Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/PIFIo1zFTa8fSFFO_FeENzBRKFw.roa
File: PIFIo1zFTa8fSFFO_FeENzBRKFw.roa (raw, json)
Hash identifier: L786sGnoNqf1sXbN60QqkiLb00W5m/seGu3P8uLrOAQ=
Subject key identifier: 3C:81:48:A3:5C:C5:4D:AF:1F:48:51:4E:FC:57:84:37:30:51:28:5C
Certificate issuer: /CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Certificate serial: 01864F91A62120B777FFB6218845696D6BCF
Authority key identifier: 1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/PIFIo1zFTa8fSFFO_FeENzBRKFw.roa
Signing time: Tue 14 Feb 2023 10:56:30 +0000
ROA not before: Tue 14 Feb 2023 10:56:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 45.95.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4f:91:a6:21:20:b7:77:ff:b6:21:88:45:69:6d:6b:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f61aa5d1befd7a0fe3e4dfe3aa8da73efcfba34
Validity
Not Before: Feb 14 10:56:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3c8148a35cc54daf1f48514efc5784373051285c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b8:8f:de:90:fe:8d:24:03:ab:ce:1e:f3:14:
9d:02:a0:68:a7:18:15:62:d9:8f:6d:f8:77:d6:3a:
b6:cb:0e:2a:bd:3f:62:ae:97:44:19:27:5d:63:ae:
47:7c:13:73:5f:82:02:47:32:df:7b:b5:64:76:64:
4e:c3:12:ac:35:76:25:fa:4f:2a:4f:3d:6c:79:cd:
61:59:ec:76:87:9a:4b:69:5a:56:89:94:67:ca:46:
7a:e0:f6:31:48:b9:4e:55:dd:0b:5a:e1:24:b1:4e:
6c:5e:20:97:90:81:68:b7:7c:0a:ef:85:ae:eb:c4:
98:3a:8b:84:54:8a:f1:1d:ef:87:96:2b:7a:39:48:
30:80:af:65:08:b6:c1:7d:e5:1f:7b:73:55:9d:2a:
cd:ec:c3:9d:cc:eb:06:6d:86:ac:57:ff:87:21:d0:
0a:30:14:46:90:8a:c8:71:a5:9a:76:00:42:4f:44:
e0:d5:1e:40:6a:f3:0d:9b:52:a4:4f:58:e5:42:a1:
f5:1b:2d:03:5e:2d:56:6b:f9:11:bd:0e:91:2e:1b:
54:b5:c1:76:ef:62:a2:63:97:fa:2b:1a:95:67:fd:
4d:37:7c:f0:44:be:2d:a7:80:e4:46:3e:5a:db:e8:
5f:c5:11:eb:8c:6c:b1:45:b1:64:7e:5a:b7:5e:62:
36:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:81:48:A3:5C:C5:4D:AF:1F:48:51:4E:FC:57:84:37:30:51:28:5C
X509v3 Authority Key Identifier:
keyid:1F:61:AA:5D:1B:EF:D7:A0:FE:3E:4D:FE:3A:A8:DA:73:EF:CF:BA:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2GqXRvv16D-Pk3-Oqjac-_PujQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/PIFIo1zFTa8fSFFO_FeENzBRKFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/0ad414-3df1-4b38-869e-c621e8df95ff/1/H2GqXRvv16D-Pk3-Oqjac-_PujQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.205.0/24
