Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-Knx9m057mbTUhFOhBl1Cguf7tY.roa
File: 1-Knx9m057mbTUhFOhBl1Cguf7tY.roa (raw, json)
Hash identifier: ocJqSjgzusCYLn8fkmKTORlRFVkwYnJajE0INRXV5VU=
Subject key identifier: F8:A9:F1:F6:6D:39:EE:66:D3:52:11:4E:84:19:75:0A:0B:9F:EE:D6
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 388E332A
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-Knx9m057mbTUhFOhBl1Cguf7tY.roa
Signing time: Tue 17 May 2022 05:11:31 +0000
ROA not before: Tue 17 May 2022 05:11:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20911
IP address blocks: 95.111.120.0/21 maxlen: 21
95.111.125.0/24 maxlen: 24
95.111.121.0/24 maxlen: 24
95.111.122.0/24 maxlen: 24
95.111.123.0/24 maxlen: 24
95.111.124.0/24 maxlen: 24
95.111.120.0/24 maxlen: 24
95.111.126.0/24 maxlen: 24
95.111.127.0/24 maxlen: 24
78.90.252.0/24 maxlen: 24
78.90.248.0/24 maxlen: 24
78.90.251.0/24 maxlen: 24
78.90.250.0/24 maxlen: 24
78.90.253.0/24 maxlen: 24
78.90.249.0/24 maxlen: 24
78.90.248.0/21 maxlen: 21
78.90.255.0/24 maxlen: 24
78.90.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948843306 (0x388e332a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: May 17 05:11:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8a9f1f66d39ee66d352114e8419750a0b9feed6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ff:7b:cf:91:b3:84:bc:54:10:49:de:69:f8:
3a:4d:bf:6b:af:71:75:d7:f7:8b:63:d6:f1:be:12:
27:d0:cd:6a:8a:6d:0a:cf:40:95:2d:97:eb:36:08:
8e:3d:99:6a:61:07:a9:aa:b7:69:77:dc:0b:59:2b:
7d:13:54:e6:11:8b:71:9b:99:95:74:78:89:c7:b4:
74:ca:ec:d7:6b:df:d6:84:5f:d9:76:38:f5:4c:8a:
87:29:1a:37:8e:07:70:fd:d3:a2:fe:a7:ca:4e:e0:
84:da:7d:96:a2:9a:f4:29:60:1c:a8:ae:bf:69:77:
b7:75:99:35:8b:00:f6:04:30:ba:09:a0:ca:fe:51:
a1:15:7c:b9:14:a0:85:80:de:64:f1:ca:b1:0b:b1:
fc:cd:c3:0e:bd:91:57:c6:66:f3:16:c5:6a:97:b7:
a7:ec:a5:64:4c:eb:91:e8:1f:35:0c:af:75:09:f7:
38:66:47:25:f0:a0:e4:3b:86:3b:98:f4:82:18:35:
7d:c5:fb:07:49:d8:17:00:05:e6:96:6f:e8:32:10:
7b:ef:4d:1b:cb:52:3c:87:f1:e0:70:3c:89:d0:d2:
6a:ef:6e:a2:2b:da:cf:87:5c:b1:06:04:81:d5:ff:
6a:60:09:28:1b:4d:69:aa:72:ed:bd:03:ea:e2:3b:
28:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:A9:F1:F6:6D:39:EE:66:D3:52:11:4E:84:19:75:0A:0B:9F:EE:D6
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/1-Knx9m057mbTUhFOhBl1Cguf7tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.90.248.0/21
95.111.120.0/21
Signature Algorithm: sha256WithRSAEncryption
14:32:25:18:c8:86:32:9d:25:63:6e:7f:db:61:ee:94:bc:d0:
19:fa:a4:f4:2d:38:a0:0c:20:27:bc:7e:fa:a1:ff:80:e7:65:
4b:75:5a:44:31:63:20:37:00:ca:64:39:36:97:14:e9:e4:6a:
af:04:c1:c9:16:45:37:95:7b:69:10:a2:15:27:f7:c2:2f:fa:
94:7d:92:e6:f6:b7:44:83:36:f7:5f:66:96:6d:87:06:3f:4b:
2d:79:58:15:d6:bf:8c:be:da:4f:a5:ec:32:6a:4c:40:ee:9b:
ad:0f:74:71:ad:f1:1a:1e:cb:f0:ec:2c:88:9c:eb:83:35:e5:
07:61:24:b0:23:ca:f8:10:13:31:31:f7:74:b5:91:d5:e7:66:
bb:74:aa:0a:c6:8a:be:df:e2:73:45:1b:f7:07:40:c8:7c:7f:
74:a8:97:93:6d:ae:cf:af:b7:eb:c8:48:51:8d:aa:5b:f3:8e:
c4:35:3d:9a:71:41:3b:a4:17:76:e8:b5:79:14:9c:c6:88:ab:
63:7a:ac:65:b8:22:12:e9:e9:3e:c1:d4:e4:82:fd:31:c0:02:
db:7e:81:a7:64:16:c3:62:57:67:9c:aa:aa:21:64:27:9f:da:
4f:b4:9f:ea:b9:a6:42:f6:04:d3:c9:ad:23:05:95:07:0c:82:
21:f9:5a:97
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEOI4zKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
NzA1MTEzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjhhOWYxZjY2ZDM5
ZWU2NmQzNTIxMTRlODQxOTc1MGEwYjlmZWVkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANH/e8+Rs4S8VBBJ3mn4Ok2/a69xddf3i2PW8b4SJ9DNaopt
Cs9AlS2X6zYIjj2ZamEHqaq3aXfcC1krfRNU5hGLcZuZlXR4ice0dMrs12vf1oRf
2XY49UyKhykaN44HcP3Tov6nyk7ghNp9lqKa9ClgHKiuv2l3t3WZNYsA9gQwugmg
yv5RoRV8uRSghYDeZPHKsQux/M3DDr2RV8Zm8xbFape3p+ylZEzrkegfNQyvdQn3
OGZHJfCg5DuGO5j0ghg1fcX7B0nYFwAF5pZv6DIQe+9NG8tSPIfx4HA8idDSau9u
oivaz4dcsQYEgdX/amAJKBtNaapy7b0D6uI7KNkCAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT4qfH2bTnuZtNSEU6EGXUKC5/u1jAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
LzEtS254OW0wNTdtYlRVaEZPaEJsMUNndWY3dFkucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzA5
LzU0MWMwNS04ZDdkLTQyYjgtYWIwMC03ZmJiYWU2Zjk0MzcvMS9CVWpPM3hjQ250
bUtFSUVUeHNFSjdLek5ndXcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBANOWvgDBANfb3gwDQYJKoZIhvcN
AQELBQADggEBABQyJRjIhjKdJWNuf9th7pS80Bn6pPQtOKAMICe8fvqh/4DnZUt1
WkQxYyA3AMpkOTaXFOnkaq8EwckWRTeVe2kQohUn98Iv+pR9kub2t0SDNvdfZpZt
hwY/Sy15WBXWv4y+2k+l7DJqTEDum60PdHGt8Roey/DsLIic64M15QdhJLAjyvgQ
EzEx93S1kdXnZrt0qgrGir7f4nNFG/cHQMh8f3Sol5Ntrs+vt+vISFGNqlvzjsQ1
PZpxQTukF3botXkUnMaIq2N6rGW4IhLp6T7B1OSC/THAAtt+gadkFsNiV2ecqqoh
ZCef2k+0n+q5pkL2BNPJrSMFlQcMgiH5Wpc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:51 2024 by rpki-client on console-ams.rpki-client.org