Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Mr0fI_a_TGVNkUrrzGOshWKjCB8.roa
File: Mr0fI_a_TGVNkUrrzGOshWKjCB8.roa (raw, json)
Hash identifier: U/zvbW4xLFeEF5SkklX846giEiQ8UcAGBXz0xCq3zG0=
Subject key identifier: 32:BD:1F:23:F6:BF:4C:65:4D:91:4A:EB:CC:63:AC:85:62:A3:08:1F
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01833F950C549A6EDB8FEC7200A1E1D4E02B
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Mr0fI_a_TGVNkUrrzGOshWKjCB8.roa
Signing time: Thu 15 Sep 2022 05:17:56 +0000
ROA not before: Thu 15 Sep 2022 05:17:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 185.95.159.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3f:95:0c:54:9a:6e:db:8f:ec:72:00:a1:e1:d4:e0:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Sep 15 05:17:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32bd1f23f6bf4c654d914aebcc63ac8562a3081f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:93:4a:5d:74:34:0c:a9:82:10:e5:f5:21:b1:
02:d2:32:db:78:7a:39:97:18:cf:91:38:a5:36:3c:
a0:1e:ae:a6:9b:0c:89:29:10:95:15:ed:d0:c0:0c:
cc:45:57:6f:e2:6c:11:6e:32:18:5f:00:6c:a0:49:
eb:cf:09:91:c0:a0:05:70:28:e2:de:35:97:24:86:
d3:c9:a6:0a:0b:92:67:21:24:82:5b:f3:6d:d4:47:
10:eb:77:28:ac:e1:e6:a1:a1:bc:d4:9d:21:1d:7d:
d5:09:8d:54:6d:86:35:ac:c4:14:c9:5a:ae:ff:b4:
68:ea:8a:a2:8b:b8:16:1d:ba:09:6d:0a:76:7c:ef:
65:69:76:43:32:4c:6a:00:d4:d4:51:3d:c1:5b:90:
3b:18:6a:5f:b5:6c:cb:92:5b:4f:d4:32:a5:db:1c:
2b:a4:07:bb:19:a9:a9:c9:69:71:c1:05:95:f2:88:
48:fd:4c:3b:03:0f:3b:58:3b:59:77:d7:a7:4f:13:
e1:b2:99:31:58:21:32:a5:99:44:d8:78:15:29:a3:
a6:fc:2f:4b:05:3c:59:c5:17:72:fe:cb:96:55:83:
be:50:c3:e5:45:5a:15:26:f2:ca:46:c1:a4:26:d6:
45:7e:5d:fd:57:f7:51:7d:70:b8:e9:a6:3b:a6:81:
63:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BD:1F:23:F6:BF:4C:65:4D:91:4A:EB:CC:63:AC:85:62:A3:08:1F
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Mr0fI_a_TGVNkUrrzGOshWKjCB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.157.0/24
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
85:f7:75:d7:ef:1d:4c:6e:98:de:f8:22:e7:6b:af:ad:df:ca:
8e:20:78:be:8b:87:62:19:0a:8d:15:f2:c0:d1:64:20:ae:1e:
4f:1f:2c:99:96:49:e7:6a:27:a0:d1:84:1f:4e:e2:3d:eb:dc:
48:15:97:e8:ee:39:bd:a8:56:2e:c4:12:1e:dd:38:c7:e5:aa:
29:7b:9c:0e:04:ad:01:18:9d:5a:21:ff:77:34:2c:e5:83:0d:
8a:24:d4:e3:5c:48:7f:c9:93:df:6b:f2:44:3f:cf:ff:ed:32:
d0:0b:9c:53:a3:f2:4d:ce:79:2a:23:88:b4:5f:77:12:6d:73:
27:f6:34:16:d6:e3:cd:3f:37:3d:7e:e7:93:d4:f0:ac:68:3d:
7d:0e:88:17:eb:c7:42:d0:2e:ae:3b:7f:17:74:d2:97:66:73:
b3:45:f3:6f:e2:45:2d:a3:d0:5d:1a:ab:63:99:00:83:3a:1a:
c7:83:f9:7a:5d:15:06:78:1e:2b:1a:4e:d7:6e:66:c8:34:12:
45:c4:52:4a:cd:21:88:ad:0f:54:4a:83:90:ef:f4:5f:d0:2d:
c3:bc:31:4f:b5:08:5c:9a:99:c0:b2:5c:7c:83:30:a5:82:df:
d1:24:ea:0b:32:d0:be:10:35:92:de:06:89:5e:95:c1:56:8e:
e7:e0:f0:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYM/lQxUmm7bj+xyAKHh1OArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjIwOTE1MDUxNzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmJkMWYyM2Y2YmY0YzY1NGQ5MTRhZWJjYzYzYWM4NTYyYTMwODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZNKXXQ0DKmCEOX1IbEC0jLbeHo5
lxjPkTilNjygHq6mmwyJKRCVFe3QwAzMRVdv4mwRbjIYXwBsoEnrzwmRwKAFcCji
3jWXJIbTyaYKC5JnISSCW/Nt1EcQ63corOHmoaG81J0hHX3VCY1UbYY1rMQUyVqu
/7Ro6oqii7gWHboJbQp2fO9laXZDMkxqANTUUT3BW5A7GGpftWzLkltP1DKl2xwr
pAe7GampyWlxwQWV8ohI/Uw7Aw87WDtZd9enTxPhspkxWCEypZlE2HgVKaOm/C9L
BTxZxRdy/suWVYO+UMPlRVoVJvLKRsGkJtZFfl39V/dRfXC46aY7poFjUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDK9HyP2v0xlTZFK68xjrIViowgfMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvTXIwZklfYV9UR1ZOa1VycnpHT3NoV0tqQ0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuV+dAwQA
uV+fMA0GCSqGSIb3DQEBCwUAA4IBAQCF93XX7x1Mbpje+CLna6+t38qOIHi+i4di
GQqNFfLA0WQgrh5PHyyZlknnaieg0YQfTuI969xIFZfo7jm9qFYuxBIe3TjH5aop
e5wOBK0BGJ1aIf93NCzlgw2KJNTjXEh/yZPfa/JEP8//7TLQC5xTo/JNznkqI4i0
X3cSbXMn9jQW1uPNPzc9fueT1PCsaD19DogX68dC0C6uO38XdNKXZnOzRfNv4kUt
o9BdGqtjmQCDOhrHg/l6XRUGeB4rGk7XbmbINBJFxFJKzSGIrQ9USoOQ7/Rf0C3D
vDFPtQhcmpnAslx8gzClgt/RJOoLMtC+EDWS3gaJXpXBVo7n4PD6
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:06 2025 by rpki-client