Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/4c3e19-a489-4e3a-a3a2-7e52e749c3ad/1/roheDPUgBWtIJ72WW5400qoBHCg.roa
File: roheDPUgBWtIJ72WW5400qoBHCg.roa (raw, json)
Hash identifier: S1tq4ZG9uei8xHkWqH7B1AU1j6sncUDGF1z7QcCwrDk=
Subject key identifier: AE:88:5E:0C:F5:20:05:6B:48:27:BD:96:5B:9E:34:D2:AA:01:1C:28
Certificate issuer: /CN=b587bc12eb2de29a1026b8f56be8d469f2f58cf3
Certificate serial: 01856F1D9B9F23C1E7DB25E5B5200D0541C8
Authority key identifier: B5:87:BC:12:EB:2D:E2:9A:10:26:B8:F5:6B:E8:D4:69:F2:F5:8C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tYe8Eust4poQJrj1a-jUafL1jPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/4c3e19-a489-4e3a-a3a2-7e52e749c3ad/1/roheDPUgBWtIJ72WW5400qoBHCg.roa
Signing time: Sun 01 Jan 2023 20:54:49 +0000
ROA not before: Sun 01 Jan 2023 20:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31481
IP address blocks: 195.225.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:9b:9f:23:c1:e7:db:25:e5:b5:20:0d:05:41:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b587bc12eb2de29a1026b8f56be8d469f2f58cf3
Validity
Not Before: Jan 1 20:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae885e0cf520056b4827bd965b9e34d2aa011c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:91:e4:de:06:7d:be:d0:75:8f:d1:91:8a:89:
6f:5d:34:bd:20:9a:96:99:fc:55:67:08:37:8b:b6:
d8:31:fe:02:0f:d0:3a:21:4c:1b:19:c8:bb:46:f9:
53:f1:05:d9:58:69:e8:73:e0:24:5d:c4:06:2a:7a:
13:53:f4:80:7b:95:62:f3:87:32:25:8f:b7:0f:b9:
59:3f:4a:79:d9:33:dc:0c:57:3d:b1:f6:75:5d:50:
f4:8e:99:d4:98:ae:83:f1:9b:06:6b:95:d5:10:a7:
92:2c:5e:84:3d:f9:95:95:9f:94:dd:d5:25:39:60:
38:02:1b:65:d8:ea:ef:34:68:86:e8:65:08:79:a5:
8a:2d:0e:94:05:be:90:04:44:0c:4b:eb:72:a1:d7:
43:a1:7c:3a:97:b8:06:c1:78:6e:52:74:48:e1:96:
a3:21:3b:95:45:19:15:6b:2d:6f:21:0a:26:33:ff:
d4:96:cf:9d:79:69:52:c6:8a:89:cd:80:ce:18:c4:
52:3f:08:98:00:ca:c3:49:bd:54:1f:ee:d5:45:d0:
78:a0:0c:af:7d:ae:16:fb:d7:53:1a:1a:b4:fb:a9:
91:d9:d0:11:59:c3:e5:4a:ac:1f:7e:4f:be:fa:ec:
6e:56:e3:ad:53:24:f9:59:5a:71:e4:d0:f4:4e:fd:
31:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:88:5E:0C:F5:20:05:6B:48:27:BD:96:5B:9E:34:D2:AA:01:1C:28
X509v3 Authority Key Identifier:
keyid:B5:87:BC:12:EB:2D:E2:9A:10:26:B8:F5:6B:E8:D4:69:F2:F5:8C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tYe8Eust4poQJrj1a-jUafL1jPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/4c3e19-a489-4e3a-a3a2-7e52e749c3ad/1/roheDPUgBWtIJ72WW5400qoBHCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/4c3e19-a489-4e3a-a3a2-7e52e749c3ad/1/tYe8Eust4poQJrj1a-jUafL1jPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.152.0/22
