Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/d6d1be-10d9-4a3a-bd14-0a830d01afd1/1/I8LGjC3ACUZqK1GcBU5t1fE3pYM.roa
File: I8LGjC3ACUZqK1GcBU5t1fE3pYM.roa (raw, json)
Hash identifier: 7a8BZ+uaHyL6aliNkMk0U4K+kklHKCnPZK8Ox46OCnA=
Subject key identifier: 23:C2:C6:8C:2D:C0:09:46:6A:2B:51:9C:05:4E:6D:D5:F1:37:A5:83
Certificate issuer: /CN=5960e6cd1b1b0063b1890f780745c245606dcf73
Certificate serial: 41F74D46
Authority key identifier: 59:60:E6:CD:1B:1B:00:63:B1:89:0F:78:07:45:C2:45:60:6D:CF:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WWDmzRsbAGOxiQ94B0XCRWBtz3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/d6d1be-10d9-4a3a-bd14-0a830d01afd1/1/I8LGjC3ACUZqK1GcBU5t1fE3pYM.roa
Signing time: Sat 01 Jan 2022 06:06:14 +0000
ROA not before: Sat 01 Jan 2022 06:06:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42160
IP address blocks: 195.225.222.0/23 maxlen: 23
195.225.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1106726214 (0x41f74d46)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5960e6cd1b1b0063b1890f780745c245606dcf73
Validity
Not Before: Jan 1 06:06:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23c2c68c2dc009466a2b519c054e6dd5f137a583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6f:e4:f5:88:de:54:d9:04:97:0c:af:7b:ef:
23:af:4d:9a:f5:a0:39:19:bb:6c:20:54:59:93:8f:
91:c1:b6:03:f2:a6:eb:46:7f:e7:ee:02:d1:0d:ab:
cc:b5:28:b8:60:55:ff:b6:89:2e:12:6b:c0:e9:25:
8c:39:c0:de:12:2e:51:2c:b5:ad:21:08:0b:20:41:
e5:fd:40:ba:8a:81:03:60:8e:f0:a0:c9:4d:ed:1d:
6a:b3:20:69:fd:eb:a1:43:2d:10:33:ff:77:d1:b2:
06:23:b8:c1:4e:3b:cb:6d:a8:74:dc:52:e9:8d:c7:
e7:c6:b8:19:dd:63:f7:57:2a:83:fb:c1:26:78:c7:
a1:7c:35:7c:68:98:9b:44:90:4c:51:6c:ac:f5:ce:
14:08:40:d6:ac:e7:aa:af:86:b1:09:ae:32:fb:a6:
21:58:f4:8d:26:f5:81:ce:aa:55:df:32:45:46:42:
0a:7b:25:c7:7f:2f:76:d2:a1:2f:a7:a1:2e:a1:b3:
60:d3:e5:32:2d:47:4d:49:f4:d8:1f:71:36:a9:d7:
0a:6c:41:ac:df:b5:db:b8:e0:8f:22:86:27:9b:e1:
b0:3b:87:86:09:eb:5b:86:87:37:03:41:bf:34:0a:
0f:ef:25:5d:b5:49:4c:59:a7:63:9f:3b:9f:f2:01:
6d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C2:C6:8C:2D:C0:09:46:6A:2B:51:9C:05:4E:6D:D5:F1:37:A5:83
X509v3 Authority Key Identifier:
keyid:59:60:E6:CD:1B:1B:00:63:B1:89:0F:78:07:45:C2:45:60:6D:CF:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WWDmzRsbAGOxiQ94B0XCRWBtz3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/d6d1be-10d9-4a3a-bd14-0a830d01afd1/1/I8LGjC3ACUZqK1GcBU5t1fE3pYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/d6d1be-10d9-4a3a-bd14-0a830d01afd1/1/WWDmzRsbAGOxiQ94B0XCRWBtz3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.221.0-195.225.223.255
