Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/4tVtsGMd1g4tlXAF119k_VNRhXo.roa
File: 4tVtsGMd1g4tlXAF119k_VNRhXo.roa (raw, json)
Hash identifier: +Fq56zn8o7r6XOEwLArTpUHkM6OaLUiwKriS+WKtI0Q=
Subject key identifier: E2:D5:6D:B0:63:1D:D6:0E:2D:95:70:05:D7:5F:64:FD:53:51:85:7A
Certificate issuer: /CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Certificate serial: 018C72806554B4EA5F3AEE0127CA5740F77A
Authority key identifier: 5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/4tVtsGMd1g4tlXAF119k_VNRhXo.roa
Signing time: Sat 16 Dec 2023 12:01:06 +0000
ROA not before: Sat 16 Dec 2023 12:01:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48937
IP address blocks: 95.140.162.0/24 maxlen: 24
95.140.160.0/22 maxlen: 22
95.140.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:72:80:65:54:b4:ea:5f:3a:ee:01:27:ca:57:40:f7:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ccdeca171e422c79c938c2732a90d48a8c53c06
Validity
Not Before: Dec 16 12:01:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e2d56db0631dd60e2d957005d75f64fd5351857a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:18:0d:24:15:aa:4b:51:41:40:f0:72:f7:11:
6d:3f:5f:a6:e7:a8:0a:f2:d4:6b:e9:3f:b7:9f:5c:
11:cf:58:16:f1:e7:e1:db:af:35:5a:a6:4a:35:33:
c4:09:ca:1e:50:52:23:b2:f0:20:7a:59:73:19:5a:
d3:3a:75:43:d3:7b:b8:68:c1:b5:a9:69:09:d5:33:
59:ab:0b:9b:66:1d:33:27:58:ca:ec:2f:62:36:7c:
84:44:64:55:7a:75:50:16:d0:dd:30:3c:dd:6d:ca:
8c:16:9e:64:cb:c3:54:64:50:a2:06:35:f1:0c:bc:
f0:08:9f:98:44:16:85:b1:39:78:23:d4:ba:80:a3:
88:0c:98:74:8d:22:08:f1:93:75:31:82:1c:99:3a:
20:c0:67:3a:b5:21:71:3d:4b:34:6e:d3:20:cc:e0:
10:67:3b:65:15:30:e0:c5:ca:4b:0c:f5:5c:93:66:
a7:ab:c8:3e:69:79:7b:4a:9c:ae:77:eb:96:bd:a5:
84:5c:34:d9:97:6d:94:62:67:ec:ad:3b:20:5b:78:
cf:4c:1c:69:bf:14:c9:6a:36:a7:38:04:92:4b:7c:
ca:69:05:65:22:1f:42:16:a9:59:00:db:5c:07:fe:
14:ec:33:e6:ef:fa:60:34:1a:d2:33:c8:7c:57:36:
0f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:D5:6D:B0:63:1D:D6:0E:2D:95:70:05:D7:5F:64:FD:53:51:85:7A
X509v3 Authority Key Identifier:
keyid:5C:CD:EC:A1:71:E4:22:C7:9C:93:8C:27:32:A9:0D:48:A8:C5:3C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XM3soXHkIseck4wnMqkNSKjFPAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/4tVtsGMd1g4tlXAF119k_VNRhXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/b8f5e6-c951-4ddb-b4f5-a881ec8228b5/1/XM3soXHkIseck4wnMqkNSKjFPAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.160.0/22
