Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/_C4uA3Uu3C1vFTHuL6F8xhm7r38.roa
File: _C4uA3Uu3C1vFTHuL6F8xhm7r38.roa (raw, json)
Hash identifier: lv6TI+/1ig10OrNJiKJN3geHSTXUkbFYmOA4ZOoIbz0=
Subject key identifier: FC:2E:2E:03:75:2E:DC:2D:6F:15:31:EE:2F:A1:7C:C6:19:BB:AF:7F
Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Certificate serial: 237502
Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/_C4uA3Uu3C1vFTHuL6F8xhm7r38.roa
Signing time: Sat 01 Jan 2022 00:54:10 +0000
ROA not before: Sat 01 Jan 2022 00:54:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50611
IP address blocks: 185.95.96.0/23 maxlen: 24
185.95.98.0/23 maxlen: 24
2a00:1c3e:96::/47 maxlen: 48
2a00:1c3e:98::/47 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2323714 (0x237502)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Validity
Not Before: Jan 1 00:54:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc2e2e03752edc2d6f1531ee2fa17cc619bbaf7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:81:36:30:79:3f:24:40:60:02:cd:96:f7:67:
54:17:7f:aa:e7:1d:ed:b1:e8:9e:e2:0c:5c:b4:12:
b9:16:a9:16:cc:42:e8:41:59:d8:2f:22:72:cd:cb:
a6:72:c7:b0:7b:57:b6:b4:16:da:ef:ee:4d:b9:46:
79:6c:35:f7:1a:d0:16:ec:8a:02:76:48:17:eb:78:
4f:d8:33:37:93:17:58:f2:8f:8a:4b:09:c1:79:06:
70:af:a3:de:76:ba:22:81:d5:64:74:1e:5d:a2:ab:
77:98:bf:67:b6:87:40:33:5b:d1:58:30:c0:d3:cc:
e0:13:71:a2:a0:8a:7e:b1:72:fb:cf:8e:a3:35:a7:
59:85:80:33:6a:12:48:dc:b1:eb:df:d7:55:61:7b:
f9:3f:0c:27:59:ce:18:bf:fd:37:a6:97:70:fd:f0:
fd:2e:f8:f3:5a:7f:58:5d:15:28:c2:7e:61:13:df:
00:06:20:09:75:fe:4d:c1:66:7e:29:ff:d8:d7:17:
9b:df:50:02:53:33:8d:ad:bd:2b:65:bd:51:98:4e:
94:57:23:25:50:12:e5:94:33:83:52:5a:aa:ce:f9:
3a:b2:19:27:97:d8:f5:e4:b0:fe:c3:d9:0f:77:da:
c6:41:07:91:10:84:5f:cf:c2:10:ab:27:02:26:a9:
ce:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:2E:2E:03:75:2E:DC:2D:6F:15:31:EE:2F:A1:7C:C6:19:BB:AF:7F
X509v3 Authority Key Identifier:
keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/_C4uA3Uu3C1vFTHuL6F8xhm7r38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.96.0/22
IPv6:
2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
28:a4:ec:36:0b:bf:96:23:82:8e:84:21:f3:2d:43:7f:7e:8e:
f0:ee:0f:a2:b1:a4:1a:30:83:08:d4:1b:14:19:b1:85:36:b0:
b8:bf:8f:e4:76:39:00:48:48:b3:ab:49:a7:22:1a:15:2f:38:
6f:72:ec:d5:05:62:71:fd:29:83:d1:16:81:f9:11:9d:e3:90:
43:2a:31:58:4e:ac:9c:f1:46:0c:7f:b2:92:48:ef:58:19:a3:
5a:02:55:1b:03:61:02:1a:60:5e:e4:58:7f:c9:54:3a:11:d0:
8e:02:27:07:53:21:0b:05:bc:64:14:50:8f:58:73:a8:88:2f:
32:ab:74:34:c0:49:77:16:4c:56:bb:0d:36:7c:08:d5:a2:61:
5f:21:d7:32:ee:3a:bd:80:7d:89:c8:59:85:e1:fb:ff:d3:f2:
98:39:40:3a:7f:c6:bb:c2:c5:ba:c4:9f:cd:ba:8a:26:5b:2d:
21:b2:27:e8:ac:d6:19:1f:e8:d3:20:d3:de:b4:37:d7:19:e5:
de:f3:5e:87:b3:2a:c8:13:ce:65:ed:2f:e7:98:f2:fc:fe:c0:
be:c4:f1:8d:eb:f2:27:9a:cf:55:35:16:55:74:84:e0:f0:c5:
18:73:86:51:ae:9b:b0:9d:40:ee:65:5e:2a:1f:c1:cb:51:e2:
ab:10:9c:27
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIDI3UCMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVl
ZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIyZWNmOTMwHhcNMjIwMTAx
MDA1NDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmYzJlMmUwMzc1MmVk
YzJkNmYxNTMxZWUyZmExN2NjNjE5YmJhZjdmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAy4E2MHk/JEBgAs2W92dUF3+q5x3tseie4gxctBK5FqkWzELo
QVnYLyJyzcumcsewe1e2tBba7+5NuUZ5bDX3GtAW7IoCdkgX63hP2DM3kxdY8o+K
SwnBeQZwr6PedroigdVkdB5doqt3mL9ntodAM1vRWDDA08zgE3GioIp+sXL7z46j
NadZhYAzahJI3LHr39dVYXv5PwwnWc4Yv/03ppdw/fD9LvjzWn9YXRUown5hE98A
BiAJdf5NwWZ+Kf/Y1xeb31ACUzONrb0rZb1RmE6UVyMlUBLllDODUlqqzvk6shkn
l9j15LD+w9kPd9rGQQeREIRfz8IQqycCJqnOZwIDAQABo4ICJTCCAiEwHQYDVR0O
BBYEFPwuLgN1LtwtbxUx7i+hfMYZu69/MB8GA1UdIwQYMBaAFF7gBL76VT3bNVZP
t3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0LzEv
X0M0dUEzVXUzQzF2RlRIdUw2Rjh4aG03cjM4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8z
YzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0LzEvWHVBRXZ2cFZQZHMx
VmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDsG
CCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoEAgACMBQwEgMHASoAHD4A
lgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEAKKTsNgu/liOCjoQh8y1Df36O
8O4PorGkGjCDCNQbFBmxhTawuL+P5HY5AEhIs6tJpyIaFS84b3Ls1QVicf0pg9EW
gfkRneOQQyoxWE6snPFGDH+ykkjvWBmjWgJVGwNhAhpgXuRYf8lUOhHQjgInB1Mh
CwW8ZBRQj1hzqIgvMqt0NMBJdxZMVrsNNnwI1aJhXyHXMu46vYB9ichZheH7/9Py
mDlAOn/Gu8LFusSfzbqKJlstIbIn6KzWGR/o0yDT3rQ31xnl3vNeh7MqyBPOZe0v
55jy/P7AvsTxjevyJ5rPVTUWVXSE4PDFGHOGUa6bsJ1A7mVeKh/By1HiqxCcJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:14 2024 by rpki-client on console-ams.rpki-client.org