Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/U99WSjor5L98TNeZmCDMAYIbCUY.roa
File: U99WSjor5L98TNeZmCDMAYIbCUY.roa (raw, json)
Hash identifier: 3e1Te2E80U7cD0DtchjOiwHNngsCPt/nXf/A9BY3xpU=
Subject key identifier: 53:DF:56:4A:3A:2B:E4:BF:7C:4C:D7:99:98:20:CC:01:82:1B:09:46
Certificate issuer: /CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Certificate serial: 42556F11
Authority key identifier: 6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/U99WSjor5L98TNeZmCDMAYIbCUY.roa
Signing time: Sat 01 Jan 2022 06:58:51 +0000
ROA not before: Sat 01 Jan 2022 06:58:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57793
IP address blocks: 95.131.81.0/24 maxlen: 24
95.131.82.0/23 maxlen: 24
95.131.84.0/22 maxlen: 24
2a02:ef8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1112895249 (0x42556f11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Validity
Not Before: Jan 1 06:58:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53df564a3a2be4bf7c4cd7999820cc01821b0946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:19:66:71:95:cf:f4:ea:ea:5e:a1:90:66:5c:
c8:56:f8:e3:1a:54:01:5a:62:69:1c:62:89:62:7e:
47:5c:b8:c0:2b:d2:38:a4:93:27:73:f8:eb:e4:f2:
03:b1:fa:2f:b9:7c:ca:6b:5e:ec:38:e5:bf:66:0d:
cf:f0:d6:c5:7b:de:6e:a6:92:7a:bf:dd:8a:7e:68:
81:62:07:cb:f7:84:71:f7:3c:54:7b:0d:55:3d:44:
c8:37:9d:87:d5:e8:a4:b9:84:57:90:d9:66:05:6e:
fe:85:dd:b7:46:66:02:a2:8b:fa:e2:3b:e3:05:5e:
9b:08:08:12:b6:12:55:e6:36:04:0b:f7:f4:ca:39:
c1:09:ca:b2:7a:c7:90:27:6b:d3:1f:e9:d9:31:ab:
25:be:ee:b3:ca:d0:66:34:00:e6:52:c3:5a:3a:3a:
74:51:02:ff:38:ae:a6:e3:10:b4:5c:0f:ec:fc:5e:
63:f8:1e:b5:b3:4a:84:a2:51:15:e6:f8:71:dc:e5:
bb:87:a0:83:63:7d:f6:9a:de:64:a2:e2:28:49:a0:
b7:6b:0b:85:82:2f:f7:f1:2c:f0:c5:ad:87:37:3f:
2f:f1:1d:c8:15:13:07:93:60:3f:e7:0c:c0:54:3a:
a5:d7:61:59:43:ee:72:89:75:d5:d1:ae:98:d4:a4:
8e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:DF:56:4A:3A:2B:E4:BF:7C:4C:D7:99:98:20:CC:01:82:1B:09:46
X509v3 Authority Key Identifier:
keyid:6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/U99WSjor5L98TNeZmCDMAYIbCUY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/bkBn13v-qZ3yXOXgipIT0RKAFM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.81.0-95.131.87.255
IPv6:
2a02:ef8::/32
Signature Algorithm: sha256WithRSAEncryption
49:93:79:93:d5:4c:98:39:c9:1e:a4:43:6b:96:e6:b1:87:04:
ab:1f:f2:d3:47:ea:79:d6:66:45:e2:40:28:33:03:60:50:c7:
