Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/oJSj65JEMZYkIJkgVHkk1zuat1A.roa
File: oJSj65JEMZYkIJkgVHkk1zuat1A.roa (raw, json)
Hash identifier: KQ5U2/5vuSIJk+XXuX9mfgs3co5vByfnN9+JEWl+U10=
Subject key identifier: A0:94:A3:EB:92:44:31:96:24:20:99:20:54:79:24:D7:3B:9A:B7:50
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01856F42A6EA84520A0F5F55D17B75BE0F51
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/oJSj65JEMZYkIJkgVHkk1zuat1A.roa
Signing time: Sun 01 Jan 2023 21:35:17 +0000
ROA not before: Sun 01 Jan 2023 21:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39762
IP address blocks: 95.164.64.0/22 maxlen: 24
95.164.64.0/24 maxlen: 24
95.164.65.0/24 maxlen: 24
95.164.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a6:ea:84:52:0a:0f:5f:55:d1:7b:75:be:0f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 21:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a094a3eb9244319624209920547924d73b9ab750
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f8:ce:d0:84:8d:55:f4:a1:0b:27:85:55:f2:
3a:de:1a:2e:d4:73:24:33:92:95:05:38:87:65:4d:
83:db:b6:92:9a:86:12:b7:c7:58:b0:ca:2e:62:e4:
47:cf:2a:a1:82:38:10:3e:a4:26:6b:e5:e5:0b:42:
c8:24:08:0b:33:d8:c8:8c:3f:84:90:4f:e5:70:80:
4a:67:9c:8d:3b:ff:a4:27:85:39:f6:9b:e9:36:8c:
43:4f:73:c7:04:c8:4c:7b:3c:b7:f7:07:69:bd:c6:
04:06:7f:f5:05:aa:c1:fb:da:66:46:cb:9c:ac:b2:
7a:63:8b:85:a4:8f:59:84:b9:36:54:40:5d:1f:a4:
bc:3b:43:da:6c:27:1e:a8:3a:52:58:f9:9f:9f:f3:
ff:b6:e4:91:81:96:6c:32:6d:06:86:27:04:a9:e8:
3d:88:35:1b:0e:0e:d6:5c:2c:5b:7f:8f:68:4e:65:
15:4f:7e:50:62:48:4d:2a:73:cf:8c:7e:33:1a:34:
e2:2c:58:9d:92:49:57:e5:b2:1f:21:d7:5f:94:91:
6e:23:42:99:c8:7b:19:15:85:b9:f5:06:7b:da:2d:
d6:ee:1a:3b:82:33:e8:65:f7:98:28:66:6d:4b:27:
fb:c3:b2:f4:79:56:69:6a:1c:aa:5c:9a:1b:d6:19:
c3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:94:A3:EB:92:44:31:96:24:20:99:20:54:79:24:D7:3B:9A:B7:50
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/oJSj65JEMZYkIJkgVHkk1zuat1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.64.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:46:46:b2:53:4b:a8:d3:6f:cf:4f:47:61:df:f5:c2:33:c6:
d2:de:58:61:43:c1:33:40:17:5d:bf:09:a4:d9:f6:3e:2b:07:
33:d2:02:ec:d3:78:c6:3b:16:06:5e:ea:7c:01:1c:4f:3f:31:
f3:b6:78:27:0e:ed:17:63:a7:6e:b5:18:27:96:04:c0:48:33:
bc:bb:11:d4:fd:15:77:29:35:7f:69:69:5f:f9:21:72:ab:ce:
d6:ee:50:47:62:da:83:26:ab:8a:a9:92:cf:a6:a7:98:de:7c:
8e:a7:8e:6d:53:ff:31:7f:7d:6c:d9:cd:cb:33:ea:bb:41:73:
a2:fd:9a:c8:87:30:b1:41:3a:b4:29:6b:f0:89:cf:09:05:45:
ba:03:80:2d:05:a7:61:08:f5:c9:1e:93:58:5c:f0:c7:fb:0e:
b1:8b:ba:d8:c4:20:43:1e:91:28:af:5a:01:73:b1:c8:e2:e7:
95:a8:f8:fd:2c:98:5d:dc:f6:bf:fa:4d:69:2f:c5:49:ae:0e:
25:be:6f:8b:3f:46:d4:d6:f4:8f:37:e3:47:b8:4e:52:b5:59:
7d:ac:be:f4:35:d2:ce:29:b4:9a:97:8d:37:96:17:d6:6a:4d:
a9:39:40:6d:7a:d5:16:2b:1e:51:34:76:1d:a1:b4:3e:24:52:
11:dd:ed:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQqbqhFIKD19V0Xt1vg9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTAxMjEzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDk0YTNlYjkyNDQzMTk2MjQyMDk5MjA1NDc5MjRkNzNiOWFiNzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/jO0ISNVfShCyeFVfI63hou1HMk
M5KVBTiHZU2D27aSmoYSt8dYsMouYuRHzyqhgjgQPqQma+XlC0LIJAgLM9jIjD+E
kE/lcIBKZ5yNO/+kJ4U59pvpNoxDT3PHBMhMezy39wdpvcYEBn/1BarB+9pmRsuc
rLJ6Y4uFpI9ZhLk2VEBdH6S8O0PabCceqDpSWPmfn/P/tuSRgZZsMm0GhicEqeg9
iDUbDg7WXCxbf49oTmUVT35QYkhNKnPPjH4zGjTiLFidkklX5bIfIddflJFuI0KZ
yHsZFYW59QZ72i3W7ho7gjPoZfeYKGZtSyf7w7L0eVZpahyqXJob1hnD4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKCUo+uSRDGWJCCZIFR5JNc7mrdQMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvb0pTajY1SkVNWllrSUprZ1ZIa2sxenVhdDFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX6RAMA0G
CSqGSIb3DQEBCwUAA4IBAQAqRkayU0uo02/PT0dh3/XCM8bS3lhhQ8EzQBddvwmk
2fY+Kwcz0gLs03jGOxYGXup8ARxPPzHztngnDu0XY6dutRgnlgTASDO8uxHU/RV3
KTV/aWlf+SFyq87W7lBHYtqDJquKqZLPpqeY3nyOp45tU/8xf31s2c3LM+q7QXOi
/ZrIhzCxQTq0KWvwic8JBUW6A4AtBadhCPXJHpNYXPDH+w6xi7rYxCBDHpEor1oB
c7HI4ueVqPj9LJhd3Pa/+k1pL8VJrg4lvm+LP0bU1vSPN+NHuE5StVl9rL70NdLO
KbSal403lhfWak2pOUBtetUWKx5RNHYdobQ+JFIR3e1t
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:32:59 2025 by rpki-client