Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/iG9t2bNellKlBRYkNL7IIKJ6tww.roa
File: iG9t2bNellKlBRYkNL7IIKJ6tww.roa (raw, json)
Hash identifier: 3EysRpiNTfV2ZyeakqIgopTiO725Q07I/AONhEef2I4=
Subject key identifier: 88:6F:6D:D9:B3:5E:96:52:A5:05:16:24:34:BE:C8:20:A2:7A:B7:0C
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0189CC5D1195A4AE54B53A380F62BA51EEB4
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/iG9t2bNellKlBRYkNL7IIKJ6tww.roa
Signing time: Sun 06 Aug 2023 19:39:58 +0000
ROA not before: Sun 06 Aug 2023 19:39:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207911
IP address blocks: 95.161.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cc:5d:11:95:a4:ae:54:b5:3a:38:0f:62:ba:51:ee:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Aug 6 19:39:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=886f6dd9b35e9652a505162434bec820a27ab70c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:ab:41:25:39:9e:d8:9f:db:92:a8:3d:34:51:
43:bf:1d:0d:ed:ce:43:ef:ef:7b:41:69:4e:bc:8c:
2a:04:fb:9b:69:6e:68:2d:39:68:dd:d0:26:eb:cf:
2b:35:a7:c0:b4:ca:dc:99:72:1b:ec:94:0f:a9:8e:
b1:ee:a1:c4:3d:a8:11:48:9a:04:bb:5a:d1:e7:a1:
31:c5:64:67:cb:37:9a:58:ff:bc:12:08:96:8e:89:
1e:6b:6c:ea:fd:85:77:a4:90:c1:2f:ab:b4:e7:0a:
b6:6c:50:4b:85:bd:03:1c:80:b9:fc:f0:de:83:4f:
d1:57:46:fd:d1:4a:8b:05:0e:50:15:c8:f0:cb:20:
2d:76:0f:e9:b7:93:51:20:6c:9d:19:5c:af:f1:80:
93:ac:65:46:3e:7b:ca:14:51:1f:35:97:36:ac:f9:
70:58:be:45:d3:2a:d5:1f:d2:e1:5d:e8:1f:53:28:
42:55:03:7f:c4:60:be:f5:cc:bc:f3:8c:ae:fc:2a:
60:97:d8:db:1a:48:b6:5a:c5:80:cf:b4:fa:10:31:
bf:b2:17:14:46:c5:43:75:43:32:e1:d3:38:68:a5:
85:bb:68:1d:18:9c:d0:9b:65:4a:1c:07:3b:d7:6b:
48:f1:df:9a:ce:fc:52:ca:8a:32:7f:27:9a:87:59:
23:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:6F:6D:D9:B3:5E:96:52:A5:05:16:24:34:BE:C8:20:A2:7A:B7:0C
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/iG9t2bNellKlBRYkNL7IIKJ6tww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.161.240.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ca:8b:e8:91:ed:f6:6e:6c:07:91:70:09:4e:92:af:b5:b7:
b7:27:89:cb:c3:a2:ce:61:ef:85:7f:4c:3e:19:38:4a:cc:5a:
99:a4:36:00:d2:ef:92:3a:4e:21:0d:46:57:da:8c:e0:ca:f7:
a7:b2:6f:3f:44:49:bb:c0:fc:73:0f:25:aa:a7:8f:12:5c:14:
d3:be:cb:df:de:68:b3:b7:cf:59:c3:b1:e2:ef:6e:96:55:73:
54:f1:62:12:04:76:ee:8e:23:a9:94:e6:8b:73:37:62:ed:a5:
62:6c:5e:32:c3:ee:30:f0:65:b1:83:62:5f:ea:bf:dd:a4:2e:
53:44:dc:5f:5e:4e:80:6e:6c:55:11:95:96:b4:2b:da:95:ed:
08:9b:38:f2:88:9c:b7:a1:47:4b:77:61:91:fa:4b:e8:69:55:
84:95:d6:dc:c2:1a:76:41:ce:ac:28:61:11:bb:df:c8:8c:ff:
78:e7:37:62:3e:d7:2f:64:1b:f0:c8:bd:dc:98:cf:d3:ad:dc:
2a:8a:8e:36:d4:d5:48:32:28:a0:1e:fc:b9:b3:80:eb:6f:b5:
05:b2:f6:35:a6:94:0f:75:3d:d2:e9:c3:7c:9a:ca:c4:bf:d5:
08:fd:15:96:66:77:ab:4a:ad:e0:17:7a:df:e6:18:07:61:20:
ef:cc:98:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnMXRGVpK5UtTo4D2K6Ue60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMwODA2MTkzOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODZmNmRkOWIzNWU5NjUyYTUwNTE2MjQzNGJlYzgyMGEyN2FiNzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiatBJTme2J/bkqg9NFFDvx0N7c5D
7+97QWlOvIwqBPubaW5oLTlo3dAm688rNafAtMrcmXIb7JQPqY6x7qHEPagRSJoE
u1rR56ExxWRnyzeaWP+8EgiWjokea2zq/YV3pJDBL6u05wq2bFBLhb0DHIC5/PDe
g0/RV0b90UqLBQ5QFcjwyyAtdg/pt5NRIGydGVyv8YCTrGVGPnvKFFEfNZc2rPlw
WL5F0yrVH9LhXegfUyhCVQN/xGC+9cy884yu/Cpgl9jbGki2WsWAz7T6EDG/shcU
RsVDdUMy4dM4aKWFu2gdGJzQm2VKHAc712tI8d+azvxSyooyfyeah1kjMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhvbdmzXpZSpQUWJDS+yCCiercMMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvaUc5dDJiTmVsbEtsQlJZa05MN0lJS0o2dHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6HwMA0G
CSqGSIb3DQEBCwUAA4IBAQBryovoke32bmwHkXAJTpKvtbe3J4nLw6LOYe+Ff0w+
GThKzFqZpDYA0u+SOk4hDUZX2ozgyvensm8/REm7wPxzDyWqp48SXBTTvsvf3miz
t89Zw7Hi726WVXNU8WISBHbujiOplOaLczdi7aVibF4yw+4w8GWxg2Jf6r/dpC5T
RNxfXk6AbmxVEZWWtCvale0ImzjyiJy3oUdLd2GR+kvoaVWEldbcwhp2Qc6sKGER
u9/IjP945zdiPtcvZBvwyL3cmM/Trdwqio421NVIMiigHvy5s4Drb7UFsvY1ppQP
dT3S6cN8msrEv9UI/RWWZnerSq3gF3rf5hgHYSDvzJie
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:21:57 2025 by rpki-client