Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/705d00-25a1-4bab-9ba4-4353cd82d57b/1/uD_yiqrIdgxKWkhP1kqHu6AYhMQ.roa
File: uD_yiqrIdgxKWkhP1kqHu6AYhMQ.roa (raw, json)
Hash identifier: MFBzp2BH2XO/U24wlYUF+QuI8loOChOClS39HULI5NI=
Subject key identifier: B8:3F:F2:8A:AA:C8:76:0C:4A:5A:48:4F:D6:4A:87:BB:A0:18:84:C4
Certificate issuer: /CN=ae9488913d73479783da7bf56b164e5c84d4fc6a
Certificate serial: 0185718C32F9587A8313BD0EE8F44076552B
Authority key identifier: AE:94:88:91:3D:73:47:97:83:DA:7B:F5:6B:16:4E:5C:84:D4:FC:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rpSIkT1zR5eD2nv1axZOXITU_Go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/705d00-25a1-4bab-9ba4-4353cd82d57b/1/uD_yiqrIdgxKWkhP1kqHu6AYhMQ.roa
Signing time: Mon 02 Jan 2023 08:14:51 +0000
ROA not before: Mon 02 Jan 2023 08:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48387
IP address blocks: 195.88.60.0/23 maxlen: 24
2001:67c:10a8::/47 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:32:f9:58:7a:83:13:bd:0e:e8:f4:40:76:55:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae9488913d73479783da7bf56b164e5c84d4fc6a
Validity
Not Before: Jan 2 08:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b83ff28aaac8760c4a5a484fd64a87bba01884c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:7c:0f:79:35:d2:2f:e3:e5:ac:f5:4d:3f:50:
50:45:ef:db:69:cf:0b:33:c9:58:dc:1e:e0:dc:64:
6b:63:1e:7b:53:29:5d:2c:77:af:ed:ed:6b:bc:67:
54:79:79:46:20:73:d5:c7:0f:1f:57:45:3e:45:0c:
06:4a:22:cb:e3:dc:91:ba:ba:81:80:85:c1:75:03:
7d:57:ed:a7:17:2e:c0:00:bc:6a:e3:23:fc:e1:1b:
74:49:4b:66:b8:f7:2e:c2:0e:68:84:6c:e3:a0:ff:
95:e3:75:f7:02:c7:ca:e5:44:a3:33:f6:0d:cf:ed:
e5:c0:30:67:56:26:51:eb:70:84:db:77:ed:be:87:
cf:d1:8f:23:d5:a4:e2:a3:ef:3f:dd:47:e5:f9:b3:
c5:b6:74:f8:5a:63:2d:ec:9a:0d:dd:20:be:83:6f:
13:7a:19:04:ae:e1:86:a8:0f:66:fd:72:ea:a1:65:
49:8d:cc:23:30:4d:ff:7d:c5:27:0f:22:a1:98:ab:
a7:75:d2:43:b9:e0:bf:c1:73:06:bf:a3:00:15:69:
7a:ec:e7:b0:16:c4:90:7d:ec:19:16:33:64:56:43:
01:06:37:b5:84:3f:b8:a6:b9:70:99:76:20:0b:db:
1e:3d:d8:ff:75:34:fe:7e:f6:64:d7:0b:88:4a:e4:
66:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:3F:F2:8A:AA:C8:76:0C:4A:5A:48:4F:D6:4A:87:BB:A0:18:84:C4
X509v3 Authority Key Identifier:
keyid:AE:94:88:91:3D:73:47:97:83:DA:7B:F5:6B:16:4E:5C:84:D4:FC:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rpSIkT1zR5eD2nv1axZOXITU_Go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/705d00-25a1-4bab-9ba4-4353cd82d57b/1/uD_yiqrIdgxKWkhP1kqHu6AYhMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/705d00-25a1-4bab-9ba4-4353cd82d57b/1/rpSIkT1zR5eD2nv1axZOXITU_Go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.60.0/23
