Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/0jTzX0I2C9YxFeM6_BbzxPWYEhg.roa
File: 0jTzX0I2C9YxFeM6_BbzxPWYEhg.roa (raw, json)
Hash identifier: 7LbDJLyDWdifKO71ton/BjTWiEUGmYLbSjIJMx5O7Gg=
Subject key identifier: D2:34:F3:5F:42:36:0B:D6:31:15:E3:3A:FC:16:F3:C4:F5:98:12:18
Certificate issuer: /CN=af0f5a9bd2ad1e96865f00d08522b9aad3e91a4d
Certificate serial: 01856BDC6DDF0A74518C13854353882DC09E
Authority key identifier: AF:0F:5A:9B:D2:AD:1E:96:86:5F:00:D0:85:22:B9:AA:D3:E9:1A:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rw9am9KtHpaGXwDQhSK5qtPpGk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/0jTzX0I2C9YxFeM6_BbzxPWYEhg.roa
Signing time: Sun 01 Jan 2023 05:44:46 +0000
ROA not before: Sun 01 Jan 2023 05:44:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197498
IP address blocks: 195.60.227.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:6d:df:0a:74:51:8c:13:85:43:53:88:2d:c0:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af0f5a9bd2ad1e96865f00d08522b9aad3e91a4d
Validity
Not Before: Jan 1 05:44:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d234f35f42360bd63115e33afc16f3c4f5981218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:95:62:6b:90:1c:ba:3f:04:51:8d:23:ed:53:
bd:42:49:cc:64:b7:ed:4d:e1:29:8e:9c:46:be:ec:
15:57:0e:11:eb:40:40:99:46:fa:db:37:0b:40:80:
84:bb:77:d4:68:d7:34:cb:c8:e5:b7:d4:ea:8e:11:
7c:45:f8:4f:02:05:90:e6:b4:cd:f4:a4:57:77:1c:
54:6c:fe:da:91:ad:f8:38:37:43:54:35:d5:1c:ad:
e5:10:16:47:b0:c6:9d:e8:ca:a5:6b:8b:87:a3:ad:
ea:ab:36:fb:ad:c0:fc:e0:bb:57:c9:67:81:2d:6f:
bc:7a:20:69:21:6c:c8:63:9d:59:03:d4:0a:30:f5:
42:b3:3f:06:22:d0:13:ba:ab:52:de:05:d4:ca:cc:
de:a0:a6:22:8d:c3:a2:6f:5f:d4:ac:20:5a:d3:80:
68:25:77:c1:3b:85:30:85:f7:37:e1:cd:0f:25:eb:
63:53:08:d3:b2:55:43:28:43:8b:a7:99:f3:ee:11:
49:a8:b8:ba:90:de:e0:91:22:20:bc:52:3a:ff:86:
0f:4e:1c:d4:ab:ca:52:3b:bd:fd:12:08:bc:e8:41:
5a:9c:bb:cd:9f:57:5d:48:b6:81:66:28:fb:58:3a:
00:c6:6a:60:07:39:d7:0f:a0:3d:80:96:d5:79:35:
1f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:34:F3:5F:42:36:0B:D6:31:15:E3:3A:FC:16:F3:C4:F5:98:12:18
X509v3 Authority Key Identifier:
keyid:AF:0F:5A:9B:D2:AD:1E:96:86:5F:00:D0:85:22:B9:AA:D3:E9:1A:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rw9am9KtHpaGXwDQhSK5qtPpGk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/0jTzX0I2C9YxFeM6_BbzxPWYEhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/rw9am9KtHpaGXwDQhSK5qtPpGk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.227.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:99:61:d2:9d:74:e9:13:b7:ef:d5:ad:53:26:ba:f3:2c:e0:
df:ae:56:e9:d8:f3:d3:d5:a3:53:74:c2:3e:a9:5d:1d:ce:94:
3e:3e:36:51:31:9a:19:18:36:20:c1:a1:79:35:cd:a6:0e:1d:
f4:31:af:4f:10:72:94:8b:cf:2f:a2:47:26:54:2b:2b:4e:b1:
50:ed:9e:a6:6c:75:1e:2e:df:55:61:5e:31:d6:d1:01:8b:cb:
59:88:b4:c2:8c:83:65:03:fe:b2:f6:41:c4:06:fb:58:cc:b6:
1d:41:13:22:29:38:b3:30:32:f5:a8:18:10:ca:10:de:5a:b5:
85:83:79:13:42:7d:4a:6e:e9:fe:d0:44:e1:bb:7a:0d:0c:e5:
cd:1e:62:a0:4e:63:e7:cf:15:47:26:bc:7b:2c:97:cb:7d:07:
78:5c:a8:29:ab:b7:76:22:a9:8a:f3:d9:46:d6:e2:26:b3:93:
32:95:3f:85:52:0c:16:dd:9b:78:6d:74:56:2e:b0:ac:19:c8:
de:7d:af:32:7b:fb:64:f8:50:61:a6:ef:65:21:5c:02:6c:3a:
3e:3a:53:1b:eb:98:c9:d2:ed:98:64:d8:85:6e:09:3e:de:1c:
6a:59:73:8c:8f:59:49:5a:10:64:b8:d5:95:1c:1a:a0:bd:9c:
9a:85:6e:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr3G3fCnRRjBOFQ1OILcCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMGY1YTliZDJhZDFlOTY4NjVmMDBkMDg1MjJiOWFhZDNl
OTFhNGQwHhcNMjMwMTAxMDU0NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjM0ZjM1ZjQyMzYwYmQ2MzExNWUzM2FmYzE2ZjNjNGY1OTgxMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZVia5Acuj8EUY0j7VO9QknMZLft
TeEpjpxGvuwVVw4R60BAmUb62zcLQICEu3fUaNc0y8jlt9TqjhF8RfhPAgWQ5rTN
9KRXdxxUbP7aka34ODdDVDXVHK3lEBZHsMad6Mqla4uHo63qqzb7rcD84LtXyWeB
LW+8eiBpIWzIY51ZA9QKMPVCsz8GItATuqtS3gXUyszeoKYijcOib1/UrCBa04Bo
JXfBO4Uwhfc34c0PJetjUwjTslVDKEOLp5nz7hFJqLi6kN7gkSIgvFI6/4YPThzU
q8pSO739Egi86EFanLvNn1ddSLaBZij7WDoAxmpgBznXD6A9gJbVeTUfIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNI0819CNgvWMRXjOvwW88T1mBIYMB8GA1UdIwQY
MBaAFK8PWpvSrR6Whl8A0IUiuarT6RpNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnc5YW05S3RIcGFHWHdEUWhTSzVxdFBwR2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS82YWQ5YjgtOWYwZS00YWQwLWEyMjAt
M2FjM2I2NzM3MDQyLzEvMGpUelgwSTJDOVl4RmVNNl9CYnp4UFdZRWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS82YWQ5YjgtOWYwZS00YWQwLWEyMjAtM2FjM2I2NzM3MDQy
LzEvcnc5YW05S3RIcGFHWHdEUWhTSzVxdFBwR2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzzjMA0G
CSqGSIb3DQEBCwUAA4IBAQC9mWHSnXTpE7fv1a1TJrrzLODfrlbp2PPT1aNTdMI+
qV0dzpQ+PjZRMZoZGDYgwaF5Nc2mDh30Ma9PEHKUi88vokcmVCsrTrFQ7Z6mbHUe
Lt9VYV4x1tEBi8tZiLTCjINlA/6y9kHEBvtYzLYdQRMiKTizMDL1qBgQyhDeWrWF
g3kTQn1Kbun+0EThu3oNDOXNHmKgTmPnzxVHJrx7LJfLfQd4XKgpq7d2IqmK89lG
1uIms5MylT+FUgwW3Zt4bXRWLrCsGcjefa8ye/tk+FBhpu9lIVwCbDo+OlMb65jJ
0u2YZNiFbgk+3hxqWXOMj1lJWhBkuNWVHBqgvZyahW7k
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:49:36 2025 by rpki-client