Signature Algorithm: sha256WithRSAEncryption
02:12:6f:2c:fb:50:87:49:d4:2f:39:83:e6:c3:bc:67:06:de:
1a:47:b1:6b:eb:9b:b8:39:c6:58:30:4b:d4:0a:3e:df:0c:c9:
1e:d4:09:b2:01:94:39:fe:82:81:6c:ce:79:db:2a:01:57:29:
3d:8b:7b:1e:12:c6:fc:27:3a:e4:13:db:cf:f1:a4:16:2c:2d:
4d:9e:72:8f:8f:04:7c:cb:6a:96:72:83:ed:6b:9a:57:08:60:
d0:c3:92:b7:81:70:18:62:14:af:46:4f:0c:17:78:76:93:fc:
86:82:13:ba:37:28:2c:03:f8:63:dd:98:4d:17:19:03:f2:ee:
0f:43:c2:0b:39:e9:7a:16:90:52:5a:6a:b8:62:d2:c1:f4:bf:
63:21:89:cc:9d:90:ae:d4:1f:80:f1:00:41:41:86:fa:99:df:
ed:01:02:64:0f:c1:c4:9e:ac:0b:b2:1e:3b:02:29:8d:0b:15:
98:2b:3f:30:5f:95:b1:49:38:8d:97:4d:12:7d:d2:10:8b:28:
01:53:3b:9c:30:72:17:84:d9:65:61:15:9c:0c:bc:6e:0c:15:
29:c5:fb:76:0d:05:a6:a7:04:81:e0:a6:07:44:b0:6e:5d:0e:
7c:c8:4a:9d:e7:ae:d2:6e:d9:19:bc:9b:86:ca:ff:b5:18:fe:
a1:a0:92:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHZufI8Hn2yXltSANBUHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1ODdiYzEyZWIyZGUyOWExMDI2YjhmNTZiZThkNDY5ZjJm
NThjZjMwHhcNMjMwMTAxMjA1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTg4NWUwY2Y1MjAwNTZiNDgyN2JkOTY1YjllMzRkMmFhMDExYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5Hk3gZ9vtB1j9GRiolvXTS9IJqW
mfxVZwg3i7bYMf4CD9A6IUwbGci7RvlT8QXZWGnoc+AkXcQGKnoTU/SAe5Vi84cy
JY+3D7lZP0p52TPcDFc9sfZ1XVD0jpnUmK6D8ZsGa5XVEKeSLF6EPfmVlZ+U3dUl
OWA4Ahtl2OrvNGiG6GUIeaWKLQ6UBb6QBEQMS+tyoddDoXw6l7gGwXhuUnRI4Zaj
ITuVRRkVay1vIQomM//Uls+deWlSxoqJzYDOGMRSPwiYAMrDSb1UH+7VRdB4oAyv
fa4W+9dTGhq0+6mR2dARWcPlSqwffk+++uxuVuOtUyT5WVpx5ND0Tv0xYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6IXgz1IAVrSCe9llueNNKqARwoMB8GA1UdIwQY
MBaAFLWHvBLrLeKaECa49Wvo1Gny9YzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFllOEV1c3Q0cG9RSnJqMWEtalVhZkwxalBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi80YzNlMTktYTQ4OS00ZTNhLWEzYTIt
N2U1MmU3NDljM2FkLzEvcm9oZURQVWdCV3RJSjcyV1c1NDAwcW9CSENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi80YzNlMTktYTQ4OS00ZTNhLWEzYTItN2U1MmU3NDljM2Fk
LzEvdFllOEV1c3Q0cG9RSnJqMWEtalVhZkwxalBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCw+GYMA0G
CSqGSIb3DQEBCwUAA4IBAQACEm8s+1CHSdQvOYPmw7xnBt4aR7Fr65u4OcZYMEvU
Cj7fDMke1AmyAZQ5/oKBbM552yoBVyk9i3seEsb8JzrkE9vP8aQWLC1NnnKPjwR8
y2qWcoPta5pXCGDQw5K3gXAYYhSvRk8MF3h2k/yGghO6NygsA/hj3ZhNFxkD8u4P
Q8ILOel6FpBSWmq4YtLB9L9jIYnMnZCu1B+A8QBBQYb6md/tAQJkD8HEnqwLsh47
AimNCxWYKz8wX5WxSTiNl00SfdIQiygBUzucMHIXhNllYRWcDLxuDBUpxft2DQWm
pwSB4KYHRLBuXQ58yEqd567SbtkZvJuGyv+1GP6hoJJa
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:58 2025 by rpki-client