Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/1RiCYiaVd8vz4FpgraTy3EgOM6Q.roa
File: 1RiCYiaVd8vz4FpgraTy3EgOM6Q.roa (raw, json)
Hash identifier: /mX/QFamqi+NYW5VzO6a33PC+4epkHve+Erb707Bcfs=
Subject key identifier: D5:18:82:62:26:95:77:CB:F3:E0:5A:60:AD:A4:F2:DC:48:0E:33:A4
Certificate issuer: /CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Certificate serial: 08A86191
Authority key identifier: 44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/1RiCYiaVd8vz4FpgraTy3EgOM6Q.roa
Signing time: Sat 01 Jan 2022 05:56:32 +0000
ROA not before: Sat 01 Jan 2022 05:56:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2865
IP address blocks: 195.138.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145252753 (0x8a86191)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44a7e5a33d9c5a965d9fbfdeecdc871af0a5d4f8
Validity
Not Before: Jan 1 05:56:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5188262269577cbf3e05a60ada4f2dc480e33a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ae:45:ac:3c:ac:70:43:c1:1b:a6:0d:65:4a:
44:5e:02:f3:af:c0:5b:a6:b3:1d:e4:8c:a9:87:f3:
a9:cb:7b:40:58:4e:b7:c6:5f:ea:9e:ce:30:56:d1:
2f:2f:de:ec:01:70:d5:90:31:27:53:fd:d7:e5:55:
41:53:29:bb:39:58:19:c8:93:b2:b6:c1:fe:6d:d4:
7b:02:55:24:05:8d:44:33:26:be:b9:e6:e0:37:e8:
56:87:8e:b0:3e:c2:fd:df:e5:78:d5:cc:a0:3c:24:
b4:61:4d:7e:f1:16:09:e1:3a:57:39:b2:5b:aa:f4:
41:7c:af:89:24:99:e9:b2:df:50:43:e9:5f:bb:e5:
47:51:af:d7:7b:ff:c7:b0:81:ec:1b:42:9c:4a:53:
88:ee:c1:f5:96:fb:be:7a:04:de:35:d2:37:66:47:
5a:49:67:91:70:59:86:9e:d0:84:e6:f1:8d:40:d0:
d1:09:cf:d3:24:6c:ae:86:43:59:45:98:80:78:df:
74:e3:b6:2d:d3:ae:8c:0e:26:8a:af:71:7a:9e:6b:
ae:7e:25:c8:20:58:7d:8e:8c:66:81:42:c6:b6:f7:
ea:55:b6:b9:0b:11:c3:c1:bd:2b:df:82:0a:5a:7d:
84:ed:41:5b:95:9d:65:30:e6:cd:a2:f4:cc:bb:d8:
cc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:18:82:62:26:95:77:CB:F3:E0:5A:60:AD:A4:F2:DC:48:0E:33:A4
X509v3 Authority Key Identifier:
keyid:44:A7:E5:A3:3D:9C:5A:96:5D:9F:BF:DE:EC:DC:87:1A:F0:A5:D4:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RKfloz2cWpZdn7_e7NyHGvCl1Pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/1RiCYiaVd8vz4FpgraTy3EgOM6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0d8088-ea93-4abb-8996-21cf56cbce12/1/RKfloz2cWpZdn7_e7NyHGvCl1Pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.221.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d8:eb:04:cb:14:5d:80:fe:63:11:f5:a9:b9:33:1a:4a:c8:
7a:e6:0c:cf:08:f5:00:8c:bd:d0:91:aa:57:55:1d:77:cf:52:
13:2f:e6:81:93:7a:58:4a:f0:29:2c:f6:81:77:25:f3:01:2a:
28:b0:d3:3f:fc:c9:61:a5:18:62:7c:a0:54:35:70:38:be:78:
2c:23:74:05:67:e0:ff:1d:44:f6:cb:84:32:93:2d:00:8b:72:
94:bd:57:a2:3e:a4:75:27:b5:f5:07:2e:1a:15:71:23:11:aa:
80:63:33:e2:8d:61:b2:8c:73:96:d1:3c:5c:23:a6:41:d8:b5:
ce:18:0d:8e:b7:25:c6:97:59:f0:2a:0d:9b:f7:1e:90:c8:4f:
31:aa:81:e1:0e:14:9f:8c:d9:4d:da:92:f4:31:50:dc:b6:84:
77:cb:03:fd:c8:71:93:ad:d6:4e:b5:2f:d3:4e:5c:26:4f:c6:
c5:40:57:fc:c9:6b:50:f9:e5:a3:8a:15:47:5e:82:51:6e:35:
3d:d9:7e:71:47:8f:22:bb:4d:8d:e0:35:63:03:21:7e:d8:32:
b9:03:b2:50:e7:52:89:0d:3e:dd:94:c9:99:95:08:89:64:84:
2a:12:d8:d6:95:8e:6c:e2:13:f9:8e:65:2a:40:b5:5b:52:9f:
72:e4:19:e0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECKhhkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NGE3ZTVhMzNkOWM1YTk2NWQ5ZmJmZGVlY2RjODcxYWYwYTVkNGY4MB4XDTIyMDEw
MTA1NTYzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDUxODgyNjIyNjk1
NzdjYmYzZTA1YTYwYWRhNGYyZGM0ODBlMzNhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGuRaw8rHBDwRumDWVKRF4C86/AW6azHeSMqYfzqct7QFhO
t8Zf6p7OMFbRLy/e7AFw1ZAxJ1P91+VVQVMpuzlYGciTsrbB/m3UewJVJAWNRDMm
vrnm4DfoVoeOsD7C/d/leNXMoDwktGFNfvEWCeE6VzmyW6r0QXyviSSZ6bLfUEPp
X7vlR1Gv13v/x7CB7BtCnEpTiO7B9Zb7vnoE3jXSN2ZHWklnkXBZhp7QhObxjUDQ
0QnP0yRsroZDWUWYgHjfdOO2LdOujA4miq9xep5rrn4lyCBYfY6MZoFCxrb36lW2
uQsRw8G9K9+CClp9hO1BW5WdZTDmzaL0zLvYzJECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTVGIJiJpV3y/PgWmCtpPLcSA4zpDAfBgNVHSMEGDAWgBREp+WjPZxall2f
v97s3Ica8KXU+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JLZmxvejJjV3BaZG43X2U3TnlIR3ZDbDFQZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvMGQ4MDg4LWVhOTMtNGFiYi04OTk2LTIxY2Y1NmNiY2UxMi8x
LzFSaUNZaWFWZDh2ejRGcGdyYVR5M0VnT002US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
MGQ4MDg4LWVhOTMtNGFiYi04OTk2LTIxY2Y1NmNiY2UxMi8xL1JLZmxvejJjV3Ba
ZG43X2U3TnlIR3ZDbDFQZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMOK3TANBgkqhkiG9w0BAQsFAAOC
AQEAHdjrBMsUXYD+YxH1qbkzGkrIeuYMzwj1AIy90JGqV1Udd89SEy/mgZN6WErw
KSz2gXcl8wEqKLDTP/zJYaUYYnygVDVwOL54LCN0BWfg/x1E9suEMpMtAItylL1X
oj6kdSe19QcuGhVxIxGqgGMz4o1hsoxzltE8XCOmQdi1zhgNjrclxpdZ8CoNm/ce
kMhPMaqB4Q4Un4zZTdqS9DFQ3LaEd8sD/chxk63WTrUv005cJk/GxUBX/MlrUPnl
o4oVR16CUW41Pdl+cUePIrtNjeA1YwMhftgyuQOyUOdSiQ0+3ZTJmZUIiWSEKhLY
1pWObOIT+Y5lKkC1W1KfcuQZ4A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:45:09 2025 by rpki-client