6ECX/gOlM/pbmr3EJGBEwKdPhb1xYKs
RT+Ywni00eZDylzPzdTxhObUPAM6ZiytnhgIcgFVw6a+T8tIpnRXXoprkfH7EZIA
ANArkidpiV1lD6V3EtMX+A5A/2Qp8FEjx5pMemif+hYe2a0fY5lQf04A6SqZqVQ2
ZQJCI6xYJ70QDwAd4WGbdb/fi+5ypLUNCil8K343iYTFen4bYPlJOWfxYbLZt6s/
Xw3vTvuZXOGp7vg+NnLJNWPYD+U0Es2zFkRqurfM5eakR/vU5Mg9tcs/KQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFbuotYzFr5p4m5AGaZj1CIA1aAKMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvVnU2aTFqTVd2bW5pYmtBWnBtUFVJZ0RWb0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCw/t4MAwD
BAHD++4DBALD+/AwDQYJKoZIhvcNAQELBQADggEBABbtvsWt0VMpOxNrJSWFKewJ
7+MljDq20lUQxCeNu8dtdaNP6n1T4lDYIuZ/vZHG28quDVy1BfcKqOEZHwB7QcaE
AS5VZJCX25zGvJRCG8BU+qxyaSJ2RbxdqaFQ00O2sPFhXUWJSCMQYQRm0IfOO9BG
U4msf2zEO+3FZyfFHf8bbDfY4EFMq5Vo3R6IQPdA4pJ5kfKuoPeCpLekm7X1poHx
anPTU1fikW2mxivMDC3DL6ATxrCWDWtnz6MYxoFNxT+FmY13PNM3LOI3UZFfVwWT
1NERja/fkds92nJ1GhKBWmJvu0b6fa8/qGlOLuukqYhtBCs77rGq2H5+8zx+eCk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:30 2025 by rpki-client