Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/3Jaw2YKLIdQ7aVMxkXmv8sq3XbQ.roa
File: 3Jaw2YKLIdQ7aVMxkXmv8sq3XbQ.roa (raw, json)
Hash identifier: ftZNdrLQx9GHuOWmn32S1BBwUC/L7QWVipLRWUxj6dA=
Subject key identifier: DC:96:B0:D9:82:8B:21:D4:3B:69:53:31:91:79:AF:F2:CA:B7:5D:B4
Certificate issuer: /CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Certificate serial: 01856CAF40F818160EA76D252F30F0807D5B
Authority key identifier: 80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/3Jaw2YKLIdQ7aVMxkXmv8sq3XbQ.roa
Signing time: Sun 01 Jan 2023 09:35:02 +0000
ROA not before: Sun 01 Jan 2023 09:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21346
IP address blocks: 195.22.158.0/24 maxlen: 24
193.19.196.0/24 maxlen: 24
193.19.197.0/24 maxlen: 24
194.125.246.0/24 maxlen: 24
194.125.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:af:40:f8:18:16:0e:a7:6d:25:2f:30:f0:80:7d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8079afcba5a8762fb79f4e5e0d7a35ee84cd3df4
Validity
Not Before: Jan 1 09:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc96b0d9828b21d43b6953319179aff2cab75db4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:23:f9:61:04:3f:22:c4:1b:fc:40:96:66:ef:
b0:4e:5b:87:74:66:c0:0e:78:5a:7b:ef:a0:a2:6c:
44:3c:a7:21:2e:ef:02:ef:8f:40:8e:a1:0c:bd:54:
3d:83:bf:15:e0:83:5c:ce:da:a1:f8:da:29:73:19:
c3:ab:ca:24:8a:13:3e:8c:d8:37:60:ab:01:6b:34:
0a:d1:54:d6:69:43:5e:8f:50:bf:60:4a:8b:37:62:
16:c5:f5:05:c5:5e:2e:a7:1e:8b:db:11:88:d4:7a:
38:a2:54:9b:01:d4:df:31:ca:b1:f0:75:87:56:4d:
41:bd:db:93:b8:03:e5:96:06:29:51:43:31:0b:a4:
57:a5:4b:b7:a7:91:77:5f:f0:2e:5f:8e:7a:f8:09:
c4:ca:6b:67:1d:a2:d8:c0:ba:4e:ab:f9:02:b0:a0:
62:09:6b:b5:a7:d5:c4:c4:db:5d:d4:1f:83:85:56:
cd:5f:58:3c:4b:55:74:95:a7:44:aa:a8:42:da:a9:
44:f2:c1:44:d1:33:b0:de:95:fb:4b:20:72:7a:73:
7a:d5:57:c4:ac:a5:0b:fb:7e:5b:ba:21:3f:70:91:
17:dc:f1:96:bd:4f:55:a1:9d:93:c8:b9:a5:30:ee:
f4:3d:e3:db:aa:d0:8f:0f:ca:49:b6:05:e0:12:b1:
b9:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:96:B0:D9:82:8B:21:D4:3B:69:53:31:91:79:AF:F2:CA:B7:5D:B4
X509v3 Authority Key Identifier:
keyid:80:79:AF:CB:A5:A8:76:2F:B7:9F:4E:5E:0D:7A:35:EE:84:CD:3D:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gHmvy6Wodi-3n05eDXo17oTNPfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/3Jaw2YKLIdQ7aVMxkXmv8sq3XbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d5eb6f-b781-4d52-8283-d2e10c97645f/1/gHmvy6Wodi-3n05eDXo17oTNPfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.196.0/23
