Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/afcbad-c126-4f8e-bd22-492b60343a70/1/L3AJZdgMe60coBvcVWguyamDcbM.roa
File: L3AJZdgMe60coBvcVWguyamDcbM.roa (raw, json)
Hash identifier: yLE0Ndv7ap4P4Y8bvG6W8aFvAWJfJwTkpkwBHR5IFKE=
Subject key identifier: 2F:70:09:65:D8:0C:7B:AD:1C:A0:1B:DC:55:68:2E:C9:A9:83:71:B3
Certificate issuer: /CN=a22c5278c4bbb026e12ffd760beac59fc155fc25
Certificate serial: 0184BDBAC50EC5898EC0E88EBBBF8C4413ED
Authority key identifier: A2:2C:52:78:C4:BB:B0:26:E1:2F:FD:76:0B:EA:C5:9F:C1:55:FC:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oixSeMS7sCbhL_12C-rFn8FV_CU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/afcbad-c126-4f8e-bd22-492b60343a70/1/L3AJZdgMe60coBvcVWguyamDcbM.roa
Signing time: Mon 28 Nov 2022 10:14:04 +0000
ROA not before: Mon 28 Nov 2022 10:14:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41799
IP address blocks: 195.242.127.0/24 maxlen: 24
195.242.126.0/23 maxlen: 23
195.242.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:ba:c5:0e:c5:89:8e:c0:e8:8e:bb:bf:8c:44:13:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a22c5278c4bbb026e12ffd760beac59fc155fc25
Validity
Not Before: Nov 28 10:14:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f700965d80c7bad1ca01bdc55682ec9a98371b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bf:59:f4:1a:42:ec:55:f3:a7:c7:88:2b:47:
e2:fd:ba:ad:67:0f:e3:92:f3:b9:05:c4:5d:77:e9:
78:f0:14:84:fd:c7:b7:f8:6b:fb:28:7f:d3:44:08:
a8:54:25:b5:b7:cd:64:01:c6:f0:50:41:61:1d:8b:
00:b8:25:02:5a:f2:b1:43:0a:e9:e1:dc:1a:b5:15:
d9:29:03:34:f0:67:17:8b:72:85:9d:54:30:53:3b:
af:24:74:03:48:96:5b:e4:71:de:f9:39:66:8f:50:
a1:2b:a7:68:50:21:d5:cf:d4:d3:6a:35:a5:db:d7:
8d:58:d3:77:6f:12:70:1b:ea:bc:bd:6e:e1:b6:58:
c2:75:0a:60:ad:59:8d:f5:e3:a0:17:58:de:3b:2f:
9f:6e:3f:24:87:98:68:26:dc:13:11:46:c8:91:61:
3b:20:64:bc:f8:5b:d5:99:77:20:08:dc:23:ad:0f:
7b:aa:28:56:8b:2c:4d:e5:e9:de:b3:0a:c5:61:c9:
47:e9:99:29:d5:89:20:d9:7d:92:ef:30:46:45:0c:
49:45:1b:ba:12:15:63:b7:df:42:19:04:ed:b7:83:
2f:69:e5:71:a9:ee:cd:fe:cb:4e:33:1e:8c:d7:ed:
05:35:c1:98:8b:82:8f:e2:9c:fa:78:89:78:e5:a7:
bd:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:70:09:65:D8:0C:7B:AD:1C:A0:1B:DC:55:68:2E:C9:A9:83:71:B3
X509v3 Authority Key Identifier:
keyid:A2:2C:52:78:C4:BB:B0:26:E1:2F:FD:76:0B:EA:C5:9F:C1:55:FC:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oixSeMS7sCbhL_12C-rFn8FV_CU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/afcbad-c126-4f8e-bd22-492b60343a70/1/L3AJZdgMe60coBvcVWguyamDcbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/afcbad-c126-4f8e-bd22-492b60343a70/1/oixSeMS7sCbhL_12C-rFn8FV_CU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.242.126.0/23
