Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/R53BGP878bt05XW0nXkob4yuBqM.roa
File: R53BGP878bt05XW0nXkob4yuBqM.roa (raw, json)
Hash identifier: t9njjC8OpvnmDfVO0+zXPB8W6gexJPM3K/AawQecPKk=
Subject key identifier: 47:9D:C1:18:FF:3B:F1:BB:74:E5:75:B4:9D:79:28:6F:8C:AE:06:A3
Certificate issuer: /CN=af0f5a9bd2ad1e96865f00d08522b9aad3e91a4d
Certificate serial: 01856BDC6D2952E960A9A8A08F13023E0E8B
Authority key identifier: AF:0F:5A:9B:D2:AD:1E:96:86:5F:00:D0:85:22:B9:AA:D3:E9:1A:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rw9am9KtHpaGXwDQhSK5qtPpGk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/R53BGP878bt05XW0nXkob4yuBqM.roa
Signing time: Sun 01 Jan 2023 05:44:45 +0000
ROA not before: Sun 01 Jan 2023 05:44:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39528
IP address blocks: 195.60.225.0/24 maxlen: 24
195.60.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:6d:29:52:e9:60:a9:a8:a0:8f:13:02:3e:0e:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af0f5a9bd2ad1e96865f00d08522b9aad3e91a4d
Validity
Not Before: Jan 1 05:44:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=479dc118ff3bf1bb74e575b49d79286f8cae06a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ec:f3:79:ec:9b:8e:4c:85:0c:09:8e:18:26:
ff:e9:40:d4:ea:5a:39:45:f5:4b:27:66:53:d4:42:
4a:6b:a2:c5:e3:2c:8c:33:59:05:2b:db:87:2c:c2:
6a:69:16:ab:21:87:1e:03:e5:71:f6:2f:c7:14:2c:
31:da:b2:e6:d2:1b:89:f9:d0:ef:ac:e5:d7:57:41:
b1:7d:6e:ca:84:cc:d6:60:34:c7:d5:87:1b:99:2d:
dd:9c:57:61:8d:f5:f9:c9:e1:4b:9b:10:ca:fc:8c:
89:35:86:41:36:f5:f7:7b:2d:48:d8:eb:31:1f:0e:
2c:e3:9f:5e:7c:c4:e7:76:82:0a:c6:50:13:8f:71:
02:db:f7:77:49:05:d5:9e:ec:34:5f:0b:ca:fe:45:
fb:24:10:93:9b:92:8d:f3:ce:4a:37:47:db:5e:c7:
60:9d:7d:55:6f:cd:f0:75:23:02:4b:ce:6c:4c:33:
fa:12:7b:59:47:c3:ef:55:d1:aa:8a:16:49:b7:ee:
06:6a:31:1e:4f:5a:c1:ff:a0:47:db:0d:9c:ab:00:
5c:ed:d8:9d:3c:ca:80:cc:a2:80:e8:00:ba:ab:12:
0b:cf:cb:b4:8f:03:ea:61:30:23:66:07:ea:83:87:
4a:d5:64:a3:f3:19:fa:89:af:db:3f:3e:1a:3e:33:
be:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9D:C1:18:FF:3B:F1:BB:74:E5:75:B4:9D:79:28:6F:8C:AE:06:A3
X509v3 Authority Key Identifier:
keyid:AF:0F:5A:9B:D2:AD:1E:96:86:5F:00:D0:85:22:B9:AA:D3:E9:1A:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rw9am9KtHpaGXwDQhSK5qtPpGk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/R53BGP878bt05XW0nXkob4yuBqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/6ad9b8-9f0e-4ad0-a220-3ac3b6737042/1/rw9am9KtHpaGXwDQhSK5qtPpGk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.60.224.0/23
