Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/faWTdGpseuXz7KrK-Tk1FhApQwQ.roa
File: faWTdGpseuXz7KrK-Tk1FhApQwQ.roa (raw, json)
Hash identifier: wOi9J8XELKDC/fwYpmGsjg/Fdz5hCBRfw/XeHr6jUUg=
Subject key identifier: 7D:A5:93:74:6A:6C:7A:E5:F3:EC:AA:CA:F9:39:35:16:10:29:43:04
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 01856ECB9D1A03A4884EF2A433441CD1C422
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/faWTdGpseuXz7KrK-Tk1FhApQwQ.roa
Signing time: Sun 01 Jan 2023 19:25:15 +0000
ROA not before: Sun 01 Jan 2023 19:25:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49227
IP address blocks: 195.123.1.0/24 maxlen: 24
195.123.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:9d:1a:03:a4:88:4e:f2:a4:33:44:1c:d1:c4:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jan 1 19:25:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7da593746a6c7ae5f3ecaacaf939351610294304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2e:2f:ac:94:1f:e1:a5:ec:13:58:68:44:f7:
41:ca:cb:c9:63:15:1e:a6:7a:26:bd:02:67:45:97:
b5:c3:7b:36:bb:ca:81:ec:f5:1e:89:48:d7:2b:a5:
4c:d6:2a:82:80:9c:de:61:a3:f8:84:68:e0:70:64:
67:df:45:24:59:26:6c:ac:3d:d7:0a:76:71:03:a2:
e7:75:a0:ac:79:7d:1c:09:85:39:4e:a6:a0:40:ec:
0c:70:f0:3f:a0:9c:ee:fc:61:c7:c4:ce:b9:38:5e:
07:9b:43:b4:40:85:a4:83:60:f6:d7:1c:d7:29:5e:
ce:77:b1:19:99:03:41:62:79:a9:23:07:e6:97:7f:
15:38:9e:91:e7:d6:50:ac:cd:cc:38:5b:59:4a:49:
0c:0f:60:39:51:f1:11:e1:c5:f9:1b:bd:4f:d6:7e:
f9:e7:6e:5e:d4:72:1c:80:76:26:be:63:aa:1d:5a:
3e:39:03:3e:2d:34:85:56:23:51:30:fd:ea:ee:36:
f5:70:eb:57:99:fa:a9:44:ba:5e:46:c6:b2:3b:da:
40:76:09:38:b9:ec:3e:37:f6:2c:26:8a:77:14:81:
55:14:84:3f:69:b1:f8:61:4d:e9:e3:da:a7:d8:74:
4e:7e:5c:61:6d:99:d4:2a:33:45:67:64:8d:35:4a:
43:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A5:93:74:6A:6C:7A:E5:F3:EC:AA:CA:F9:39:35:16:10:29:43:04
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/faWTdGpseuXz7KrK-Tk1FhApQwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.1.0/24
195.123.6.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:3f:fc:49:c2:75:0a:2f:f1:ce:37:eb:90:31:2d:0f:b7:49:
56:e5:c4:f2:bf:99:85:33:b9:09:c3:6d:13:be:03:92:a4:7b:
29:22:f8:95:14:e0:3a:18:29:0e:d9:e7:45:5b:28:32:2a:27:
b3:b1:da:61:6c:56:2c:99:1a:40:26:5f:5c:1e:70:5d:a1:ad:
f1:25:88:7e:9c:39:f6:d6:97:bf:70:d1:cf:ea:0c:aa:67:05:
d8:9e:8c:a4:1e:cb:f8:90:85:97:68:e2:9c:9c:ac:95:47:d3:
2f:6b:bc:f5:fa:15:f1:43:18:26:e4:5a:8a:86:50:37:5c:41:
cc:f9:06:1e:43:93:f5:84:02:cd:c7:75:31:6d:57:e2:2c:95:
59:59:7e:c8:7c:6b:be:e9:8f:66:e5:a4:ed:f7:62:23:36:8b:
d6:11:1e:4c:40:b4:2f:11:88:ba:49:73:64:64:00:c1:a9:7a:
da:b1:dd:bf:67:bc:82:2c:77:14:44:a1:4b:66:b2:76:3d:88:
91:96:b7:cb:e8:a3:da:7a:63:09:eb:dd:11:d4:bf:a2:a8:9b:
ad:0c:70:2e:7c:6d:de:dc:d6:75:bc:cb:7a:ef:88:bb:85:ff:
57:2d:af:63:37:a4:21:c2:15:8e:5d:8b:b9:d7:16:af:d1:16:
a6:db:0f:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuy50aA6SITvKkM0Qc0cQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjMwMTAxMTkyNTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGE1OTM3NDZhNmM3YWU1ZjNlY2FhY2FmOTM5MzUxNjEwMjk0MzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi4vrJQf4aXsE1hoRPdBysvJYxUe
pnomvQJnRZe1w3s2u8qB7PUeiUjXK6VM1iqCgJzeYaP4hGjgcGRn30UkWSZsrD3X
CnZxA6LndaCseX0cCYU5TqagQOwMcPA/oJzu/GHHxM65OF4Hm0O0QIWkg2D21xzX
KV7Od7EZmQNBYnmpIwfml38VOJ6R59ZQrM3MOFtZSkkMD2A5UfER4cX5G71P1n75
525e1HIcgHYmvmOqHVo+OQM+LTSFViNRMP3q7jb1cOtXmfqpRLpeRsayO9pAdgk4
uew+N/YsJop3FIFVFIQ/abH4YU3p49qn2HROflxhbZnUKjNFZ2SNNUpDyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH2lk3RqbHrl8+yqyvk5NRYQKUMEMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvZmFXVGRHcHNldVh6N0tySy1UazFGaEFwUXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw3sBAwQA
w3sGMA0GCSqGSIb3DQEBCwUAA4IBAQAcP/xJwnUKL/HON+uQMS0Pt0lW5cTyv5mF
M7kJw20TvgOSpHspIviVFOA6GCkO2edFWygyKiezsdphbFYsmRpAJl9cHnBdoa3x
JYh+nDn21pe/cNHP6gyqZwXYnoykHsv4kIWXaOKcnKyVR9Mva7z1+hXxQxgm5FqK
hlA3XEHM+QYeQ5P1hALNx3UxbVfiLJVZWX7IfGu+6Y9m5aTt92IjNovWER5MQLQv
EYi6SXNkZADBqXrasd2/Z7yCLHcURKFLZrJ2PYiRlrfL6KPaemMJ690R1L+iqJut
DHAufG3e3NZ1vMt674i7hf9XLa9jN6QhwhWOXYu51xav0Ram2w8J
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:47 2025 by rpki-client