194.125.246.0/23
195.22.158.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d7:8b:53:70:09:92:95:44:13:ce:ee:1a:a8:2d:8e:d0:b2:
97:c4:c7:0d:2a:d3:b9:dc:be:60:28:0e:ec:20:40:60:94:f3:
ea:4e:b6:aa:f3:0f:fc:9d:1b:0b:fa:eb:aa:de:ee:45:16:88:
cd:38:f9:d9:38:e4:a7:93:9e:d3:43:d8:18:1f:0e:d2:ce:46:
7c:31:34:8b:3f:71:6c:ad:a6:2f:15:32:4d:dc:a1:f1:a0:fa:
f8:71:de:9f:9e:49:d4:59:a3:aa:34:1a:1a:5c:25:06:55:9f:
07:ab:50:22:c9:61:37:6c:41:6c:08:22:25:a2:e2:0a:18:fc:
24:54:84:eb:80:93:c7:4d:3b:b0:e0:04:33:d4:6b:42:f1:96:
21:5c:91:45:b8:23:b0:e3:be:4a:48:4b:d8:d6:bb:06:c8:73:
1c:b1:13:3b:cf:d9:31:e2:3a:0e:cd:90:d4:82:3c:de:bc:57:
d3:4d:98:f1:2f:f1:80:a9:68:b5:e5:23:c6:d4:96:f8:74:e6:
38:58:93:34:d2:1d:a4:7f:d6:7a:88:b8:9e:79:48:6d:2f:44:
47:13:f4:12:47:92:04:11:68:c3:0b:78:9c:55:f4:98:de:66:
1d:7d:c3:5c:de:4c:32:07:f0:8b:57:67:23:b9:1b:e5:ce:a5:
aa:3d:9d:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsr0D4GBYOp20lLzDwgH1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNzlhZmNiYTVhODc2MmZiNzlmNGU1ZTBkN2EzNWVlODRj
ZDNkZjQwHhcNMjMwMTAxMDkzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzk2YjBkOTgyOGIyMWQ0M2I2OTUzMzE5MTc5YWZmMmNhYjc1ZGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiP5YQQ/IsQb/ECWZu+wTluHdGbA
Dnhae++gomxEPKchLu8C749AjqEMvVQ9g78V4INcztqh+NopcxnDq8okihM+jNg3
YKsBazQK0VTWaUNej1C/YEqLN2IWxfUFxV4upx6L2xGI1Ho4olSbAdTfMcqx8HWH
Vk1BvduTuAPllgYpUUMxC6RXpUu3p5F3X/AuX456+AnEymtnHaLYwLpOq/kCsKBi
CWu1p9XExNtd1B+DhVbNX1g8S1V0ladEqqhC2qlE8sFE0TOw3pX7SyByenN61VfE
rKUL+35buiE/cJEX3PGWvU9VoZ2TyLmlMO70PePbqtCPD8pJtgXgErG5xQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNyWsNmCiyHUO2lTMZF5r/LKt120MB8GA1UdIwQY
MBaAFIB5r8ulqHYvt59OXg16Ne6EzT30MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMt
ZDJlMTBjOTc2NDVmLzEvM0phdzJZS0xJZFE3YVZNeGtYbXY4c3EzWGJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9kNWViNmYtYjc4MS00ZDUyLTgyODMtZDJlMTBjOTc2NDVm
LzEvZ0htdnk2V29kaS0zbjA1ZURYbzE3b1ROUGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwRPEAwQB
wn32AwQAwxaeMA0GCSqGSIb3DQEBCwUAA4IBAQCZ14tTcAmSlUQTzu4aqC2O0LKX
xMcNKtO53L5gKA7sIEBglPPqTraq8w/8nRsL+uuq3u5FFojNOPnZOOSnk57TQ9gY
Hw7SzkZ8MTSLP3FsraYvFTJN3KHxoPr4cd6fnknUWaOqNBoaXCUGVZ8Hq1AiyWE3
bEFsCCIlouIKGPwkVITrgJPHTTuw4AQz1GtC8ZYhXJFFuCOw475KSEvY1rsGyHMc
sRM7z9kx4joOzZDUgjzevFfTTZjxL/GAqWi15SPG1Jb4dOY4WJM00h2kf9Z6iLie
eUhtL0RHE/QSR5IEEWjDC3icVfSY3mYdfcNc3kwyB/CLV2cjuRvlzqWqPZ3Z
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:11:54 2025 by rpki-client