Signature Algorithm: sha256WithRSAEncryption
40:29:ae:c7:20:52:0e:44:fe:21:41:66:af:6b:16:d7:b9:5b:
d9:ff:c5:94:9f:20:a7:ac:98:1e:4b:29:79:9d:97:cb:db:fb:
f4:d5:44:0a:03:fe:a9:8c:1c:ba:a7:94:ba:0a:72:5b:30:0d:
d2:eb:8a:a5:c3:47:b7:0e:91:a5:b2:1a:40:db:85:93:bb:0c:
92:a9:52:a9:94:26:18:87:d3:4c:ce:42:84:b1:03:37:f2:26:
26:fa:36:f9:f0:96:b5:8c:c7:52:19:16:b3:ea:25:8f:8e:14:
cb:f4:87:13:82:7b:24:a7:5f:7c:6c:cc:fa:df:e7:9a:c9:ea:
a7:7e:b9:65:49:c4:9d:ae:30:d6:7b:16:5d:d0:12:76:3c:2d:
d7:14:69:80:33:0e:ef:86:66:53:66:89:a7:18:bc:73:f7:5c:
24:89:f9:b4:e3:45:9b:94:66:db:cb:52:28:fd:fb:1b:0d:3a:
27:fe:8f:2c:4d:94:57:44:35:05:44:ab:61:46:c0:32:c3:05:
1d:4f:43:94:37:aa:df:b8:8a:94:0a:65:1b:40:31:09:ed:e0:
07:81:9a:cd:e2:f4:02:7b:25:48:09:ce:d1:2e:65:05:9a:c5:
b1:cc:ac:6e:77:8a:6e:5a:36:e1:20:63:ac:d9:29:17:e2:63:
90:b4:c4:56
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEQfdNRjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OTYwZTZjZDFiMWIwMDYzYjE4OTBmNzgwNzQ1YzI0NTYwNmRjZjczMB4XDTIyMDEw
MTA2MDYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjNjMmM2OGMyZGMw
MDk0NjZhMmI1MTljMDU0ZTZkZDVmMTM3YTU4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpv5PWI3lTZBJcMr3vvI69NmvWgORm7bCBUWZOPkcG2A/Km
60Z/5+4C0Q2rzLUouGBV/7aJLhJrwOkljDnA3hIuUSy1rSEICyBB5f1AuoqBA2CO
8KDJTe0darMgaf3roUMtEDP/d9GyBiO4wU47y22odNxS6Y3H58a4Gd1j91cqg/vB
JnjHoXw1fGiYm0SQTFFsrPXOFAhA1qznqq+GsQmuMvumIVj0jSb1gc6qVd8yRUZC
Cnslx38vdtKhL6ehLqGzYNPlMi1HTUn02B9xNqnXCmxBrN+127jgjyKGJ5vhsDuH
hgnrW4aHNwNBvzQKD+8lXbVJTFmnY587n/IBbZ8CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQjwsaMLcAJRmorUZwFTm3V8TelgzAfBgNVHSMEGDAWgBRZYObNGxsAY7GJ
D3gHRcJFYG3PczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dXRG16UnNiQUdPeGlROTRCMFhDUldCdHozTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvZDZkMWJlLTEwZDktNGEzYS1iZDE0LTBhODMwZDAxYWZkMS8x
L0k4TEdqQzNBQ1VacUsxR2NCVTV0MWZFM3BZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
ZDZkMWJlLTEwZDktNGEzYS1iZDE0LTBhODMwZDAxYWZkMS8xL1dXRG16UnNiQUdP
eGlROTRCMFhDUldCdHozTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAw+HdAwQFw+HAMA0GCSqGSIb3
DQEBCwUAA4IBAQBAKa7HIFIORP4hQWavaxbXuVvZ/8WUnyCnrJgeSyl5nZfL2/v0
1UQKA/6pjBy6p5S6CnJbMA3S64qlw0e3DpGlshpA24WTuwySqVKplCYYh9NMzkKE
sQM38iYm+jb58Ja1jMdSGRaz6iWPjhTL9IcTgnskp198bMz63+eayeqnfrllScSd
rjDWexZd0BJ2PC3XFGmAMw7vhmZTZomnGLxz91wkifm040WblGbby1Io/fsbDTon
/o8sTZRXRDUFRKthRsAywwUdT0OUN6rfuIqUCmUbQDEJ7eAHgZrN4vQCeyVICc7R
LmUFmsWxzKxud4puWjbhIGOs2SkX4mOQtMRW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:53 2025 by rpki-client