Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/ImPoL2xPF0_GcnW3D5nbl0_R09A.roa
File: ImPoL2xPF0_GcnW3D5nbl0_R09A.roa (raw, json)
Hash identifier: 6Nb2w9bJT0FByUs99DcgDb0ByXKyJicBXR5cfBv+rv8=
Subject key identifier: 22:63:E8:2F:6C:4F:17:4F:C6:72:75:B7:0F:99:DB:97:4F:D1:D3:D0
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 018BD8953F7FCEFF162AA24B212EFD3C44EC
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/ImPoL2xPF0_GcnW3D5nbl0_R09A.roa
Signing time: Thu 16 Nov 2023 14:42:21 +0000
ROA not before: Thu 16 Nov 2023 14:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12663
IP address blocks: 195.232.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:95:3f:7f:ce:ff:16:2a:a2:4b:21:2e:fd:3c:44:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Nov 16 14:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2263e82f6c4f174fc67275b70f99db974fd1d3d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:27:84:f8:e5:97:33:b9:f9:ea:eb:fd:15:9c:
b4:77:2a:3d:ff:f7:78:27:8c:6b:43:45:46:1f:62:
bb:5b:f2:03:cf:70:52:65:ce:e6:4d:89:5e:87:ad:
ea:e5:d3:91:63:d8:a0:60:f3:e3:20:22:35:98:03:
04:59:72:d6:dc:68:37:d8:08:78:30:ca:3f:12:5a:
4f:c8:56:dc:ad:bd:62:45:1d:7f:a7:33:bf:d9:dd:
b2:36:b0:d6:02:cc:5e:3e:86:d1:b5:d6:c7:6f:23:
cd:35:b0:d5:5c:cc:3c:09:c1:ff:59:fe:6e:f5:8c:
bd:de:08:4e:25:4c:a3:e7:19:6f:d5:4a:ab:4f:15:
24:a7:bf:50:f3:e0:59:13:52:06:b3:ef:61:ab:f1:
91:9a:f4:3c:73:cd:a9:6e:b5:44:3c:19:af:78:01:
6e:a3:49:f0:86:c3:f6:b6:03:a7:f8:ac:f4:d7:cf:
c7:fe:5f:4a:d5:52:e4:01:8f:3c:7e:78:d0:8a:51:
f5:90:98:ee:cf:17:6d:4b:83:22:5d:26:39:54:f0:
be:ae:0c:7b:e1:e5:6e:34:9f:eb:69:2c:39:03:ca:
69:ee:dd:26:1e:99:5f:d6:c2:37:83:67:a9:48:9d:
51:f4:00:04:13:d4:07:d4:5b:79:c5:ad:78:d8:a9:
df:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:63:E8:2F:6C:4F:17:4F:C6:72:75:B7:0F:99:DB:97:4F:D1:D3:D0
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/ImPoL2xPF0_GcnW3D5nbl0_R09A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.232.128.0/17
Signature Algorithm: sha256WithRSAEncryption
57:ca:7c:e0:9f:aa:82:42:1c:be:39:f9:d2:b8:20:a9:f8:39:
72:da:2e:1b:79:a8:4a:40:d5:60:d4:ee:4e:94:1c:68:5a:95:
ae:94:98:ce:43:1d:5e:83:19:8f:35:de:12:59:88:7f:79:a5:
69:10:c1:80:a8:77:31:84:4a:0a:19:98:75:ce:f6:ac:43:cf:
df:e1:99:9f:27:54:48:ce:4d:78:ee:6b:09:09:62:bc:5f:ab:
80:c4:c8:f7:42:1e:e5:00:03:0a:47:86:d7:56:28:7b:14:b1:
b8:72:14:01:06:55:76:99:a1:a6:4b:2e:72:35:96:25:36:b6:
39:5a:13:e7:fd:ea:a2:cb:ce:33:98:fe:d2:f0:15:99:29:ef:
3f:55:56:ed:46:8d:a4:fa:47:12:4a:0a:7a:e1:51:31:8c:05:
84:56:37:06:4c:aa:14:36:f7:61:a5:70:c9:bc:cf:a2:6e:0c:
98:16:86:4f:e9:8d:ee:c8:6e:6c:c8:ca:d6:59:8b:66:22:de:
1c:59:fe:26:a3:4d:a6:89:b0:bd:9a:0f:4d:e5:a5:de:4e:9b:
96:3c:dd:4e:66:db:0e:b0:49:f8:65:50:d1:18:13:6e:81:16:
f0:e9:d5:3b:89:f0:68:6c:ee:26:a7:3a:13:57:13:5f:7a:f9:
91:51:f9:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvYlT9/zv8WKqJLIS79PETsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjMxMTE2MTQ0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjYzZTgyZjZjNGYxNzRmYzY3Mjc1YjcwZjk5ZGI5NzRmZDFkM2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoieE+OWXM7n56uv9FZy0dyo9//d4
J4xrQ0VGH2K7W/IDz3BSZc7mTYleh63q5dORY9igYPPjICI1mAMEWXLW3Gg32Ah4
MMo/ElpPyFbcrb1iRR1/pzO/2d2yNrDWAsxePobRtdbHbyPNNbDVXMw8CcH/Wf5u
9Yy93ghOJUyj5xlv1UqrTxUkp79Q8+BZE1IGs+9hq/GRmvQ8c82pbrVEPBmveAFu
o0nwhsP2tgOn+Kz018/H/l9K1VLkAY88fnjQilH1kJjuzxdtS4MiXSY5VPC+rgx7
4eVuNJ/raSw5A8pp7t0mHplf1sI3g2epSJ1R9AAEE9QH1Ft5xa142KnfVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJj6C9sTxdPxnJ1tw+Z25dP0dPQMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvSW1Qb0wyeFBGMF9HY25XM0Q1bmJsMF9SMDlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHw+iAMA0G
CSqGSIb3DQEBCwUAA4IBAQBXynzgn6qCQhy+OfnSuCCp+Dly2i4beahKQNVg1O5O
lBxoWpWulJjOQx1egxmPNd4SWYh/eaVpEMGAqHcxhEoKGZh1zvasQ8/f4ZmfJ1RI
zk147msJCWK8X6uAxMj3Qh7lAAMKR4bXVih7FLG4chQBBlV2maGmSy5yNZYlNrY5
WhPn/eqiy84zmP7S8BWZKe8/VVbtRo2k+kcSSgp64VExjAWEVjcGTKoUNvdhpXDJ
vM+ibgyYFoZP6Y3uyG5syMrWWYtmIt4cWf4mo02mibC9mg9N5aXeTpuWPN1OZtsO
sEn4ZVDRGBNugRbw6dU7ifBobO4mpzoTVxNfevmRUflJ
-----END CERTIFICATE-----
Generated at Wed May 14 22:08:26 2025 by rpki-client