Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/FbaH0UzGVGw-w9qk9i7JmWvxju4.roa
File: FbaH0UzGVGw-w9qk9i7JmWvxju4.roa (raw, json)
Hash identifier: 0ofkYH85WnoNOeQqv7qPNCct9LXoOxNfcAfuFQrN3Bk=
Subject key identifier: 15:B6:87:D1:4C:C6:54:6C:3E:C3:DA:A4:F6:2E:C9:99:6B:F1:8E:EE
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018A70D7F0160A001C40A81F8A5788DB8039
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/FbaH0UzGVGw-w9qk9i7JmWvxju4.roa
Signing time: Thu 07 Sep 2023 18:11:54 +0000
ROA not before: Thu 07 Sep 2023 18:11:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39249
IP address blocks: 95.164.12.0/22 maxlen: 22
195.149.96.0/24 maxlen: 24
95.164.71.0/24 maxlen: 24
195.214.212.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:70:d7:f0:16:0a:00:1c:40:a8:1f:8a:57:88:db:80:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Sep 7 18:11:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=15b687d14cc6546c3ec3daa4f62ec9996bf18eee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ff:1a:4a:3c:40:60:2a:4c:9d:d7:2e:fd:6d:
91:35:60:bb:1b:4d:c0:8a:fb:70:9b:b2:df:f7:56:
4b:2c:0a:db:05:e6:88:d9:1a:d2:5b:e5:67:d8:a7:
7d:1d:54:be:ab:61:25:72:fd:97:05:7a:ea:0f:50:
25:48:67:77:99:73:46:33:2d:d8:af:7b:20:18:5b:
11:14:82:f9:60:77:84:da:b7:90:59:8b:60:9c:62:
eb:d3:66:99:36:51:7e:2a:b8:d7:86:3c:13:60:d5:
d9:c1:39:1a:ca:37:60:1f:c7:ac:ef:0b:7e:60:04:
d1:a2:f1:70:58:b9:18:27:ef:40:46:6a:37:87:be:
c2:ff:b8:56:a7:42:72:e6:95:b5:d5:b6:25:7b:64:
4e:31:2c:df:6f:3c:77:09:31:69:af:2d:48:5a:28:
da:6f:10:60:6a:88:44:db:a7:97:ba:4d:12:38:1b:
58:fd:5f:0b:a1:fb:0b:e3:19:11:58:ce:c9:45:ab:
6e:93:d5:df:6b:71:11:0a:14:1b:a8:33:09:e4:e6:
85:44:75:9f:31:c5:0e:94:14:f4:d1:fe:34:d7:50:
da:30:92:cf:f0:ff:e8:2f:58:fc:a0:9f:c3:92:ab:
35:70:c4:ae:3e:2e:6c:34:46:cb:96:d8:a2:03:64:
4f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:B6:87:D1:4C:C6:54:6C:3E:C3:DA:A4:F6:2E:C9:99:6B:F1:8E:EE
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/FbaH0UzGVGw-w9qk9i7JmWvxju4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.12.0/22
95.164.71.0/24
195.149.96.0/24
195.214.212.0/24
Signature Algorithm: sha256WithRSAEncryption
65:5f:d9:c7:55:a8:45:fd:12:4a:5b:79:61:f1:c5:4f:ce:36:
ca:bd:ed:8e:09:9d:b0:3d:d8:0d:2d:bb:cb:7e:e8:1d:3f:38:
dc:9b:83:5a:94:74:9f:a2:2f:b6:ed:25:4b:4b:60:bb:4d:3c:
46:55:3a:c9:d8:24:2f:47:f2:ef:c5:2c:94:d6:0e:1e:e5:51:
25:ff:b7:95:e9:92:33:5a:0c:93:f2:3e:f3:d6:af:05:35:b0:
f5:c4:1b:12:cc:3f:bd:7e:00:a3:f9:9d:35:35:fd:47:66:1d:
d1:83:f9:51:1d:fa:d9:b1:92:b9:b0:33:b5:08:d7:cb:89:79:
b9:78:bd:dc:cd:67:0b:07:70:c4:0f:40:f3:ef:9e:06:13:05:
3b:b4:6a:95:0f:76:bd:30:57:9e:9c:55:c9:9c:6b:39:1e:a5:
f7:6e:5c:58:a4:a1:36:15:3e:f5:80:b3:0c:27:bc:9d:75:0c:
ce:9f:8b:92:7c:d4:e2:99:b1:0b:d5:87:02:73:bc:27:63:fd:
b3:b6:12:3f:52:31:0c:d9:09:ce:f7:25:c7:1a:0f:4d:c5:91:
9c:90:7e:f6:1b:01:24:fd:c1:07:19:3a:a0:00:f3:ea:07:0f:
ea:cb:53:56:91:1c:fe:a4:f5:4e:ca:17:e9:82:dc:fe:5e:ee:
11:ac:69:2a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYpw1/AWCgAcQKgfileI24A5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwOTA3MTgxMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWI2ODdkMTRjYzY1NDZjM2VjM2RhYTRmNjJlYzk5OTZiZjE4ZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjv8aSjxAYCpMndcu/W2RNWC7G03A
ivtwm7Lf91ZLLArbBeaI2RrSW+Vn2Kd9HVS+q2Elcv2XBXrqD1AlSGd3mXNGMy3Y
r3sgGFsRFIL5YHeE2reQWYtgnGLr02aZNlF+KrjXhjwTYNXZwTkayjdgH8es7wt+
YATRovFwWLkYJ+9ARmo3h77C/7hWp0Jy5pW11bYle2ROMSzfbzx3CTFpry1IWija
bxBgaohE26eXuk0SOBtY/V8LofsL4xkRWM7JRatuk9Xfa3ERChQbqDMJ5OaFRHWf
McUOlBT00f4011DaMJLP8P/oL1j8oJ/Dkqs1cMSuPi5sNEbLltiiA2RPYwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBW2h9FMxlRsPsPapPYuyZlr8Y7uMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvRmJhSDBVekdWR3ctdzlxazlpN0ptV3Z4anU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCX6QMAwQA
X6RHAwQAw5VgAwQAw9bUMA0GCSqGSIb3DQEBCwUAA4IBAQBlX9nHVahF/RJKW3lh
8cVPzjbKve2OCZ2wPdgNLbvLfugdPzjcm4NalHSfoi+27SVLS2C7TTxGVTrJ2CQv
R/LvxSyU1g4e5VEl/7eV6ZIzWgyT8j7z1q8FNbD1xBsSzD+9fgCj+Z01Nf1HZh3R
g/lRHfrZsZK5sDO1CNfLiXm5eL3czWcLB3DED0Dz754GEwU7tGqVD3a9MFeenFXJ
nGs5HqX3blxYpKE2FT71gLMMJ7yddQzOn4uSfNTimbEL1YcCc7wnY/2zthI/UjEM
2QnO9yXHGg9NxZGckH72GwEk/cEHGTqgAPPqBw/qy1NWkRz+pPVOyhfpgtz+Xu4R
rGkq
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:26:35 2025 by rpki-client