Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/1J41kZEnkdLFhWw0AvuNlTui2QA.roa
File: 1J41kZEnkdLFhWw0AvuNlTui2QA.roa (raw, json)
Hash identifier: esbcRfKfRuRfc2DaMdRtd+mCygD+otn/kN8/4AVjk4A=
Subject key identifier: D4:9E:35:91:91:27:91:D2:C5:85:6C:34:02:FB:8D:95:3B:A2:D9:00
Certificate issuer: /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial: 018C84259A982F921DCFEE268FC5F0526EF3
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/1J41kZEnkdLFhWw0AvuNlTui2QA.roa
Signing time: Tue 19 Dec 2023 22:15:06 +0000
ROA not before: Tue 19 Dec 2023 22:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.95.205.0/24 maxlen: 24
45.95.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:84:25:9a:98:2f:92:1d:cf:ee:26:8f:c5:f0:52:6e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Validity
Not Before: Dec 19 22:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d49e3591912791d2c5856c3402fb8d953ba2d900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7f:4d:b1:af:9b:53:8c:36:07:3e:7e:f1:a5:
4f:38:01:3d:c2:6d:e1:e4:db:8b:39:6f:df:c4:cb:
09:74:d1:d5:87:57:0b:7a:af:ab:24:a4:d9:7a:dc:
3e:72:42:d9:09:8d:1a:84:6f:cd:0c:c8:29:87:e7:
19:43:4b:ac:52:d6:cc:83:43:44:d6:6a:08:9e:70:
27:d5:ba:da:e0:83:97:0c:6f:10:89:75:b4:91:b2:
45:3b:1f:ab:c9:d8:bd:f5:f3:1f:11:d4:d3:80:ad:
aa:9f:1f:45:d5:ca:02:c3:34:09:87:84:f0:cb:15:
dd:8c:80:db:f0:8d:df:aa:72:f8:8a:67:3f:17:a0:
d6:ea:86:ff:09:d9:52:ae:2c:ce:db:08:00:a7:0f:
c1:31:42:8b:2a:95:31:f9:57:fb:dc:ef:bc:ab:62:
2a:21:a5:d6:db:66:14:de:28:08:5e:fc:3b:90:23:
30:32:d8:9e:13:aa:3f:43:92:d4:36:3d:ce:95:af:
68:95:65:b7:90:f8:cb:d0:44:e0:42:b9:48:c7:c6:
f8:0f:2c:8e:16:b0:3b:f3:7f:7e:2f:64:75:7f:24:
54:8d:5c:40:2f:43:ab:75:ba:de:de:ff:7a:14:f9:
48:6a:67:ce:4c:da:da:7a:66:ab:bb:ba:83:b5:f5:
5c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:9E:35:91:91:27:91:D2:C5:85:6C:34:02:FB:8D:95:3B:A2:D9:00
X509v3 Authority Key Identifier:
keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/1J41kZEnkdLFhWw0AvuNlTui2QA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.205.0/24
45.95.207.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:2f:ce:40:f5:4e:1c:0f:79:94:e1:e9:55:50:a9:ab:8c:8a:
31:a1:ea:d7:51:c7:03:0d:f5:e4:d8:c2:79:c9:d4:e0:54:14:
73:57:46:7d:c3:48:8f:9f:e6:f2:a5:c9:cb:58:4d:02:42:f3:
3d:1f:1d:cd:1f:1b:95:00:bb:10:a4:fa:71:4b:7e:44:27:db:
fa:21:7c:2f:fd:3a:3b:9b:92:61:40:ef:06:55:53:34:e0:89:
64:ca:57:7e:f6:7f:4b:91:63:f8:e1:75:2d:72:cc:13:e6:0b:
17:65:13:1a:6c:26:68:7a:56:b8:b5:75:ff:ac:ba:71:7d:e8:
4e:85:50:9e:83:89:23:c4:53:55:73:9d:81:66:9f:7c:4f:af:
49:aa:83:a0:ad:ee:84:0d:d6:87:12:d9:a7:7c:7c:da:24:02:
51:7e:be:c6:0f:63:84:03:02:72:3c:3e:7f:5f:08:11:c8:38:
21:8c:a6:26:9a:f1:79:32:07:cc:6a:d9:bf:db:cf:65:77:26:
61:3e:38:d3:42:bf:29:b2:05:dd:93:4b:39:9a:ef:36:97:6c:
a0:1d:0b:36:aa:10:f8:cb:19:9a:b8:43:25:28:a2:85:f3:60:
78:c2:48:2b:7c:2d:61:3e:14:eb:db:57:bd:c9:16:c8:ea:46:
f0:6c:9e:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYyEJZqYL5Idz+4mj8XwUm7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjMxMjE5MjIxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDllMzU5MTkxMjc5MWQyYzU4NTZjMzQwMmZiOGQ5NTNiYTJkOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjX9Nsa+bU4w2Bz5+8aVPOAE9wm3h
5NuLOW/fxMsJdNHVh1cLeq+rJKTZetw+ckLZCY0ahG/NDMgph+cZQ0usUtbMg0NE
1moInnAn1bra4IOXDG8QiXW0kbJFOx+rydi99fMfEdTTgK2qnx9F1coCwzQJh4Tw
yxXdjIDb8I3fqnL4imc/F6DW6ob/CdlSrizO2wgApw/BMUKLKpUx+Vf73O+8q2Iq
IaXW22YU3igIXvw7kCMwMtieE6o/Q5LUNj3Ola9olWW3kPjL0ETgQrlIx8b4DyyO
FrA7839+L2R1fyRUjVxAL0Ordbre3v96FPlIamfOTNraemaru7qDtfVcBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNSeNZGRJ5HSxYVsNAL7jZU7otkAMB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvMUo0MWtaRW5rZExGaFd3MEF2dU5sVHVpMlFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV/NAwQA
LV/PMA0GCSqGSIb3DQEBCwUAA4IBAQAsL85A9U4cD3mU4elVUKmrjIoxoerXUccD
DfXk2MJ5ydTgVBRzV0Z9w0iPn+bypcnLWE0CQvM9Hx3NHxuVALsQpPpxS35EJ9v6
IXwv/To7m5JhQO8GVVM04Ilkyld+9n9LkWP44XUtcswT5gsXZRMabCZoela4tXX/
rLpxfehOhVCeg4kjxFNVc52BZp98T69JqoOgre6EDdaHEtmnfHzaJAJRfr7GD2OE
AwJyPD5/XwgRyDghjKYmmvF5MgfMatm/289ldyZhPjjTQr8psgXdk0s5mu82l2yg
HQs2qhD4yxmauEMlKKKF82B4wkgrfC1hPhTr21e9yRbI6kbwbJ5m
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:49 2025 by rpki-client