IPv6:
2001:67c:10a8::/47
Signature Algorithm: sha256WithRSAEncryption
73:73:b2:a4:81:5d:8d:9f:2e:aa:9e:9f:cd:a2:63:f9:9b:8f:
d2:7b:48:a3:ab:da:43:88:ba:42:5f:8e:4c:36:57:a5:56:7c:
f7:3a:cf:1d:e7:d4:dd:47:1d:bc:a5:4a:b7:3e:27:9e:58:9b:
ac:b2:e3:5a:50:80:98:68:ea:42:16:aa:da:65:09:41:42:36:
52:67:f3:8e:3d:88:24:18:a5:e9:f4:fc:a9:44:fc:71:c0:77:
66:09:77:e9:6a:c1:7e:c5:c1:a4:68:96:e5:5a:35:f0:eb:58:
a7:9d:60:1c:87:08:ec:6d:f4:9f:26:1c:57:7f:ec:bd:81:68:
b0:a3:dd:cd:53:07:4f:98:84:ee:17:8b:55:a2:30:4c:e9:f0:
44:1f:9f:ed:68:b4:fe:60:08:2b:e9:c9:61:87:2c:ee:33:e4:
53:9f:fb:6e:a4:76:2c:a7:22:ee:51:81:72:42:af:a4:df:85:
3f:38:d4:6b:a1:c1:1a:6a:d8:2d:2c:ff:0f:d9:7b:39:85:2a:
f2:c5:fe:30:65:85:b2:19:57:77:e5:b9:77:c4:da:91:0b:79:
fe:7f:c4:3c:c5:20:18:f1:32:e9:f4:13:ce:15:37:a9:fb:96:
09:9c:70:38:74:7b:87:61:05:40:a8:6f:90:7c:ff:ec:15:29:
3c:4d:e4:df
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVxjDL5WHqDE70O6PRAdlUrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlOTQ4ODkxM2Q3MzQ3OTc4M2RhN2JmNTZiMTY0ZTVjODRk
NGZjNmEwHhcNMjMwMTAyMDgxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODNmZjI4YWFhYzg3NjBjNGE1YTQ4NGZkNjRhODdiYmEwMTg4NGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHwPeTXSL+PlrPVNP1BQRe/bac8L
M8lY3B7g3GRrYx57UyldLHev7e1rvGdUeXlGIHPVxw8fV0U+RQwGSiLL49yRurqB
gIXBdQN9V+2nFy7AALxq4yP84Rt0SUtmuPcuwg5ohGzjoP+V43X3AsfK5USjM/YN
z+3lwDBnViZR63CE23ftvofP0Y8j1aTio+8/3Ufl+bPFtnT4WmMt7JoN3SC+g28T
ehkEruGGqA9m/XLqoWVJjcwjME3/fcUnDyKhmKunddJDueC/wXMGv6MAFWl67Oew
FsSQfewZFjNkVkMBBje1hD+4prlwmXYgC9sePdj/dTT+fvZk1wuISuRm9wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLg/8oqqyHYMSlpIT9ZKh7ugGITEMB8GA1UdIwQY
MBaAFK6UiJE9c0eXg9p79WsWTlyE1PxqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnBTSWtUMXpSNWVEMm52MWF4Wk9YSVRVX0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC83MDVkMDAtMjVhMS00YmFiLTliYTQt
NDM1M2NkODJkNTdiLzEvdURfeWlxcklkZ3hLV2toUDFrcUh1NkFZaE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC83MDVkMDAtMjVhMS00YmFiLTliYTQtNDM1M2NkODJkNTdi
LzEvcnBTSWtUMXpSNWVEMm52MWF4Wk9YSVRVX0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBw1g8MA8E
AgACMAkDBwEgAQZ8EKgwDQYJKoZIhvcNAQELBQADggEBAHNzsqSBXY2fLqqen82i
Y/mbj9J7SKOr2kOIukJfjkw2V6VWfPc6zx3n1N1HHbylSrc+J55Ym6yy41pQgJho
6kIWqtplCUFCNlJn8449iCQYpen0/KlE/HHAd2YJd+lqwX7FwaRoluVaNfDrWKed
YByHCOxt9J8mHFd/7L2BaLCj3c1TB0+YhO4Xi1WiMEzp8EQfn+1otP5gCCvpyWGH
LO4z5FOf+26kdiynIu5RgXJCr6TfhT841GuhwRpq2C0s/w/ZezmFKvLF/jBlhbIZ
V3fluXfE2pELef5/xDzFIBjxMun0E84VN6n7lgmccDh0e4dhBUCob5B8/+wVKTxN
5N8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:13 2025 by rpki-client