Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/iwvycKMbUofjEQIaJOGxdWCbghQ.roa
File: iwvycKMbUofjEQIaJOGxdWCbghQ.roa (raw, json)
Hash identifier: /TtVfKl+h4qCRUOB//p0rFRm6LDFkgI73PpBtlxewXc=
Subject key identifier: 8B:0B:F2:70:A3:1B:52:87:E3:11:02:1A:24:E1:B1:75:60:9B:82:14
Certificate issuer: /CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Certificate serial: 0189CC5C26CE714CF03FD9F96169187FB82D
Authority key identifier: 62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/iwvycKMbUofjEQIaJOGxdWCbghQ.roa
Signing time: Sun 06 Aug 2023 19:38:58 +0000
ROA not before: Sun 06 Aug 2023 19:38:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39598
IP address blocks: 95.161.125.0/24 maxlen: 24
95.161.127.0/24 maxlen: 24
95.161.248.0/21 maxlen: 21
95.161.95.0/24 maxlen: 24
95.161.0.0/18 maxlen: 24
2a00:11d8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:cc:5c:26:ce:71:4c:f0:3f:d9:f9:61:69:18:7f:b8:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6228e7e01fada49c1a52fa13f3626c41b41a51b8
Validity
Not Before: Aug 6 19:38:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b0bf270a31b5287e311021a24e1b175609b8214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:c5:0b:28:4b:15:e1:09:b9:f3:6a:3d:17:02:
41:c1:da:53:f1:39:8c:f2:75:f4:a0:e9:3e:dc:03:
38:8f:3a:1a:be:e9:6a:35:66:0e:25:cd:f2:63:a7:
86:63:72:68:90:94:3e:33:dd:eb:17:59:86:b0:72:
10:98:a7:41:d7:9c:ec:89:a7:83:66:4e:70:ec:ef:
3b:db:f6:a4:0e:20:69:8c:0d:29:90:ac:e0:8d:b3:
d3:f8:09:da:68:90:9a:f1:a7:6c:1b:e6:06:4f:24:
b8:05:bf:53:63:b7:8e:60:b9:ff:f1:42:ba:79:95:
ef:77:4b:21:88:5a:1d:8f:cd:34:db:17:a2:5d:99:
b9:9f:03:c7:20:fe:6e:ac:20:07:bb:c5:55:b5:30:
52:8e:c4:50:b9:96:0e:cb:52:98:13:58:c8:25:2a:
f2:f1:73:27:d2:d6:c0:aa:51:b8:82:df:dc:c8:9b:
91:63:c1:ce:30:da:e6:29:e3:e8:e3:aa:58:f3:7c:
36:4e:75:b4:2e:17:55:1a:99:04:c5:53:16:3c:a8:
5d:b0:bb:7f:4f:e9:ed:f8:20:60:02:85:46:4e:04:
1a:ac:42:ec:be:f2:5a:a0:90:cc:9d:e2:1d:49:8b:
ff:24:f8:e9:7c:1f:6e:c1:4f:a1:a3:52:60:a5:6b:
fd:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:0B:F2:70:A3:1B:52:87:E3:11:02:1A:24:E1:B1:75:60:9B:82:14
X509v3 Authority Key Identifier:
keyid:62:28:E7:E0:1F:AD:A4:9C:1A:52:FA:13:F3:62:6C:41:B4:1A:51:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yijn4B-tpJwaUvoT82JsQbQaUbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/iwvycKMbUofjEQIaJOGxdWCbghQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/baaff3-aeb4-4616-8fb5-76741652510d/1/Yijn4B-tpJwaUvoT82JsQbQaUbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.161.0.0/18
95.161.95.0/24
