Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/lSQ2bGJvEoDxQA6lwa0NOaRpEv4.roa
File: lSQ2bGJvEoDxQA6lwa0NOaRpEv4.roa (raw, json)
Hash identifier: tjbew3INeKlNlC+NxzrFBBnf39W+QSTlMKsjsS9umV0=
Subject key identifier: 95:24:36:6C:62:6F:12:80:F1:40:0E:A5:C1:AD:0D:39:A4:69:12:FE
Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Certificate serial: 2256C7
Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/lSQ2bGJvEoDxQA6lwa0NOaRpEv4.roa
Signing time: Sat 01 Jan 2022 00:54:09 +0000
ROA not before: Sat 01 Jan 2022 00:54:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8561
IP address blocks: 185.95.96.0/23 maxlen: 24
185.95.98.0/23 maxlen: 24
2a00:1c3e:96::/47 maxlen: 48
2a00:1c3e:98::/47 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2250439 (0x2256c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Validity
Not Before: Jan 1 00:54:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9524366c626f1280f1400ea5c1ad0d39a46912fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:8f:fb:2a:a9:93:cf:b1:ae:3e:aa:88:d4:03:
3f:b4:59:43:d2:4b:ed:bb:50:8f:b5:41:94:81:ef:
0a:c6:e7:98:6a:af:c0:40:ab:7c:fd:7b:71:49:38:
57:dc:23:61:7b:e8:eb:75:42:74:1e:93:82:84:15:
25:d7:c8:f5:fd:01:d8:fe:15:98:0b:71:4f:b5:86:
e8:10:6c:6a:f0:59:f7:a4:ba:07:ec:2b:ed:86:da:
0a:f6:dd:e1:a3:42:a5:a1:1b:3c:e1:e8:8e:bf:f1:
55:78:64:d8:ba:f7:3c:25:4c:05:7d:ec:60:4b:f8:
87:8a:24:9a:1e:85:2e:d7:f4:61:a5:cf:14:0a:7f:
96:b5:c5:97:c0:91:64:cd:c0:23:97:68:cd:00:53:
15:e3:01:05:08:03:06:be:4f:0e:47:f3:3f:02:51:
da:6d:86:32:be:c0:45:1e:aa:f9:1d:2d:11:76:bf:
0e:f4:64:8a:07:42:d5:a4:43:53:ea:e1:f8:ca:0b:
5f:5a:eb:2c:5d:bc:4e:80:f5:84:33:85:05:8a:b6:
6d:b6:96:26:3d:aa:ca:ff:89:4a:c5:ea:74:6b:f4:
92:ba:34:89:f1:69:c9:88:e5:d1:f4:08:6c:59:fb:
75:48:8b:97:9a:f7:ad:55:e7:cf:de:46:fd:4d:54:
c9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:24:36:6C:62:6F:12:80:F1:40:0E:A5:C1:AD:0D:39:A4:69:12:FE
X509v3 Authority Key Identifier:
keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/lSQ2bGJvEoDxQA6lwa0NOaRpEv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.96.0/22
IPv6:
2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
26:38:c6:68:89:dd:9b:4c:e0:79:29:cc:1e:10:18:a1:80:18:
05:82:55:8f:00:ea:13:ee:f2:0e:ba:ad:b6:d5:9d:1a:7c:1c:
5c:e9:56:10:b7:31:17:3f:84:3d:7f:7b:60:3c:97:53:74:d2:
56:74:4c:5e:04:b2:cd:49:79:cd:31:d3:e3:5a:10:79:b7:a0:
1d:5c:b1:23:28:c6:e8:e4:a8:84:be:a9:30:6d:01:c7:fb:df:
92:5f:aa:d3:4b:cb:1f:6f:ec:af:89:c5:71:ef:3e:d9:4c:cc:
4d:e6:d5:50:c8:db:8f:b3:9b:1f:67:0c:10:8f:f2:4b:93:e1:
b1:45:a7:62:56:0c:6a:41:dc:e9:0a:96:30:af:51:5c:1a:ed:
ff:d7:95:48:15:1a:75:ee:84:72:d4:0c:88:4f:5a:69:f1:64:
16:e6:52:53:5f:0f:9d:c8:f5:c5:2d:38:0f:cc:97:7b:9e:8e:
2e:7a:31:07:d6:61:31:e6:77:62:39:32:5f:9a:e4:e9:54:3f:
93:09:9c:7b:0f:f4:52:ec:60:91:2a:7a:d5:c4:d6:3b:e5:dd:
09:f3:07:57:71:6b:d6:1f:40:d4:5d:50:0c:fe:36:53:84:fd:
52:61:b2:5d:c2:38:12:9f:77:1a:ec:f7:3b:40:39:4a:65:7c:
09:20:58:fc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIDIlbHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVl
ZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIyZWNmOTMwHhcNMjIwMTAx
MDA1NDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NTI0MzY2YzYyNmYx
MjgwZjE0MDBlYTVjMWFkMGQzOWE0NjkxMmZlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAno/7KqmTz7GuPqqI1AM/tFlD0kvtu1CPtUGUge8KxueYaq/A
QKt8/XtxSThX3CNhe+jrdUJ0HpOChBUl18j1/QHY/hWYC3FPtYboEGxq8Fn3pLoH
7CvthtoK9t3ho0KloRs84eiOv/FVeGTYuvc8JUwFfexgS/iHiiSaHoUu1/Rhpc8U
Cn+WtcWXwJFkzcAjl2jNAFMV4wEFCAMGvk8OR/M/AlHabYYyvsBFHqr5HS0Rdr8O
9GSKB0LVpENT6uH4ygtfWussXbxOgPWEM4UFirZttpYmParK/4lKxep0a/SSujSJ
8WnJiOXR9AhsWft1SIuXmvetVefP3kb9TVTJIwIDAQABo4ICJTCCAiEwHQYDVR0O
BBYEFJUkNmxibxKA8UAOpcGtDTmkaRL+MB8GA1UdIwQYMBaAFF7gBL76VT3bNVZP
t3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0LzEv
bFNRMmJHSnZFb0R4UUE2bHdhME5PYVJwRXY0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8z
YzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0LzEvWHVBRXZ2cFZQZHMx
VmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDsG
CCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoEAgACMBQwEgMHASoAHD4A
lgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEAJjjGaIndm0zgeSnMHhAYoYAY
BYJVjwDqE+7yDrqtttWdGnwcXOlWELcxFz+EPX97YDyXU3TSVnRMXgSyzUl5zTHT
41oQebegHVyxIyjG6OSohL6pMG0Bx/vfkl+q00vLH2/sr4nFce8+2UzMTebVUMjb
j7ObH2cMEI/yS5PhsUWnYlYMakHc6QqWMK9RXBrt/9eVSBUade6EctQMiE9aafFk
FuZSU18Pncj1xS04D8yXe56OLnoxB9ZhMeZ3YjkyX5rk6VQ/kwmcew/0UuxgkSp6
1cTWO+XdCfMHV3Fr1h9A1F1QDP42U4T9UmGyXcI4Ep93Guz3O0A5SmV8CSBY/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:00 2024 by rpki-client on console-fra.rpki-client.org