Signature Algorithm: sha256WithRSAEncryption
18:4c:ea:25:52:f0:d2:11:49:8e:a1:d0:f2:e7:95:03:dd:4d:
2e:36:85:88:79:ef:66:70:49:bc:5d:a6:c8:b2:52:75:7b:ca:
9d:7f:2c:89:69:51:c1:3f:40:4d:16:63:7b:e0:84:c0:e7:5f:
c1:5c:e8:0e:fd:a5:4c:9e:85:d7:38:00:ea:dc:c8:2b:70:4d:
f1:2f:0c:06:24:6b:81:41:c9:8d:4c:de:fb:22:cf:17:70:70:
de:26:9d:a0:f1:19:43:c3:b0:6e:da:a2:b8:c0:07:f0:7a:3a:
4b:1c:5d:b2:43:90:0d:42:84:db:74:1f:1c:cd:bc:20:58:d7:
a1:69:22:b7:93:09:8d:49:cf:3c:16:ab:24:70:f1:13:a3:77:
81:08:90:82:6e:b7:f7:4e:bd:b1:86:3c:6e:56:77:65:a4:b6:
4c:a1:c1:8f:e5:93:24:9a:ab:76:a7:88:14:a9:4f:37:9e:d8:
c4:c3:16:af:9a:9a:72:c7:eb:0c:7e:a4:8d:95:e8:dd:ba:29:
b9:68:e5:2b:bc:b7:7f:09:6e:25:f1:fc:55:74:a0:51:e4:00:
3c:bb:56:5d:2b:c4:7c:f8:e6:c5:10:0b:05:f0:94:d3:4e:39:
51:b3:f6:79:77:c3:7b:23:c2:51:5b:7e:94:d5:cb:6c:ef:ec:
2e:5d:8e:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYS9usUOxYmOwOiOu7+MRBPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMmM1Mjc4YzRiYmIwMjZlMTJmZmQ3NjBiZWFjNTlmYzE1
NWZjMjUwHhcNMjIxMTI4MTAxNDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjcwMDk2NWQ4MGM3YmFkMWNhMDFiZGM1NTY4MmVjOWE5ODM3MWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor9Z9BpC7FXzp8eIK0fi/bqtZw/j
kvO5BcRdd+l48BSE/ce3+Gv7KH/TRAioVCW1t81kAcbwUEFhHYsAuCUCWvKxQwrp
4dwatRXZKQM08GcXi3KFnVQwUzuvJHQDSJZb5HHe+Tlmj1ChK6doUCHVz9TTajWl
29eNWNN3bxJwG+q8vW7htljCdQpgrVmN9eOgF1jeOy+fbj8kh5hoJtwTEUbIkWE7
IGS8+FvVmXcgCNwjrQ97qihWiyxN5eneswrFYclH6Zkp1Ykg2X2S7zBGRQxJRRu6
EhVjt99CGQTtt4MvaeVxqe7N/stOMx6M1+0FNcGYi4KP4pz6eIl45ae9+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC9wCWXYDHutHKAb3FVoLsmpg3GzMB8GA1UdIwQY
MBaAFKIsUnjEu7Am4S/9dgvqxZ/BVfwlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2l4U2VNUzdzQ2JoTF8xMkMtckZuOEZWX0NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9hZmNiYWQtYzEyNi00ZjhlLWJkMjIt
NDkyYjYwMzQzYTcwLzEvTDNBSlpkZ01lNjBjb0J2Y1ZXZ3V5YW1EY2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9hZmNiYWQtYzEyNi00ZjhlLWJkMjItNDkyYjYwMzQzYTcw
LzEvb2l4U2VNUzdzQ2JoTF8xMkMtckZuOEZWX0NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/J+MA0G
CSqGSIb3DQEBCwUAA4IBAQAYTOolUvDSEUmOodDy55UD3U0uNoWIee9mcEm8XabI
slJ1e8qdfyyJaVHBP0BNFmN74ITA51/BXOgO/aVMnoXXOADq3MgrcE3xLwwGJGuB
QcmNTN77Is8XcHDeJp2g8RlDw7Bu2qK4wAfwejpLHF2yQ5ANQoTbdB8czbwgWNeh
aSK3kwmNSc88FqskcPETo3eBCJCCbrf3Tr2xhjxuVndlpLZMocGP5ZMkmqt2p4gU
qU83ntjEwxavmppyx+sMfqSNlejduim5aOUrvLd/CW4l8fxVdKBR5AA8u1ZdK8R8
+ObFEAsF8JTTTjlRs/Z5d8N7I8JRW36U1cts7+wuXY5l
-----END CERTIFICATE-----
Generated at Mon May 12 11:18:17 2025 by rpki-client