Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/lACQhcGeD3yPk-Dvbvx66ZXifMY.roa
File: lACQhcGeD3yPk-Dvbvx66ZXifMY.roa (raw, json)
Hash identifier: llwmPqxpwtJR5eQWuvlsnNV17vTHYjoyUcc8M5t6ods=
Subject key identifier: 94:00:90:85:C1:9E:0F:7C:8F:93:E0:EF:6E:FC:7A:E9:95:E2:7C:C6
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 18C4A1A9
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/lACQhcGeD3yPk-Dvbvx66ZXifMY.roa
Signing time: Fri 18 Mar 2022 11:37:59 +0000
ROA not before: Fri 18 Mar 2022 11:37:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43561
IP address blocks: 95.43.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 415539625 (0x18c4a1a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Mar 18 11:37:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94009085c19e0f7c8f93e0ef6efc7ae995e27cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e7:6d:fc:34:90:b3:13:c2:e6:44:60:93:3f:
49:e1:2d:f3:07:c8:ce:71:96:41:10:b9:83:5b:57:
ad:cd:c2:10:fd:10:da:cb:ff:4d:33:65:be:9c:88:
ff:3b:60:90:5b:ea:9c:b6:0a:c6:69:bb:e2:1b:5a:
d9:b2:5c:c9:81:74:29:09:ec:67:75:0a:43:4a:5c:
b7:e5:13:ee:c7:1d:2d:d6:b3:a9:91:5d:dc:e3:36:
b6:f5:ce:24:20:f6:ce:47:b6:4f:f2:4c:b4:53:a5:
bb:12:06:4e:a7:7a:02:41:0d:a8:43:e3:ce:96:5b:
8f:d0:e1:02:30:40:b7:97:f4:5a:3b:d0:91:11:87:
ff:08:fb:82:4d:90:6b:ce:6b:44:71:7f:a1:d6:0f:
f0:2d:67:0a:b4:27:7d:61:71:6a:1a:72:60:1b:e8:
3b:a9:92:20:3c:ce:02:08:47:ba:95:ae:23:81:7f:
a5:e7:2d:7c:45:ed:a8:b4:e4:48:2f:85:83:4d:ab:
31:b9:4e:c1:a3:ac:b8:c6:1b:4f:86:12:6f:02:44:
10:27:b8:c8:cf:0d:40:8c:65:5e:ef:9f:e5:32:34:
1a:1c:8a:5e:85:39:91:40:c0:19:93:12:2e:6c:f7:
83:d3:37:59:8e:fa:7d:46:a6:19:24:91:bc:3b:fe:
7b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:00:90:85:C1:9E:0F:7C:8F:93:E0:EF:6E:FC:7A:E9:95:E2:7C:C6
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/lACQhcGeD3yPk-Dvbvx66ZXifMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.43.250.0/24
Signature Algorithm: sha256WithRSAEncryption
90:e9:c5:17:83:17:38:a0:d7:d5:a1:0d:33:6c:ed:4c:ac:90:
f7:81:92:37:12:4a:18:0b:a9:78:97:cc:9c:c7:29:98:7f:63:
c6:18:a6:ae:54:e8:c2:82:21:96:a2:23:b9:cf:31:88:c1:33:
04:9d:d2:34:ce:08:bb:14:2d:c0:58:b2:fd:f6:2d:77:1f:10:
90:1b:a6:15:64:4e:1b:24:cc:29:7d:ec:61:79:ec:ec:83:12:
41:b9:a3:f9:7b:4e:8c:06:f4:f7:08:47:38:9e:1a:bd:75:a4:
28:45:33:ab:33:d6:d4:3f:0e:e0:b4:92:5a:3a:08:e4:95:56:
12:d1:11:c9:68:d4:ad:71:32:b5:97:39:26:05:d3:10:f9:aa:
52:79:f9:26:7f:3b:6d:f6:07:a7:fb:5b:1b:40:de:01:a0:4f:
28:3b:32:80:87:bc:da:4a:ee:a6:68:76:34:05:ec:3b:06:03:
57:ea:02:85:c7:b4:7a:e2:17:3a:d7:ad:2e:a6:7f:0c:58:c1:
1b:d8:a7:a7:4b:12:fe:5c:a7:49:a9:31:11:01:8e:86:33:70:
b4:17:db:c5:32:bd:f9:0a:fc:b5:5a:d0:1c:a5:12:21:9f:64:
c1:04:8c:b3:44:4d:a5:f9:9f:63:56:00:47:e3:77:01:11:65:
68:2e:e8:1a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGMShqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDMx
ODExMzc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQwMDkwODVjMTll
MGY3YzhmOTNlMGVmNmVmYzdhZTk5NWUyN2NjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDnbfw0kLMTwuZEYJM/SeEt8wfIznGWQRC5g1tXrc3CEP0Q
2sv/TTNlvpyI/ztgkFvqnLYKxmm74hta2bJcyYF0KQnsZ3UKQ0pct+UT7scdLdaz
qZFd3OM2tvXOJCD2zke2T/JMtFOluxIGTqd6AkENqEPjzpZbj9DhAjBAt5f0WjvQ
kRGH/wj7gk2Qa85rRHF/odYP8C1nCrQnfWFxahpyYBvoO6mSIDzOAghHupWuI4F/
pectfEXtqLTkSC+Fg02rMblOwaOsuMYbT4YSbwJEECe4yM8NQIxlXu+f5TI0GhyK
XoU5kUDAGZMSLmz3g9M3WY76fUamGSSRvDv+e5sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSUAJCFwZ4PfI+T4O9u/HrpleJ8xjAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L2xBQ1FoY0dlRDN5UGstRHZidng2NlpYaWZNWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF8r+jANBgkqhkiG9w0BAQsFAAOC
AQEAkOnFF4MXOKDX1aENM2ztTKyQ94GSNxJKGAupeJfMnMcpmH9jxhimrlTowoIh
lqIjuc8xiMEzBJ3SNM4IuxQtwFiy/fYtdx8QkBumFWROGyTMKX3sYXns7IMSQbmj
+XtOjAb09whHOJ4avXWkKEUzqzPW1D8O4LSSWjoI5JVWEtERyWjUrXEytZc5JgXT
EPmqUnn5Jn87bfYHp/tbG0DeAaBPKDsygIe82krupmh2NAXsOwYDV+oChce0euIX
OtetLqZ/DFjBG9inp0sS/lynSakxEQGOhjNwtBfbxTK9+Qr8tVrQHKUSIZ9kwQSM
s0RNpfmfY1YAR+N3ARFlaC7oGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:05 2024 by rpki-client on console-fra.rpki-client.org