Signature Algorithm: sha256WithRSAEncryption
47:75:39:24:bf:5f:b1:16:c5:ad:b5:9f:0f:9a:9b:fe:26:70:
3a:9e:26:98:06:2f:e2:b8:8c:63:49:25:f7:94:ac:6b:dc:22:
ab:ca:9c:6f:93:03:5d:00:7e:82:d9:44:04:f9:9f:5f:4c:4c:
1d:a7:a6:61:c0:c5:ff:02:f3:c7:a8:77:33:84:56:37:40:54:
37:e6:93:18:03:7f:c2:61:e1:56:73:98:c1:7f:ec:fd:4d:f6:
be:2b:6d:ca:e7:d4:c1:bd:85:09:09:f9:42:0c:7b:42:56:d3:
64:c7:d8:a2:17:b3:8b:62:be:3c:63:1d:4f:83:c0:60:93:34:
34:dd:5d:e0:f2:bb:9f:65:bc:aa:71:92:02:65:2b:ed:ee:23:
25:a2:1e:4d:c7:a2:df:34:9d:68:d5:e4:28:82:2f:7f:39:71:
d0:96:f7:d9:ce:24:29:be:10:9c:9d:b8:eb:1c:a5:d8:8b:2e:
ab:1f:72:16:bb:54:e9:f8:ec:95:1c:af:bb:b8:d9:6d:0f:21:
00:7c:80:3a:38:da:66:d6:be:93:64:48:15:01:14:53:e5:97:
68:4d:cc:77:40:a0:be:6c:8f:e3:17:29:7f:62:b7:70:e7:94:
62:e0:a2:24:dc:2a:b6:28:38:64:9c:fa:ad:40:a2:f8:1b:52:
cb:79:9a:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxygGVUtOpfOu4BJ8pXQPd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjY2RlY2ExNzFlNDIyYzc5YzkzOGMyNzMyYTkwZDQ4YThj
NTNjMDYwHhcNMjMxMjE2MTIwMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmQ1NmRiMDYzMWRkNjBlMmQ5NTcwMDVkNzVmNjRmZDUzNTE4NTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphgNJBWqS1FBQPBy9xFtP1+m56gK
8tRr6T+3n1wRz1gW8efh2681WqZKNTPECcoeUFIjsvAgellzGVrTOnVD03u4aMG1
qWkJ1TNZqwubZh0zJ1jK7C9iNnyERGRVenVQFtDdMDzdbcqMFp5ky8NUZFCiBjXx
DLzwCJ+YRBaFsTl4I9S6gKOIDJh0jSII8ZN1MYIcmTogwGc6tSFxPUs0btMgzOAQ
ZztlFTDgxcpLDPVck2anq8g+aXl7Spyud+uWvaWEXDTZl22UYmfsrTsgW3jPTBxp
vxTJajanOASSS3zKaQVlIh9CFqlZANtcB/4U7DPm7/pgNBrSM8h8VzYPOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOLVbbBjHdYOLZVwBddfZP1TUYV6MB8GA1UdIwQY
MBaAFFzN7KFx5CLHnJOMJzKpDUioxTwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUt
YTg4MWVjODIyOGI1LzEvNHRWdHNHTWQxZzR0bFhBRjExOWtfVk5SaFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9iOGY1ZTYtYzk1MS00ZGRiLWI0ZjUtYTg4MWVjODIyOGI1
LzEvWE0zc29YSGtJc2VjazR3bk1xa05TS2pGUEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX4ygMA0G
CSqGSIb3DQEBCwUAA4IBAQBHdTkkv1+xFsWttZ8Pmpv+JnA6niaYBi/iuIxjSSX3
lKxr3CKrypxvkwNdAH6C2UQE+Z9fTEwdp6ZhwMX/AvPHqHczhFY3QFQ35pMYA3/C
YeFWc5jBf+z9Tfa+K23K59TBvYUJCflCDHtCVtNkx9iiF7OLYr48Yx1Pg8BgkzQ0
3V3g8rufZbyqcZICZSvt7iMloh5Nx6LfNJ1o1eQogi9/OXHQlvfZziQpvhCcnbjr
HKXYiy6rH3IWu1Tp+OyVHK+7uNltDyEAfIA6ONpm1r6TZEgVARRT5ZdoTcx3QKC+
bI/jFyl/Yrdw55Ri4KIk3Cq2KDhknPqtQKL4G1LLeZoE
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:21:25 2025 by rpki-client