3a:72:d4:f4:ae:3c:1d:02:64:6e:2f:47:e4:ee:75:0c:14:63:
51:fe:f5:04:fb:b2:ac:d9:c3:26:a6:88:6c:9b:49:03:b9:46:
53:5a:be:89:f2:4e:ce:47:01:44:b4:71:fd:95:92:58:83:fd:
1d:5a:3c:1a:8a:f0:dc:f8:6c:9b:0e:2a:b3:9c:4f:88:cc:84:
49:ad:19:55:bf:55:f7:a3:ad:24:0c:d9:26:a6:44:67:b8:3f:
6f:15:b8:07:0d:51:c7:6e:38:37:e9:2b:10:34:cf:87:f6:cb:
d4:33:85:c7:82:05:d2:4e:7f:fd:48:6f:77:59:03:2b:b3:0c:
87:a3:a2:c2:42:32:ad:3d:b5:f7:0d:c9:ab:7d:f5:0e:38:39:
a0:d3:6a:10:bc:42:32:96:95:32:0b:17:1d:38:d3:ef:55:57:
b8:38:fb:18:13:cb:e9:81:ca:70:d9:9f:69:69:5f:55:a4:33:
96:94:5d:08:bf:48:d9:68:5e:19:fc:ed:6d:84:6a:93:e9:d1:
75:5d:6c:af:d3:7a:bd:e3:b6:15:37:b1:e2:67:35:30:7e:fd:
4e:d1:d7:0f
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEQlVvETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTQwNjdkNzdiZmVhOTlkZjI1Y2U1ZTA4YTkyMTNkMTEyODAxNGNmMB4XDTIyMDEw
MTA2NTg1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNkZjU2NGEzYTJi
ZTRiZjdjNGNkNzk5OTgyMGNjMDE4MjFiMDk0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOkZZnGVz/Tq6l6hkGZcyFb44xpUAVpiaRxiiWJ+R1y4wCvS
OKSTJ3P46+TyA7H6L7l8ymte7Djlv2YNz/DWxXvebqaSer/din5ogWIHy/eEcfc8
VHsNVT1EyDedh9XopLmEV5DZZgVu/oXdt0ZmAqKL+uI74wVemwgIErYSVeY2BAv3
9Mo5wQnKsnrHkCdr0x/p2TGrJb7us8rQZjQA5lLDWjo6dFEC/ziupuMQtFwP7Pxe
Y/getbNKhKJRFeb4cdzlu4egg2N99preZKLiKEmgt2sLhYIv9/Es8MWthzc/L/Ed
yBUTB5NgP+cMwFQ6pddhWUPucol11dGumNSkjl0CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBRT31ZKOivkv3xM15mYIMwBghsJRjAfBgNVHSMEGDAWgBRuQGfXe/6pnfJc
5eCKkhPREoAUzzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JrQm4xM3YtcVozeVhPWGdpcElUMFJLQUZNOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvNTg5ZWNhLTNmMTktNGUyMy1hM2ZiLTMzMDNmNzE2MjJmOS8x
L1U5OVdTam9yNUw5OFROZVptQ0RNQVlJYkNVWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
NTg5ZWNhLTNmMTktNGUyMy1hM2ZiLTMzMDNmNzE2MjJmOS8xL2JrQm4xM3YtcVoz
eVhPWGdpcElUMFJLQUZNOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQAX4NRAwQDX4NQMA0EAgACMAcD
BQAqAg74MA0GCSqGSIb3DQEBCwUAA4IBAQBJk3mT1UyYOckepENrluaxhwSrH/LT
R+p51mZF4kAoMwNgUMc6ctT0rjwdAmRuL0fk7nUMFGNR/vUE+7Ks2cMmpohsm0kD
uUZTWr6J8k7ORwFEtHH9lZJYg/0dWjwaivDc+GybDiqznE+IzIRJrRlVv1X3o60k
DNkmpkRnuD9vFbgHDVHHbjg36SsQNM+H9svUM4XHggXSTn/9SG93WQMrswyHo6LC
QjKtPbX3DcmrffUOODmg02oQvEIylpUyCxcdONPvVVe4OPsYE8vpgcpw2Z9paV9V
pDOWlF0Iv0jZaF4Z/O1thGqT6dF1XWyv03q947YVN7HiZzUwfv1O0dcP
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:17:04 2025 by rpki-client