Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/nSH5_0GCneplkrc3jk8lje4vvB8.roa
File: nSH5_0GCneplkrc3jk8lje4vvB8.roa (raw, json)
Hash identifier: ukzzLy4n86ICNGrkc2wuDLZxZjjIo99k47fjR4eODC8=
Subject key identifier: 9D:21:F9:FF:41:82:9D:EA:65:92:B7:37:8E:4F:25:8D:EE:2F:BC:1F
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0184673BCC6875FA48505FC3286D71C66769
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/nSH5_0GCneplkrc3jk8lje4vvB8.roa
Signing time: Fri 11 Nov 2022 15:08:03 +0000
ROA not before: Fri 11 Nov 2022 15:08:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212496
IP address blocks: 95.164.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:67:3b:cc:68:75:fa:48:50:5f:c3:28:6d:71:c6:67:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 11 15:08:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d21f9ff41829dea6592b7378e4f258dee2fbc1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1e:f7:60:5d:db:8c:f9:56:03:92:2e:10:f5:
38:4d:3a:9d:25:4f:60:06:7f:76:95:e3:bd:10:8c:
00:6c:a8:3e:a3:c1:c6:a3:85:80:4e:1e:0a:c3:90:
a8:a6:d1:e8:4a:ec:a4:0b:d9:76:f5:b3:6b:53:00:
dc:50:9e:66:28:c7:21:b6:b2:08:d3:81:41:f7:5d:
f0:41:7a:66:73:39:ef:6d:fb:8e:0f:dd:68:54:26:
b0:a1:b5:38:80:44:dd:54:1b:43:c7:50:e9:e7:ef:
ed:e4:c2:03:f6:ca:d2:69:e2:b6:40:65:c4:d8:58:
36:5a:43:d7:b7:9f:8a:ed:0a:b8:e0:14:23:9a:9f:
b5:d3:00:dd:63:df:18:92:d0:b5:0e:72:f6:bd:77:
8f:63:ef:03:ae:67:7e:dc:2b:5a:20:bd:1b:23:d1:
1a:1a:d9:3a:ac:d3:a8:0a:c4:0e:53:b9:57:79:5f:
d6:89:21:39:df:15:e2:bf:67:c3:c3:10:01:4a:9a:
ed:14:25:2f:97:1a:ca:42:65:f9:6a:0c:d4:24:9a:
3d:af:46:0f:61:c7:73:69:ea:18:a8:8c:4b:d2:05:
64:19:ae:aa:d3:04:77:b3:7d:b3:af:18:b8:c1:95:
ab:e7:8e:f4:a8:a1:79:f6:97:32:9f:e1:ee:7b:d5:
51:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:21:F9:FF:41:82:9D:EA:65:92:B7:37:8E:4F:25:8D:EE:2F:BC:1F
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/nSH5_0GCneplkrc3jk8lje4vvB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.91.0/24
Signature Algorithm: sha256WithRSAEncryption
59:85:62:ad:6c:ab:a1:46:c3:f1:2e:ac:eb:c9:be:7a:7a:7b:
8d:df:16:eb:9a:64:24:37:00:44:ac:31:58:39:fc:9d:41:54:
ef:57:ca:4c:88:4d:31:16:46:c5:02:53:38:7b:28:4c:98:fe:
a6:ae:6f:99:40:71:f3:7b:7a:22:64:23:aa:65:8a:63:a0:c7:
5e:ef:e0:fe:d6:2c:f3:cf:96:c6:c1:9d:8b:c8:f1:f3:37:4c:
6d:55:4b:12:0a:cb:39:8f:ab:f1:ea:90:72:83:74:95:a7:61:
b8:ce:22:53:ed:af:4a:06:07:8f:f8:9e:8d:a3:8e:80:f1:bf:
cb:ba:50:09:53:2a:8e:20:e5:79:22:63:af:2f:5b:9f:a3:38:
36:e1:7f:00:ca:47:ef:8a:ec:e3:2b:54:8f:5d:e4:97:56:b0:
13:7d:9f:ef:17:4a:94:ca:1b:e1:1e:a9:37:f5:66:f2:69:20:
99:fc:56:f9:c6:4a:1c:42:44:2b:6b:79:04:be:6b:75:f8:f7:
3f:e7:bf:7e:c7:e3:c4:a4:43:50:bf:a9:f3:0b:ed:8b:59:0e:
c0:88:22:e3:66:10:01:cc:ff:92:bc:b0:80:1f:33:73:9c:02:
ac:6b:7d:8d:5e:39:19:7e:4f:f1:d6:58:63:e8:c5:70:d9:61:
b2:99:88:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRnO8xodfpIUF/DKG1xxmdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIxMTExMTUwODAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDIxZjlmZjQxODI5ZGVhNjU5MmI3Mzc4ZTRmMjU4ZGVlMmZiYzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1h73YF3bjPlWA5IuEPU4TTqdJU9g
Bn92leO9EIwAbKg+o8HGo4WATh4Kw5CoptHoSuykC9l29bNrUwDcUJ5mKMchtrII
04FB913wQXpmcznvbfuOD91oVCawobU4gETdVBtDx1Dp5+/t5MID9srSaeK2QGXE
2Fg2WkPXt5+K7Qq44BQjmp+10wDdY98YktC1DnL2vXePY+8Drmd+3CtaIL0bI9Ea
Gtk6rNOoCsQOU7lXeV/WiSE53xXiv2fDwxABSprtFCUvlxrKQmX5agzUJJo9r0YP
YcdzaeoYqIxL0gVkGa6q0wR3s32zrxi4wZWr5470qKF59pcyn+Hue9VR+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0h+f9Bgp3qZZK3N45PJY3uL7wfMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvblNINV8wR0NuZXBsa3JjM2prOGxqZTR2dkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6RbMA0G
CSqGSIb3DQEBCwUAA4IBAQBZhWKtbKuhRsPxLqzryb56enuN3xbrmmQkNwBErDFY
OfydQVTvV8pMiE0xFkbFAlM4eyhMmP6mrm+ZQHHze3oiZCOqZYpjoMde7+D+1izz
z5bGwZ2LyPHzN0xtVUsSCss5j6vx6pByg3SVp2G4ziJT7a9KBgeP+J6No46A8b/L
ulAJUyqOIOV5ImOvL1ufozg24X8AykfviuzjK1SPXeSXVrATfZ/vF0qUyhvhHqk3
9WbyaSCZ/Fb5xkocQkQra3kEvmt1+Pc/579+x+PEpENQv6nzC+2LWQ7AiCLjZhAB
zP+SvLCAHzNznAKsa32NXjkZfk/x1lhj6MVw2WGymYgB
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:16:10 2025 by rpki-client