Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/ph9MY3rCVbBfbpeWnx80_UdeJac.roa
File: ph9MY3rCVbBfbpeWnx80_UdeJac.roa (raw, json)
Hash identifier: BKnQvI4ZzyhLXxbCxn7xJWqcoQhModq8OEHRaiUTXMc=
Subject key identifier: A6:1F:4C:63:7A:C2:55:B0:5F:6E:97:96:9F:1F:34:FD:47:5E:25:A7
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 01856C6EF62D23BE162B96F290469D00BF88
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/ph9MY3rCVbBfbpeWnx80_UdeJac.roa
Signing time: Sun 01 Jan 2023 08:24:49 +0000
ROA not before: Sun 01 Jan 2023 08:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16015
IP address blocks: 95.171.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f6:2d:23:be:16:2b:96:f2:90:46:9d:00:bf:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: Jan 1 08:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a61f4c637ac255b05f6e97969f1f34fd475e25a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3f:a5:e9:68:63:d3:b9:2a:1a:ab:f9:02:cf:
c8:34:d6:cc:16:07:9b:21:f7:7f:b9:c7:0d:c1:7c:
65:78:95:83:c1:30:cc:92:40:50:42:ca:7c:b9:3e:
71:e8:19:49:50:79:8a:e4:0d:e9:e4:a7:d8:11:58:
ac:b1:2d:b0:98:8a:6a:61:bf:47:a3:93:46:dd:05:
6f:1d:53:9f:2f:c5:33:28:a7:a3:8a:96:dd:df:07:
bb:2e:64:40:73:bd:5e:86:41:d2:0c:e7:d7:41:d6:
06:0c:b2:61:cb:cb:fa:24:a7:11:27:3e:75:90:3e:
4f:42:0d:e7:a9:f0:ae:38:f0:00:65:6c:92:db:d4:
63:c4:45:2d:f8:8f:40:77:b4:9a:91:4e:82:b5:70:
4c:4a:f5:fe:11:88:1c:0b:09:57:ea:24:12:b5:56:
d5:10:e2:b3:1d:8e:61:3f:1b:5e:21:52:50:2e:cf:
11:31:be:25:da:c2:82:37:7c:32:cf:96:75:6d:2b:
f1:0c:f1:5a:3c:0d:cc:61:51:6f:b5:49:3e:bd:07:
32:07:5e:c7:95:f3:08:99:23:54:73:98:5c:b1:5a:
03:50:0f:31:83:98:d4:90:b4:cc:6c:05:e5:0d:a6:
a8:3f:fb:c5:03:55:9d:b6:e2:39:d8:fb:73:0e:e3:
e1:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:1F:4C:63:7A:C2:55:B0:5F:6E:97:96:9F:1F:34:FD:47:5E:25:A7
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/ph9MY3rCVbBfbpeWnx80_UdeJac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.171.76.0/24
Signature Algorithm: sha256WithRSAEncryption
b4:bf:78:a5:c7:dd:c0:a6:b9:4e:80:2e:42:b5:2a:66:1a:64:
f2:c1:d8:21:4c:9c:45:9c:13:6b:e5:a1:83:c0:3f:03:a5:cb:
ad:ce:92:69:58:53:a3:6f:be:12:92:71:05:e1:a4:ac:aa:15:
61:4a:0b:e2:6e:84:d5:d8:dd:05:5a:81:8e:00:aa:fd:34:cd:
c6:08:89:8d:75:54:59:93:18:9c:fb:12:a7:69:11:83:b2:50:
2d:6b:64:36:fb:47:bd:b5:41:a9:2d:70:b3:cb:ff:b1:8b:b2:
34:c5:2a:77:23:9c:3a:a4:a2:8b:01:2a:30:00:ea:96:79:0d:
e5:81:82:9d:21:cf:a4:49:74:b6:6d:94:fd:72:89:5f:d6:97:
27:05:6b:2f:ea:32:bd:20:21:c3:15:62:44:d9:a9:37:0b:41:
f2:ed:33:78:d2:62:19:10:09:39:5d:9f:bc:9c:93:0d:96:9a:
b8:ff:34:52:78:fa:e0:50:c2:f2:53:9d:b1:06:a1:a4:eb:d8:
f2:7c:7b:2f:99:62:2f:e9:2e:86:6c:93:15:bb:8f:23:48:47:
38:9e:c1:5b:64:b9:dd:f7:bf:99:56:c3:fc:85:2e:5b:f1:ca:
c3:34:19:8b:a7:fe:94:14:1f:c0:6d:23:23:ec:78:f1:ed:a7:
44:9e:12:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsbvYtI74WK5bykEadAL+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzYxMDMzNDRmY2QzYjU3NTlmMmRiM2YzYzcwNzEzNzZm
OWUyMzMwHhcNMjMwMTAxMDgyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjFmNGM2MzdhYzI1NWIwNWY2ZTk3OTY5ZjFmMzRmZDQ3NWUyNWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz+l6Whj07kqGqv5As/INNbMFgeb
Ifd/uccNwXxleJWDwTDMkkBQQsp8uT5x6BlJUHmK5A3p5KfYEVissS2wmIpqYb9H
o5NG3QVvHVOfL8UzKKejipbd3we7LmRAc71ehkHSDOfXQdYGDLJhy8v6JKcRJz51
kD5PQg3nqfCuOPAAZWyS29RjxEUt+I9Ad7SakU6CtXBMSvX+EYgcCwlX6iQStVbV
EOKzHY5hPxteIVJQLs8RMb4l2sKCN3wyz5Z1bSvxDPFaPA3MYVFvtUk+vQcyB17H
lfMImSNUc5hcsVoDUA8xg5jUkLTMbAXlDaaoP/vFA1WdtuI52PtzDuPhiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKYfTGN6wlWwX26Xlp8fNP1HXiWnMB8GA1UdIwQY
MBaAFE82EDNE/NO1dZ8ts/PHBxN2+eIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUt
MGFjYzg5MmIxMWQyLzEvcGg5TVkzckNWYkJmYnBlV254ODBfVWRlSmFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUtMGFjYzg5MmIxMWQy
LzEvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6tMMA0G
CSqGSIb3DQEBCwUAA4IBAQC0v3ilx93AprlOgC5CtSpmGmTywdghTJxFnBNr5aGD
wD8DpcutzpJpWFOjb74SknEF4aSsqhVhSgviboTV2N0FWoGOAKr9NM3GCImNdVRZ
kxic+xKnaRGDslAta2Q2+0e9tUGpLXCzy/+xi7I0xSp3I5w6pKKLASowAOqWeQ3l
gYKdIc+kSXS2bZT9colf1pcnBWsv6jK9ICHDFWJE2ak3C0Hy7TN40mIZEAk5XZ+8
nJMNlpq4/zRSePrgUMLyU52xBqGk69jyfHsvmWIv6S6GbJMVu48jSEc4nsFbZLnd
97+ZVsP8hS5b8crDNBmLp/6UFB/AbSMj7Hjx7adEnhJ1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:23 2025 by rpki-client