Signature Algorithm: sha256WithRSAEncryption
29:e8:c6:ae:1e:38:b1:9a:4d:56:3e:4c:31:9a:01:cc:05:fc:
83:53:84:12:98:2f:cf:d3:2e:86:b4:8f:4f:99:48:82:00:44:
52:b5:82:92:40:a4:56:ac:84:3b:78:e0:82:56:8a:07:b6:d5:
02:9b:47:a8:a5:a2:98:4f:de:98:33:7d:55:96:55:3c:54:42:
78:91:0c:1c:17:92:99:47:08:48:a6:ed:bc:0e:b8:c9:74:d6:
8e:eb:cd:f9:ad:75:f2:18:11:ce:28:56:60:6a:8c:93:58:c6:
88:a3:c9:1d:78:3d:36:d9:fb:90:f9:00:34:6f:a3:63:d1:54:
1d:c7:15:94:c8:93:5a:9f:e8:1d:84:74:21:c6:ac:cf:30:31:
6f:66:cd:7c:ff:96:ff:5f:8f:1d:7b:6a:31:65:3f:65:84:65:
d6:98:aa:c0:66:d7:0b:3d:9f:3e:0e:0d:97:83:70:a1:7e:48:
5c:35:5d:62:19:bb:b1:f9:bc:a0:f7:08:83:24:fd:2a:d8:4a:
e5:b8:0e:e2:51:f7:33:3a:cb:b5:eb:6b:91:ee:56:e3:c3:73:
73:8f:2f:fe:8a:4e:32:77:3f:e4:29:da:e0:b1:da:d7:b5:7e:
f6:64:1c:ff:e3:c6:e7:00:54:42:09:a1:38:ff:00:2e:4e:40:
95:31:25:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZPkaYhILd3/7YhiEVpbWvPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjFhYTVkMWJlZmQ3YTBmZTNlNGRmZTNhYThkYTczZWZj
ZmJhMzQwHhcNMjMwMjE0MTA1NjMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzgxNDhhMzVjYzU0ZGFmMWY0ODUxNGVmYzU3ODQzNzMwNTEyODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbiP3pD+jSQDq84e8xSdAqBopxgV
YtmPbfh31jq2yw4qvT9irpdEGSddY65HfBNzX4ICRzLfe7VkdmROwxKsNXYl+k8q
Tz1sec1hWex2h5pLaVpWiZRnykZ64PYxSLlOVd0LWuEksU5sXiCXkIFot3wK74Wu
68SYOouEVIrxHe+Hlit6OUgwgK9lCLbBfeUfe3NVnSrN7MOdzOsGbYasV/+HIdAK
MBRGkIrIcaWadgBCT0Tg1R5AavMNm1KkT1jlQqH1Gy0DXi1Wa/kRvQ6RLhtUtcF2
72KiY5f6KxqVZ/1NN3zwRL4tp4DkRj5a2+hfxRHrjGyxRbFkflq3XmI20wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDyBSKNcxU2vH0hRTvxXhDcwUShcMB8GA1UdIwQY
MBaAFB9hql0b79eg/j5N/jqo2nPvz7o0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUt
YzYyMWU4ZGY5NWZmLzEvUElGSW8xekZUYThmU0ZGT19GZUVOekJSS0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy8wYWQ0MTQtM2RmMS00YjM4LTg2OWUtYzYyMWU4ZGY5NWZm
LzEvSDJHcVhSdnYxNkQtUGszLU9xamFjLV9QdWpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV/NMA0G
CSqGSIb3DQEBCwUAA4IBAQAp6MauHjixmk1WPkwxmgHMBfyDU4QSmC/P0y6GtI9P
mUiCAERStYKSQKRWrIQ7eOCCVooHttUCm0eopaKYT96YM31VllU8VEJ4kQwcF5KZ
RwhIpu28DrjJdNaO6835rXXyGBHOKFZgaoyTWMaIo8kdeD022fuQ+QA0b6Nj0VQd
xxWUyJNan+gdhHQhxqzPMDFvZs18/5b/X48de2oxZT9lhGXWmKrAZtcLPZ8+Dg2X
g3ChfkhcNV1iGbux+byg9wiDJP0q2ErluA7iUfczOsu162uR7lbjw3Nzjy/+ik4y
dz/kKdrgsdrXtX72ZBz/48bnAFRCCaE4/wAuTkCVMSUB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:48 2025 by rpki-client