Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/3a886e-4c26-425a-a14d-f21b6ae3be6c/1/EGr5x0tDfi_87-y82ZPiKpCSZNI.roa
File: EGr5x0tDfi_87-y82ZPiKpCSZNI.roa (raw, json)
Hash identifier: TLcDwUFMt7P7Eg/9YMlB0JABkzYO+zedqA9dhpfiIaQ=
Subject key identifier: 10:6A:F9:C7:4B:43:7E:2F:FC:EF:EC:BC:D9:93:E2:2A:90:92:64:D2
Certificate issuer: /CN=662c6c3d22cf6b101d7148006da7a7284dcbb320
Certificate serial: 01856EC206ABFF722966D0A504B0690FBB58
Authority key identifier: 66:2C:6C:3D:22:CF:6B:10:1D:71:48:00:6D:A7:A7:28:4D:CB:B3:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZixsPSLPaxAdcUgAbaenKE3LsyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/3a886e-4c26-425a-a14d-f21b6ae3be6c/1/EGr5x0tDfi_87-y82ZPiKpCSZNI.roa
Signing time: Sun 01 Jan 2023 19:14:47 +0000
ROA not before: Sun 01 Jan 2023 19:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212055
IP address blocks: 195.226.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:06:ab:ff:72:29:66:d0:a5:04:b0:69:0f:bb:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=662c6c3d22cf6b101d7148006da7a7284dcbb320
Validity
Not Before: Jan 1 19:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=106af9c74b437e2ffcefecbcd993e22a909264d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:13:01:55:48:a1:75:c2:a8:90:93:4e:bf:03:
06:eb:ea:d4:78:17:47:f2:1d:3d:3d:4d:4c:1f:76:
fa:12:29:12:e6:e5:e5:c7:23:74:e8:03:a6:80:12:
cd:d8:28:8c:20:2b:e5:cf:8a:21:62:c0:35:ab:a8:
0b:15:a8:70:9a:32:4e:cb:6b:eb:74:e0:78:5a:ef:
a6:3b:74:58:fa:e9:20:84:30:db:be:ed:38:0b:06:
ca:e8:92:4c:41:be:0a:02:11:86:92:f2:ae:fc:fd:
07:20:81:82:e0:78:4d:44:69:b1:96:83:86:ab:ec:
ce:ac:cc:80:66:c5:22:1c:ac:ec:08:78:34:4b:dc:
8d:9d:76:a9:08:5f:80:37:93:da:96:fe:f1:de:7e:
64:1f:e6:5a:ba:79:6b:d4:3e:08:98:ee:35:67:58:
5f:d0:ed:64:97:c7:f6:bc:bf:4f:3d:6e:5f:ca:ee:
c9:16:1e:f0:df:f7:c2:d0:d5:fb:e2:fc:1f:d0:0f:
9b:cb:81:24:af:37:bb:e3:4d:34:f0:df:e8:36:e4:
6b:65:fb:2e:c0:a2:5b:03:6a:e0:a7:22:bc:0e:fa:
fc:e8:c4:8e:fc:48:e4:e3:36:1d:0e:d2:f3:7c:75:
58:67:27:4b:8f:80:cf:8b:38:2b:f0:f7:2a:cd:1e:
7d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:6A:F9:C7:4B:43:7E:2F:FC:EF:EC:BC:D9:93:E2:2A:90:92:64:D2
X509v3 Authority Key Identifier:
keyid:66:2C:6C:3D:22:CF:6B:10:1D:71:48:00:6D:A7:A7:28:4D:CB:B3:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZixsPSLPaxAdcUgAbaenKE3LsyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3a886e-4c26-425a-a14d-f21b6ae3be6c/1/EGr5x0tDfi_87-y82ZPiKpCSZNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/3a886e-4c26-425a-a14d-f21b6ae3be6c/1/ZixsPSLPaxAdcUgAbaenKE3LsyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.226.199.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:b8:4b:1d:3b:51:28:fb:0b:d8:3c:49:cb:d7:e3:2a:d2:59:
