Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/I4bb56_uuhrfchMCC7JTEYUNY3E.roa
File: I4bb56_uuhrfchMCC7JTEYUNY3E.roa (raw, json)
Hash identifier: g64nmXRJNqqqYZLqNFxmAk4LSj8bXkF/yHChgIJiXcs=
Subject key identifier: 23:86:DB:E7:AF:EE:BA:1A:DF:72:13:02:0B:B2:53:11:85:0D:63:71
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01856F1DC5B59EB3921237A6CFC66CE8963C
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/I4bb56_uuhrfchMCC7JTEYUNY3E.roa
Signing time: Sun 01 Jan 2023 20:55:00 +0000
ROA not before: Sun 01 Jan 2023 20:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8737
IP address blocks: 195.121.128.0/17 maxlen: 17
195.121.64.0/18 maxlen: 18
213.75.0.0/17 maxlen: 17
213.75.0.0/16 maxlen: 16
213.75.128.0/17 maxlen: 17
195.121.0.0/17 maxlen: 17
195.121.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c5:b5:9e:b3:92:12:37:a6:cf:c6:6c:e8:96:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 20:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2386dbe7afeeba1adf7213020bb25311850d6371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7b:c1:54:70:42:5b:0a:67:7c:b0:17:8f:6f:
ae:13:14:14:62:1d:0b:ee:1f:77:b6:47:07:ac:6a:
90:72:c9:07:63:0f:ac:88:30:f3:e7:3e:40:27:05:
fa:5e:59:ad:01:b9:e5:95:d3:32:ec:3e:fc:af:ae:
7c:80:8b:ba:86:3d:e6:8e:76:3d:49:9b:bc:11:d5:
5b:be:ae:17:2c:79:d6:d3:bc:ec:55:3c:3b:bd:df:
2d:45:dd:1c:04:b2:2a:60:a4:b0:e1:7b:cc:81:3f:
2f:c0:d6:3e:7d:ab:4d:8c:dc:3f:07:e2:51:0d:5e:
81:0d:a4:2f:73:b0:61:14:71:86:7a:a2:08:34:62:
e1:cd:87:da:e1:70:f7:1e:25:a6:6b:c2:8e:2b:7a:
4b:d8:e1:9f:2d:d6:0d:eb:ad:30:6e:4b:1e:41:a5:
5a:67:1f:9d:24:b6:7f:df:ea:fa:1c:92:de:31:31:
aa:47:95:e9:19:f2:de:10:30:b7:6e:3e:c0:c3:cb:
af:b9:d6:63:c9:21:00:30:c9:0d:f4:2d:5c:6e:e5:
50:60:fe:13:36:ea:8c:3e:09:d3:96:c1:96:08:f5:
09:24:a8:4c:5a:a8:21:23:5b:e4:0b:80:0a:21:63:
84:b8:44:8e:ba:37:c2:28:7b:ca:b6:51:ad:af:1c:
72:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:86:DB:E7:AF:EE:BA:1A:DF:72:13:02:0B:B2:53:11:85:0D:63:71
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/I4bb56_uuhrfchMCC7JTEYUNY3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.121.0.0/16
213.75.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:a7:b5:26:3d:44:3e:bc:01:14:6f:c7:05:61:25:12:28:cd:
7d:d4:40:73:ab:d8:a8:7d:c9:7c:bc:cb:e7:b0:f4:f6:13:8c:
d8:7f:32:1c:1c:e0:0b:24:0d:61:86:7c:06:74:d2:c1:f3:f9:
da:56:c0:45:5a:c7:74:49:a1:e6:dd:1c:a4:61:82:74:a1:df:
63:b5:be:68:b3:94:c8:f0:b4:54:4f:d0:2a:67:50:55:c7:37:
de:11:29:12:30:c5:0a:f9:d7:b4:60:92:cd:0b:11:52:41:8e:
c9:60:b8:f3:05:4c:4d:2d:a3:43:23:5a:b1:6c:49:8e:a0:8d:
ba:cc:e5:1a:93:6b:56:ec:9e:80:e8:b6:55:9e:c9:2a:cc:81:
7d:e7:e2:dc:92:a4:f6:bc:19:e9:1b:62:7d:0c:89:80:fd:ac:
28:93:81:a2:73:36:86:eb:06:40:a3:8b:06:dc:e4:ce:a2:03:
33:1e:7b:d5:f3:63:d6:04:34:93:5f:29:92:d2:98:a6:45:b4:
af:ff:9e:a6:cb:40:13:dd:7d:4e:35:33:b2:55:7c:d4:00:81:
19:45:97:b6:46:f9:f4:a5:c1:03:05:eb:69:dc:63:4d:82:f5:
e1:93:ea:cb:46:2c:0d:54:64:07:47:eb:be:66:17:2c:b0:21:
78:df:12:8a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgISAYVvHcW1nrOSEjemz8Zs6JY8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwMTAxMjA1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzg2ZGJlN2FmZWViYTFhZGY3MjEzMDIwYmIyNTMxMTg1MGQ2MzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHvBVHBCWwpnfLAXj2+uExQUYh0L
7h93tkcHrGqQcskHYw+siDDz5z5AJwX6XlmtAbnlldMy7D78r658gIu6hj3mjnY9
SZu8EdVbvq4XLHnW07zsVTw7vd8tRd0cBLIqYKSw4XvMgT8vwNY+fatNjNw/B+JR
DV6BDaQvc7BhFHGGeqIINGLhzYfa4XD3HiWma8KOK3pL2OGfLdYN660wbkseQaVa
Zx+dJLZ/3+r6HJLeMTGqR5XpGfLeEDC3bj7Aw8uvudZjySEAMMkN9C1cbuVQYP4T
NuqMPgnTlsGWCPUJJKhMWqghI1vkC4AKIWOEuESOujfCKHvKtlGtrxxyWQIDAQAB
o4ICDTCCAgkwHQYDVR0OBBYEFCOG2+ev7roa33ITAguyUxGFDWNxMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvSTRiYjU2X3V1aHJmY2hNQ0M3SlRFWVVOWTNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCMGCCsGAQUFBwEHAQH/BBQwEjAQBAIAATAKAwMAw3kDAwDV
SzANBgkqhkiG9w0BAQsFAAOCAQEAcqe1Jj1EPrwBFG/HBWElEijNfdRAc6vYqH3J
fLzL57D09hOM2H8yHBzgCyQNYYZ8BnTSwfP52lbARVrHdEmh5t0cpGGCdKHfY7W+
aLOUyPC0VE/QKmdQVcc33hEpEjDFCvnXtGCSzQsRUkGOyWC48wVMTS2jQyNasWxJ
jqCNuszlGpNrVuyegOi2VZ7JKsyBfefi3JKk9rwZ6RtifQyJgP2sKJOBonM2husG
QKOLBtzkzqIDMx571fNj1gQ0k18pktKYpkW0r/+epstAE919TjUzslV81ACBGUWX
tkb59KXBAwXradxjTYL14ZPqy0YsDVRkB0frvmYXLLAheN8Sig==
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:02:00 2025 by rpki-client