Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/09f968-781d-4d78-99f5-e8b0a9520660/1/juRSrq8J94SHsR7P-Wds9qnAB-w.roa
File: juRSrq8J94SHsR7P-Wds9qnAB-w.roa (raw, json)
Hash identifier: OiUrlR9b5VDFkgO0xYVvASVpew5+FePVGsXIIOJhY80=
Subject key identifier: 8E:E4:52:AE:AF:09:F7:84:87:B1:1E:CF:F9:67:6C:F6:A9:C0:07:EC
Certificate issuer: /CN=afaaa537aa667361129f763894fc8bfcbfdea96f
Certificate serial: 018A5FD51A943C65D94E2CD4AAD21B01154A
Authority key identifier: AF:AA:A5:37:AA:66:73:61:12:9F:76:38:94:FC:8B:FC:BF:DE:A9:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r6qlN6pmc2ESn3Y4lPyL_L_eqW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/09f968-781d-4d78-99f5-e8b0a9520660/1/juRSrq8J94SHsR7P-Wds9qnAB-w.roa
Signing time: Mon 04 Sep 2023 10:55:15 +0000
ROA not before: Mon 04 Sep 2023 10:55:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206260
IP address blocks: 195.18.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:d5:1a:94:3c:65:d9:4e:2c:d4:aa:d2:1b:01:15:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afaaa537aa667361129f763894fc8bfcbfdea96f
Validity
Not Before: Sep 4 10:55:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ee452aeaf09f78487b11ecff9676cf6a9c007ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8f:dd:c9:fd:a1:de:75:8c:41:5a:f5:97:b3:
c1:08:06:f5:cb:3d:9c:50:37:fc:1a:d6:c5:24:6a:
52:39:7e:61:26:20:26:a6:12:3a:07:b5:ae:df:07:
50:65:c4:6b:d6:0c:e7:a7:f9:28:76:50:5a:1a:00:
a7:11:27:5e:8b:b2:9b:67:c5:40:0e:6d:40:f6:32:
5c:ac:7d:21:6e:02:74:7a:d3:64:42:c1:94:fa:16:
c7:4c:69:ce:07:cc:11:24:42:2a:83:c6:2a:70:4e:
b3:a4:a2:c6:23:ad:f1:8a:49:e9:aa:de:39:24:a4:
77:4f:02:a8:02:5e:74:90:ca:75:66:fa:c7:7d:60:
ec:03:6d:a6:66:0e:c1:70:ee:b1:ba:d5:80:2e:00:
a9:05:bc:87:65:54:97:4a:2f:1c:b7:9a:ce:e1:44:
8c:d0:01:0b:60:6b:36:d5:ac:1e:ab:9d:50:cd:19:
d5:7d:e8:55:b1:d3:d1:ce:c9:3e:d5:81:c6:b4:b7:
6c:ac:68:b2:47:cd:82:9b:18:f7:4f:a3:d0:72:75:
ad:19:d9:0d:0e:75:8e:02:af:11:81:d2:99:59:db:
11:b1:d7:42:72:7b:cd:d6:65:8a:30:cd:17:33:ef:
27:15:f6:1e:93:2a:48:7b:d4:05:1a:d2:ec:a8:88:
d9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:E4:52:AE:AF:09:F7:84:87:B1:1E:CF:F9:67:6C:F6:A9:C0:07:EC
X509v3 Authority Key Identifier:
keyid:AF:AA:A5:37:AA:66:73:61:12:9F:76:38:94:FC:8B:FC:BF:DE:A9:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r6qlN6pmc2ESn3Y4lPyL_L_eqW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/09f968-781d-4d78-99f5-e8b0a9520660/1/juRSrq8J94SHsR7P-Wds9qnAB-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/09f968-781d-4d78-99f5-e8b0a9520660/1/r6qlN6pmc2ESn3Y4lPyL_L_eqW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.18.0.0/22