95.161.125.0/24
95.161.127.0/24
95.161.248.0/21
IPv6:
2a00:11d8::/32
Signature Algorithm: sha256WithRSAEncryption
59:70:62:86:fb:b0:40:2f:d9:97:f0:a8:b0:9c:a7:39:65:57:
d9:1f:56:8f:7d:7d:22:1f:67:ba:01:9c:0e:28:87:a3:97:dd:
49:2e:2e:be:c8:32:86:bf:d0:cf:6e:49:f6:07:38:db:c4:03:
82:27:cf:32:24:28:3b:81:25:a1:1d:48:a3:f0:c3:04:fa:1a:
de:be:3b:d6:fb:a6:a8:1e:44:ee:7c:f9:b8:46:cd:40:82:ca:
00:15:18:70:9f:d1:f1:96:98:e5:dd:93:80:2d:ea:32:8d:1d:
68:08:00:fe:04:8c:91:28:6a:83:ae:a6:c9:a2:36:b9:aa:65:
23:f3:71:60:99:c3:74:ff:48:33:a5:42:86:d4:5c:71:40:a1:
02:07:44:5a:f0:36:7d:29:1b:04:bd:b9:58:45:22:68:13:d6:
9b:f1:fc:ad:13:31:7d:b5:df:08:07:37:5c:62:07:e0:b3:b1:
12:c8:76:91:92:56:3f:b9:2e:99:6e:97:6b:f0:9a:f0:b3:80:
37:1f:6c:8a:d0:ea:ce:69:a0:c5:35:b9:59:27:08:59:38:75:
83:f0:04:5e:16:43:4b:c4:c3:4a:93:87:34:4b:c4:fd:a0:dc:
9a:08:d6:f5:91:50:53:22:f0:26:50:31:02:33:b5:2e:db:5c:
58:23:53:89
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYnMXCbOcUzwP9n5YWkYf7gtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjhlN2UwMWZhZGE0OWMxYTUyZmExM2YzNjI2YzQxYjQx
YTUxYjgwHhcNMjMwODA2MTkzODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBiZjI3MGEzMWI1Mjg3ZTMxMTAyMWEyNGUxYjE3NTYwOWI4MjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9sULKEsV4Qm582o9FwJBwdpT8TmM
8nX0oOk+3AM4jzoavulqNWYOJc3yY6eGY3JokJQ+M93rF1mGsHIQmKdB15zsiaeD
Zk5w7O872/akDiBpjA0pkKzgjbPT+AnaaJCa8adsG+YGTyS4Bb9TY7eOYLn/8UK6
eZXvd0shiFodj8002xeiXZm5nwPHIP5urCAHu8VVtTBSjsRQuZYOy1KYE1jIJSry
8XMn0tbAqlG4gt/cyJuRY8HOMNrmKePo46pY83w2TnW0LhdVGpkExVMWPKhdsLt/
T+nt+CBgAoVGTgQarELsvvJaoJDMneIdSYv/JPjpfB9uwU+ho1JgpWv9AwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIsL8nCjG1KH4xECGiThsXVgm4IUMB8GA1UdIwQY
MBaAFGIo5+AfraScGlL6E/NibEG0GlG4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUt
NzY3NDE2NTI1MTBkLzEvaXd2eWNLTWJVb2ZqRVFJYUpPR3hkV0NiZ2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS9iYWFmZjMtYWViNC00NjE2LThmYjUtNzY3NDE2NTI1MTBk
LzEvWWlqbjRCLXRwSndhVXZvVDgySnNRYlFhVWJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGX6EAAwQA
X6FfAwQAX6F9AwQAX6F/AwQDX6H4MA0EAgACMAcDBQAqABHYMA0GCSqGSIb3DQEB
CwUAA4IBAQBZcGKG+7BAL9mX8KiwnKc5ZVfZH1aPfX0iH2e6AZwOKIejl91JLi6+
yDKGv9DPbkn2BzjbxAOCJ88yJCg7gSWhHUij8MME+hrevjvW+6aoHkTufPm4Rs1A
gsoAFRhwn9Hxlpjl3ZOALeoyjR1oCAD+BIyRKGqDrqbJoja5qmUj83FgmcN0/0gz
pUKG1FxxQKECB0Ra8DZ9KRsEvblYRSJoE9ab8fytEzF9td8IBzdcYgfgs7ESyHaR
klY/uS6Zbpdr8Jrws4A3H2yK0OrOaaDFNblZJwhZOHWD8AReFkNLxMNKk4c0S8T9
oNyaCNb1kVBTIvAmUDECM7Uu21xYI1OJ
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:28:36 2025 by rpki-client