94:20:33:af:91:5e:a8:65:88:2c:c2:ff:70:be:1f:16:a9:be:
d9:51:d8:cf:8f:db:ab:33:d4:ca:d4:13:de:a0:a3:91:25:08:
a9:2a:dc:fa:1d:f1:19:c8:b4:60:a2:97:97:32:fc:42:93:8a:
4a:00:96:e5:c3:f1:8e:a2:ed:97:9d:c4:3f:e2:c3:b6:47:b5:
a5:a2:b4:51:b6:ba:99:e5:3f:43:e8:16:d9:d7:1e:9c:4f:0a:
8c:e2:a3:dd:84:ae:62:d0:62:99:5a:79:32:55:fd:2f:65:0c:
e5:ff:ba:0d:59:7b:ad:ff:e4:3a:b5:2e:da:80:8e:04:b9:33:
be:2e:29:30:9d:36:e0:d5:a9:33:58:7e:95:b3:a7:7d:a4:69:
f1:29:95:21:0d:f3:ac:9f:38:4e:4b:04:45:49:77:1c:8d:94:
37:e3:9e:a9:27:94:c8:5f:61:91:eb:25:78:60:d4:ac:b2:7f:
b4:fa:55:f7:ef:df:1c:12:d6:ed:04:e2:af:a4:64:35:47:39:
ac:76:86:bf:91:87:58:87:de:20:cb:65:64:b3:6b:d6:33:1b:
db:90:04:ec:a4:e9:62:d2:83:0a:2d:c6:89:ea:cd:2b:18:b0:
32:5b:1c:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwgar/3IpZtClBLBpD7tYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MmM2YzNkMjJjZjZiMTAxZDcxNDgwMDZkYTdhNzI4NGRj
YmIzMjAwHhcNMjMwMTAxMTkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDZhZjljNzRiNDM3ZTJmZmNlZmVjYmNkOTkzZTIyYTkwOTI2NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxMBVUihdcKokJNOvwMG6+rUeBdH
8h09PU1MH3b6EikS5uXlxyN06AOmgBLN2CiMICvlz4ohYsA1q6gLFahwmjJOy2vr
dOB4Wu+mO3RY+ukghDDbvu04CwbK6JJMQb4KAhGGkvKu/P0HIIGC4HhNRGmxloOG
q+zOrMyAZsUiHKzsCHg0S9yNnXapCF+AN5Palv7x3n5kH+Zaunlr1D4ImO41Z1hf
0O1kl8f2vL9PPW5fyu7JFh7w3/fC0NX74vwf0A+by4Ekrze740008N/oNuRrZfsu
wKJbA2rgpyK8Dvr86MSO/Ejk4zYdDtLzfHVYZydLj4DPizgr8PcqzR59MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBBq+cdLQ34v/O/svNmT4iqQkmTSMB8GA1UdIwQY
MBaAFGYsbD0iz2sQHXFIAG2npyhNy7MgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWml4c1BTTFBheEFkY1VnQWJhZW5LRTNMc3lBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zYTg4NmUtNGMyNi00MjVhLWExNGQt
ZjIxYjZhZTNiZTZjLzEvRUdyNXgwdERmaV84Ny15ODJaUGlLcENTWk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zYTg4NmUtNGMyNi00MjVhLWExNGQtZjIxYjZhZTNiZTZj
LzEvWml4c1BTTFBheEFkY1VnQWJhZW5LRTNMc3lBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+LHMA0G
CSqGSIb3DQEBCwUAA4IBAQBcuEsdO1Eo+wvYPEnL1+Mq0lmUIDOvkV6oZYgswv9w
vh8Wqb7ZUdjPj9urM9TK1BPeoKORJQipKtz6HfEZyLRgopeXMvxCk4pKAJblw/GO
ou2XncQ/4sO2R7WlorRRtrqZ5T9D6BbZ1x6cTwqM4qPdhK5i0GKZWnkyVf0vZQzl
/7oNWXut/+Q6tS7agI4EuTO+LikwnTbg1akzWH6Vs6d9pGnxKZUhDfOsnzhOSwRF
SXccjZQ3456pJ5TIX2GR6yV4YNSssn+0+lX3798cEtbtBOKvpGQ1Rzmsdoa/kYdY
h94gy2Vks2vWMxvbkATspOli0oMKLcaJ6s0rGLAyWxwf
-----END CERTIFICATE-----
Generated at Mon May 12 04:31:37 2025 by rpki-client