Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/sWmDgPhA0t5lvA_zO0h-rjePj90.roa
File: sWmDgPhA0t5lvA_zO0h-rjePj90.roa (raw, json)
Hash identifier: 0qDUnzH52NfdGJIkr5hmcttO/W4ycUZceA+CFzUFNig=
Subject key identifier: B1:69:83:80:F8:40:D2:DE:65:BC:0F:F3:3B:48:7E:AE:37:8F:8F:DD
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018572BA47D946654CDD2E8783C297AE1118
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/sWmDgPhA0t5lvA_zO0h-rjePj90.roa
Signing time: Mon 02 Jan 2023 13:44:48 +0000
ROA not before: Mon 02 Jan 2023 13:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15690
IP address blocks: 195.251.204.0/24 maxlen: 24
195.251.202.0/23 maxlen: 23
194.177.194.0/23 maxlen: 24
2001:648:2011::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:47:d9:46:65:4c:dd:2e:87:83:c2:97:ae:11:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 2 13:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1698380f840d2de65bc0ff33b487eae378f8fdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:15:46:23:95:f8:d6:13:ad:c3:8f:b4:72:ca:
f0:9b:af:4b:75:ce:4d:53:a0:09:3e:48:4b:b7:a8:
e7:71:9f:6b:16:54:54:95:36:0b:e4:53:68:81:ac:
d3:e0:a2:61:7a:4c:0f:e8:f3:a4:20:cb:5c:5f:66:
e0:5c:01:d2:dc:a4:db:1d:e0:c2:52:bf:c8:de:3f:
e2:75:46:c8:3c:a2:f9:c7:fe:58:4d:37:c7:e2:4c:
83:17:b7:14:0b:a9:5d:83:9f:b8:fe:07:d1:fc:97:
b3:36:d4:de:8e:b8:e1:ba:c2:81:b7:ba:4e:a6:c9:
da:95:a2:d3:f1:0f:3f:22:b8:bf:01:a6:53:ed:7a:
e9:2c:98:94:23:4c:67:b4:3c:64:49:ba:74:84:33:
21:50:81:38:91:ca:d9:4b:b3:8a:b6:d7:7f:fe:d8:
a7:f6:d4:42:b3:fd:34:89:68:35:00:79:ce:bd:43:
f9:3e:eb:cc:37:c8:e7:85:6c:6a:b6:8f:1f:dc:af:
58:8a:3f:6a:4f:22:f1:42:0d:44:e1:81:51:f7:35:
50:3b:0a:53:36:29:64:81:07:6d:57:98:b7:63:d0:
a1:04:79:52:3b:71:1f:f6:a5:65:20:fc:d2:88:8f:
45:d1:97:62:3d:f0:59:57:8c:ff:27:78:b6:5a:66:
bf:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:69:83:80:F8:40:D2:DE:65:BC:0F:F3:3B:48:7E:AE:37:8F:8F:DD
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/sWmDgPhA0t5lvA_zO0h-rjePj90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.177.194.0/23
195.251.202.0-195.251.204.255
IPv6:
2001:648:2011::/48
Signature Algorithm: sha256WithRSAEncryption
48:c9:d9:8d:e8:ff:87:37:d3:cf:c6:ec:17:c0:06:da:e0:29:
7c:57:09:c8:4d:05:8f:79:ab:41:ce:4a:a6:2b:42:c8:be:d0:
7f:cf:56:ef:05:38:42:29:2c:78:52:7b:4a:2c:7b:8f:51:3e:
6d:8f:eb:a8:86:95:4c:c3:44:c6:34:30:bd:69:8b:63:66:79:
8f:5d:c3:f0:47:ae:ca:f6:46:18:9a:fe:9c:6e:f6:bc:51:af:
b8:1d:13:c8:d7:73:24:01:4d:5a:1c:50:14:87:0f:66:8b:11:
ef:46:9b:1f:9a:e9:61:49:5a:b0:8c:ea:93:fd:28:9c:ef:09:
01:b6:b9:49:ac:85:b1:66:c7:0c:c3:30:73:19:cb:40:8b:68:
ff:91:8b:a8:c6:65:f1:ff:37:2e:21:06:46:d2:5d:74:6e:d9:
de:0f:98:e4:af:cc:e1:76:c4:27:9e:5b:d1:90:51:da:0f:77:
1c:5c:95:f8:14:fa:72:4c:c9:9d:b8:bc:5f:c2:5b:aa:18:b3:
58:01:ea:20:b2:35:b5:64:3d:05:f7:84:ac:22:20:99:ad:7e:
79:d2:53:b2:54:09:d1:29:8b:e5:63:56:09:c5:02:ba:a8:a3:
2c:1c:97:0c:5b:43:b0:98:88:42:7c:c9:6e:de:f8:11:60:90:
9c:a5:49:8e
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVyukfZRmVM3S6Hg8KXrhEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjMwMTAyMTM0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTY5ODM4MGY4NDBkMmRlNjViYzBmZjMzYjQ4N2VhZTM3OGY4ZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBVGI5X41hOtw4+0csrwm69Ldc5N
U6AJPkhLt6jncZ9rFlRUlTYL5FNogazT4KJhekwP6POkIMtcX2bgXAHS3KTbHeDC
Ur/I3j/idUbIPKL5x/5YTTfH4kyDF7cUC6ldg5+4/gfR/JezNtTejrjhusKBt7pO
psnalaLT8Q8/Iri/AaZT7XrpLJiUI0xntDxkSbp0hDMhUIE4kcrZS7OKttd//tin
9tRCs/00iWg1AHnOvUP5PuvMN8jnhWxqto8f3K9Yij9qTyLxQg1E4YFR9zVQOwpT
NilkgQdtV5i3Y9ChBHlSO3Ef9qVlIPzSiI9F0ZdiPfBZV4z/J3i2Wma/awIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFLFpg4D4QNLeZbwP8ztIfq43j4/dMB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvc1dtRGdQaEEwdDVsdkFfek8waC1yamVQajkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQBwrHCMAwD
BAHD+8oDBADD+8wwDwQCAAIwCQMHACABBkggETANBgkqhkiG9w0BAQsFAAOCAQEA
SMnZjej/hzfTz8bsF8AG2uApfFcJyE0Fj3mrQc5KpitCyL7Qf89W7wU4QikseFJ7
Six7j1E+bY/rqIaVTMNExjQwvWmLY2Z5j13D8EeuyvZGGJr+nG72vFGvuB0TyNdz
JAFNWhxQFIcPZosR70abH5rpYUlasIzqk/0onO8JAba5SayFsWbHDMMwcxnLQIto
/5GLqMZl8f83LiEGRtJddG7Z3g+Y5K/M4XbEJ55b0ZBR2g93HFyV+BT6ckzJnbi8
X8JbqhizWAHqILI1tWQ9BfeErCIgma1+edJTslQJ0SmL5WNWCcUCuqijLByXDFtD
sJiIQnzJbt74EWCQnKVJjg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:50 2025 by rpki-client