Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/lFINRpgjePVKILzQ9OW0haN0z_s.roa
File: lFINRpgjePVKILzQ9OW0haN0z_s.roa (raw, json)
Hash identifier: 3TVDeGaMbVZIIN4JmL8EC+fcPJYjekLSdXXpNBRtFsU=
Subject key identifier: 94:52:0D:46:98:23:78:F5:4A:20:BC:D0:F4:E5:B4:85:A3:74:CF:FB
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 05D8A36D
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/lFINRpgjePVKILzQ9OW0haN0z_s.roa
Signing time: Sat 01 Jan 2022 15:58:46 +0000
ROA not before: Sat 01 Jan 2022 15:58:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16015
IP address blocks: 95.171.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98083693 (0x5d8a36d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: Jan 1 15:58:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94520d46982378f54a20bcd0f4e5b485a374cffb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:dc:fc:f4:06:68:b1:80:5c:eb:f3:f0:5b:7f:
a3:44:da:6a:31:3b:38:45:e4:7c:9d:47:6e:e8:a7:
c2:8e:f9:6a:1b:3a:f1:d0:af:07:4b:df:a6:35:f9:
3d:d5:aa:6f:85:56:0e:cd:7e:b1:52:8c:61:4b:f0:
9d:3f:71:ac:1a:82:b5:60:49:68:7b:74:4c:fb:a2:
4b:36:9f:2d:a6:64:c3:34:fd:d1:0f:f6:34:9e:35:
eb:8c:f6:02:ed:4d:94:86:cf:4d:0f:24:1c:48:56:
31:8d:a7:1d:8e:04:29:7d:ec:a7:64:f6:4e:87:2a:
5a:96:a7:8d:52:d0:b9:ab:58:1e:00:1c:02:3f:ef:
2a:72:19:18:c9:91:27:ba:fb:17:9f:2e:40:c5:23:
8c:fa:3a:c7:b8:42:28:55:49:c6:43:6c:b9:59:33:
10:9e:67:1a:71:71:8c:3e:5c:fb:68:5f:3e:31:0f:
39:ea:55:34:bd:90:52:44:09:95:a5:bc:f2:d3:1c:
c3:95:7d:a1:10:e0:2b:00:e9:08:e5:63:99:d3:42:
ec:a3:21:b0:a2:1b:0d:e0:bf:b8:52:ab:c0:a8:16:
5d:e5:cc:77:52:65:67:0b:a4:76:30:91:64:f1:cb:
2f:c2:27:fc:e5:03:fc:26:59:2d:eb:b4:f6:f8:35:
58:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:52:0D:46:98:23:78:F5:4A:20:BC:D0:F4:E5:B4:85:A3:74:CF:FB
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/lFINRpgjePVKILzQ9OW0haN0z_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.171.76.0/24
Signature Algorithm: sha256WithRSAEncryption
09:ea:fb:c4:c7:94:45:14:7b:32:d7:4e:5a:64:ca:bf:8a:5e:
42:3f:33:b2:e4:dd:db:b1:bf:7c:cf:e3:f1:22:fe:13:2f:c2:
f7:95:90:53:da:01:7a:67:32:c1:de:fb:4b:b1:9c:f5:98:bd:
60:6e:13:23:7a:48:00:a7:d3:66:56:2a:83:6b:06:85:2e:15:
1b:1d:2a:a2:4c:1a:ec:d4:8f:78:c7:90:d1:06:f6:1a:6f:36:
1d:f9:b2:ff:48:03:94:66:ea:73:0f:8d:ec:73:ce:9e:64:97:
d9:b4:75:ed:ca:da:e5:81:d7:d7:8e:b0:dd:19:59:dc:cd:3a:
5b:48:55:8c:9a:4a:8c:3d:13:24:67:dc:33:40:48:87:43:7f:
d2:00:a7:cd:e6:a7:87:68:49:a6:15:89:28:ba:4c:8d:6c:79:
c0:25:d7:87:1a:fc:8b:ce:a8:9b:05:db:a0:f2:17:34:c1:0d:
75:d1:51:0a:2a:fd:c3:9d:82:cf:d0:62:82:f9:6b:75:19:ad:
e2:e3:d7:67:f4:33:c6:7e:ca:c8:d4:7a:51:08:e4:84:73:be:
c6:6d:77:2c:3d:49:e9:b7:dd:5f:a8:30:62:0a:30:f2:c4:51:
f3:1b:76:41:06:80:01:a4:c0:51:8a:97:56:73:fd:26:b5:55:
c5:4a:0e:c6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBdijbTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjM2MTAzMzQ0ZmNkM2I1NzU5ZjJkYjNmM2M3MDcxMzc2ZjllMjMzMB4XDTIyMDEw
MTE1NTg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ1MjBkNDY5ODIz
NzhmNTRhMjBiY2QwZjRlNWI0ODVhMzc0Y2ZmYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnc/PQGaLGAXOvz8Ft/o0TaajE7OEXkfJ1Hbuinwo75ahs6
8dCvB0vfpjX5PdWqb4VWDs1+sVKMYUvwnT9xrBqCtWBJaHt0TPuiSzafLaZkwzT9
0Q/2NJ4164z2Au1NlIbPTQ8kHEhWMY2nHY4EKX3sp2T2TocqWpanjVLQuatYHgAc
Aj/vKnIZGMmRJ7r7F58uQMUjjPo6x7hCKFVJxkNsuVkzEJ5nGnFxjD5c+2hfPjEP
OepVNL2QUkQJlaW88tMcw5V9oRDgKwDpCOVjmdNC7KMhsKIbDeC/uFKrwKgWXeXM
d1JlZwukdjCRZPHLL8In/OUD/CZZLeu09vg1WCUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSUUg1GmCN49UogvND05bSFo3TP+zAfBgNVHSMEGDAWgBRPNhAzRPzTtXWf
LbPzxwcTdvniMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R6WVFNMFQ4MDdWMW55Mno4OGNIRTNiNTRqTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmMvODBkOWRmLWVhZjMtNDhiNi04ZmQ1LTBhY2M4OTJiMTFkMi8x
L2xGSU5ScGdqZVBWS0lMelE5T1cwaGFOMHpfcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMv
ODBkOWRmLWVhZjMtNDhiNi04ZmQ1LTBhY2M4OTJiMTFkMi8xL1R6WVFNMFQ4MDdW
MW55Mno4OGNIRTNiNTRqTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF+rTDANBgkqhkiG9w0BAQsFAAOC
AQEACer7xMeURRR7MtdOWmTKv4peQj8zsuTd27G/fM/j8SL+Ey/C95WQU9oBemcy
wd77S7Gc9Zi9YG4TI3pIAKfTZlYqg2sGhS4VGx0qokwa7NSPeMeQ0Qb2Gm82Hfmy
/0gDlGbqcw+N7HPOnmSX2bR17cra5YHX146w3RlZ3M06W0hVjJpKjD0TJGfcM0BI
h0N/0gCnzeanh2hJphWJKLpMjWx5wCXXhxr8i86omwXboPIXNMENddFRCir9w52C
z9BigvlrdRmt4uPXZ/Qzxn7KyNR6UQjkhHO+xm13LD1J6bfdX6gwYgow8sRR8xt2
QQaAAaTAUYqXVnP9JrVVxUoOxg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:40:14 2025 by rpki-client