Signature Algorithm: sha256WithRSAEncryption
57:f7:04:da:51:3e:fa:f3:18:29:b5:dd:aa:d2:b1:ff:ec:20:
71:88:85:52:5c:40:6d:e0:0e:a9:d2:25:96:3a:5f:97:3d:2d:
72:92:23:11:52:b9:2d:d0:95:e4:39:72:40:74:f5:da:86:f2:
eb:a3:ae:91:76:df:4b:ab:96:a5:a5:08:6d:19:d7:e2:e2:39:
8d:dc:20:d3:82:5a:a1:f5:d9:fc:36:a2:2d:7f:1f:fd:79:f1:
5e:5b:13:88:b6:ea:b5:35:da:a5:52:3a:95:f5:dd:e3:bb:c9:
7c:d4:45:14:77:47:ad:5b:1d:66:7f:6f:c1:db:dc:e5:bc:8b:
4b:a1:9a:5f:97:08:d0:03:b8:52:63:01:64:c9:b3:c2:42:ba:
e9:84:15:5f:07:73:54:d6:1f:ff:47:c9:32:b1:e0:a7:38:3a:
62:ce:12:d4:08:6a:4a:05:bc:cb:2b:4e:3c:50:cf:2e:d7:38:
fc:ec:86:5b:87:9a:9f:dc:e8:79:2b:aa:06:ff:e3:d8:a8:bc:
f1:32:7c:13:75:8e:04:4a:f3:7f:30:06:0a:57:d8:44:68:57:
dd:72:1d:4f:01:14:c9:e6:c4:81:24:2d:15:26:ed:05:c0:52:
7c:89:e5:0e:86:39:9b:7f:1b:2f:0d:2d:1e:8b:c1:e8:31:82:
5b:ac:d0:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpf1RqUPGXZTizUqtIbARVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmYWFhNTM3YWE2NjczNjExMjlmNzYzODk0ZmM4YmZjYmZk
ZWE5NmYwHhcNMjMwOTA0MTA1NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWU0NTJhZWFmMDlmNzg0ODdiMTFlY2ZmOTY3NmNmNmE5YzAwN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Y/dyf2h3nWMQVr1l7PBCAb1yz2c
UDf8GtbFJGpSOX5hJiAmphI6B7Wu3wdQZcRr1gznp/kodlBaGgCnESdei7KbZ8VA
Dm1A9jJcrH0hbgJ0etNkQsGU+hbHTGnOB8wRJEIqg8YqcE6zpKLGI63xiknpqt45
JKR3TwKoAl50kMp1ZvrHfWDsA22mZg7BcO6xutWALgCpBbyHZVSXSi8ct5rO4USM
0AELYGs21aweq51QzRnVfehVsdPRzsk+1YHGtLdsrGiyR82Cmxj3T6PQcnWtGdkN
DnWOAq8RgdKZWdsRsddCcnvN1mWKMM0XM+8nFfYekypIe9QFGtLsqIjZ5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI7kUq6vCfeEh7Eez/lnbPapwAfsMB8GA1UdIwQY
MBaAFK+qpTeqZnNhEp92OJT8i/y/3qlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjZxbE42cG1jMkVTbjNZNGxQeUxfTF9lcVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8wOWY5NjgtNzgxZC00ZDc4LTk5ZjUt
ZThiMGE5NTIwNjYwLzEvanVSU3JxOEo5NFNIc1I3UC1XZHM5cW5BQi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8wOWY5NjgtNzgxZC00ZDc4LTk5ZjUtZThiMGE5NTIwNjYw
LzEvcjZxbE42cG1jMkVTbjNZNGxQeUxfTF9lcVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwxIAMA0G
CSqGSIb3DQEBCwUAA4IBAQBX9wTaUT768xgptd2q0rH/7CBxiIVSXEBt4A6p0iWW
Ol+XPS1ykiMRUrkt0JXkOXJAdPXahvLro66Rdt9Lq5alpQhtGdfi4jmN3CDTglqh
9dn8NqItfx/9efFeWxOItuq1NdqlUjqV9d3ju8l81EUUd0etWx1mf2/B29zlvItL
oZpflwjQA7hSYwFkybPCQrrphBVfB3NU1h//R8kyseCnODpizhLUCGpKBbzLK048
UM8u1zj87IZbh5qf3Oh5K6oG/+PYqLzxMnwTdY4ESvN/MAYKV9hEaFfdch1PARTJ
5sSBJC0VJu0FwFJ8ieUOhjmbfxsvDS0ei8HoMYJbrNAR
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:46 2025 by rpki-client