Signature Algorithm: sha256WithRSAEncryption
76:c6:11:9c:0a:9f:d6:e9:13:fb:b8:32:5f:00:03:a3:e1:f8:
a3:79:20:d7:ce:d6:61:61:cd:ed:37:26:fd:47:ed:aa:f0:34:
cc:f8:30:73:3b:6b:5e:42:31:0f:1b:f1:5a:ce:d7:dc:4c:0b:
f7:66:19:50:a7:b3:ab:6e:14:73:a0:d0:0e:67:c4:b5:53:79:
c6:bd:9c:2d:99:05:4c:db:4f:c4:64:50:2a:f5:75:65:4b:8c:
09:4e:c9:5f:bd:08:45:8d:c7:30:c8:ef:e8:0e:e9:13:e0:06:
12:91:a0:9e:81:9d:ce:d7:b6:ca:30:62:56:19:54:d9:a7:83:
82:89:5c:0f:64:47:cd:c0:7c:e2:21:3b:a9:18:91:29:e3:fb:
af:f6:22:d2:34:e5:b8:91:eb:f3:49:ea:0f:d6:ff:96:e9:2e:
a7:2f:be:31:57:92:7d:0d:19:ed:11:9b:22:f2:e4:03:91:27:
e4:db:9e:7f:66:0e:e9:38:e8:31:39:93:e9:87:03:a1:4f:24:
b1:4e:68:b2:9a:bd:ae:21:3d:b7:3d:cc:50:f4:c8:49:6e:16:
d2:93:cc:89:7f:bb:a6:21:9a:07:f2:17:ff:0b:fd:93:c0:8d:
81:bb:6e:15:ed:a8:f4:ae:a5:dc:32:e2:8a:da:99:31:e7:4b:
6c:4f:62:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr3G0pUulgqaigjxMCPg6LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMGY1YTliZDJhZDFlOTY4NjVmMDBkMDg1MjJiOWFhZDNl
OTFhNGQwHhcNMjMwMTAxMDU0NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzlkYzExOGZmM2JmMWJiNzRlNTc1YjQ5ZDc5Mjg2ZjhjYWUwNmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOzzeeybjkyFDAmOGCb/6UDU6lo5
RfVLJ2ZT1EJKa6LF4yyMM1kFK9uHLMJqaRarIYceA+Vx9i/HFCwx2rLm0huJ+dDv
rOXXV0GxfW7KhMzWYDTH1YcbmS3dnFdhjfX5yeFLmxDK/IyJNYZBNvX3ey1I2Osx
Hw4s459efMTndoIKxlATj3EC2/d3SQXVnuw0XwvK/kX7JBCTm5KN885KN0fbXsdg
nX1Vb83wdSMCS85sTDP6EntZR8PvVdGqihZJt+4GajEeT1rB/6BH2w2cqwBc7did
PMqAzKKA6AC6qxILz8u0jwPqYTAjZgfqg4dK1WSj8xn6ia/bPz4aPjO+uQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEedwRj/O/G7dOV1tJ15KG+MrgajMB8GA1UdIwQY
MBaAFK8PWpvSrR6Whl8A0IUiuarT6RpNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnc5YW05S3RIcGFHWHdEUWhTSzVxdFBwR2swLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS82YWQ5YjgtOWYwZS00YWQwLWEyMjAt
M2FjM2I2NzM3MDQyLzEvUjUzQkdQODc4YnQwNVhXMG5Ya29iNHl1QnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS82YWQ5YjgtOWYwZS00YWQwLWEyMjAtM2FjM2I2NzM3MDQy
LzEvcnc5YW05S3RIcGFHWHdEUWhTSzVxdFBwR2swLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwzzgMA0G
CSqGSIb3DQEBCwUAA4IBAQB2xhGcCp/W6RP7uDJfAAOj4fijeSDXztZhYc3tNyb9
R+2q8DTM+DBzO2teQjEPG/FaztfcTAv3ZhlQp7OrbhRzoNAOZ8S1U3nGvZwtmQVM
20/EZFAq9XVlS4wJTslfvQhFjccwyO/oDukT4AYSkaCegZ3O17bKMGJWGVTZp4OC
iVwPZEfNwHziITupGJEp4/uv9iLSNOW4kevzSeoP1v+W6S6nL74xV5J9DRntEZsi
8uQDkSfk255/Zg7pOOgxOZPphwOhTySxTmiymr2uIT23PcxQ9MhJbhbSk8yJf7um
IZoH8hf/C/2TwI2Bu24V7aj0rqXcMuKK2pkx50tsT2KW
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:36:21 2025 by rpki-client