Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/rtaKsJcbSAq78pEnhdoRcHGybHQ.roa
File: rtaKsJcbSAq78pEnhdoRcHGybHQ.roa (raw, json)
Hash identifier: ApkKqonWc1JQNeCW5Snaexc7qU+bHFlE99ynxyes2dU=
Subject key identifier: AE:D6:8A:B0:97:1B:48:0A:BB:F2:91:27:85:DA:11:70:71:B2:6C:74
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 03556D34
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/rtaKsJcbSAq78pEnhdoRcHGybHQ.roa
Signing time: Wed 27 Apr 2022 19:35:47 +0000
ROA not before: Wed 27 Apr 2022 19:35:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6461
IP address blocks: 95.164.0.0/21 maxlen: 24
95.164.24.0/21 maxlen: 24
95.164.32.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55930164 (0x3556d34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Apr 27 19:35:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aed68ab0971b480abbf2912785da117071b26c74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f8:d6:16:06:ca:e5:76:c4:61:97:54:4a:58:
26:e7:79:17:47:3d:eb:63:b2:3e:31:c7:e3:8a:3e:
45:89:1d:cd:36:1b:c4:d3:0b:b0:5f:e7:4d:f5:58:
a4:00:9a:5f:b6:57:77:aa:c1:38:cc:b4:1b:26:71:
86:7b:13:09:a1:0b:3a:be:15:36:3e:66:91:a2:b8:
45:b8:ed:6e:97:cd:ac:aa:37:ac:e1:07:f2:0b:7d:
cc:3d:b9:25:64:de:b8:1f:39:78:f2:c7:b1:29:39:
38:92:d5:67:14:8f:93:42:a3:1d:c4:c6:2b:22:92:
dd:11:5c:ca:b1:72:9a:ef:b3:7c:c3:b2:91:d3:8a:
3a:60:0e:bb:29:46:e8:28:09:eb:da:c2:7e:2d:e0:
4b:50:c6:db:c2:7e:8e:ba:5a:d9:4e:26:14:2c:50:
1a:41:2c:29:7c:ab:30:95:30:2f:c4:6d:44:5b:fb:
dd:60:da:70:8c:3b:39:c0:94:02:b3:e4:97:a1:33:
09:8e:4f:4a:51:70:54:c0:5a:45:9a:00:ef:dd:9e:
ca:78:ad:1a:00:8e:97:c4:51:ec:cb:06:b4:ba:60:
94:18:6d:5f:e4:54:59:d0:9d:44:86:8a:84:77:db:
7f:57:32:98:63:4e:12:08:5e:df:ee:4d:0e:a5:b9:
d6:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D6:8A:B0:97:1B:48:0A:BB:F2:91:27:85:DA:11:70:71:B2:6C:74
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/rtaKsJcbSAq78pEnhdoRcHGybHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.0.0/21
95.164.24.0-95.164.39.255
Signature Algorithm: sha256WithRSAEncryption
21:ee:57:ef:55:13:e9:a5:63:2c:09:35:9e:e5:9d:8e:5a:a7:
49:5f:4c:a0:52:6b:cc:3b:77:ae:0b:75:bd:d0:07:ff:26:9a:
f2:a2:c1:92:14:0e:3f:b1:f7:cd:92:fe:28:63:d6:ee:f4:f9:
e8:5e:ce:04:40:d6:d7:d2:36:14:80:d9:39:a7:4f:5f:0b:f2:
00:05:82:b1:93:be:cf:f2:c1:f3:9a:88:51:68:f9:5e:63:52:
6a:c3:ce:5c:bf:cb:c2:2f:01:2f:48:ae:90:7d:b1:3f:d7:cc:
c1:1e:70:47:f4:2f:72:f6:e3:f6:ae:ec:c2:9c:af:a6:d9:d9:
b4:11:99:fa:b9:4b:47:03:46:74:68:b0:ae:b2:c6:80:5f:eb:
c5:cc:08:84:0d:0e:fa:02:2f:ee:c0:ef:b6:9c:d7:c2:59:b8:
51:9b:d4:16:79:d7:f9:e4:0d:2a:6d:48:61:17:d5:6f:b4:7f:
68:98:44:d1:a8:35:57:f1:7c:39:17:24:49:d2:e0:e1:f5:1d:
18:5b:34:a5:0b:21:8d:31:d3:57:05:cc:bd:98:01:c4:89:fb:
4c:4b:bf:71:c3:44:23:1d:4d:0b:e6:24:69:96:71:3b:37:9c:
b1:63:29:88:6a:fa:26:74:2d:88:20:0c:9e:9b:06:9d:85:52:
ed:e2:a3:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEA1VtNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDc0M2VkNjNlODY4ZWY1MGY2ZDg0YzAwMDNhODM0ODNmYzYyYTAzMB4XDTIyMDQy
NzE5MzU0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWVkNjhhYjA5NzFi
NDgwYWJiZjI5MTI3ODVkYTExNzA3MWIyNmM3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMz41hYGyuV2xGGXVEpYJud5F0c962OyPjHH44o+RYkdzTYb
xNMLsF/nTfVYpACaX7ZXd6rBOMy0GyZxhnsTCaELOr4VNj5mkaK4RbjtbpfNrKo3
rOEH8gt9zD25JWTeuB85ePLHsSk5OJLVZxSPk0KjHcTGKyKS3RFcyrFymu+zfMOy
kdOKOmAOuylG6CgJ69rCfi3gS1DG28J+jrpa2U4mFCxQGkEsKXyrMJUwL8RtRFv7
3WDacIw7OcCUArPkl6EzCY5PSlFwVMBaRZoA792eynitGgCOl8RR7MsGtLpglBht
X+RUWdCdRIaKhHfbf1cymGNOEghe3+5NDqW51jUCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSu1oqwlxtICrvykSeF2hFwcbJsdDAfBgNVHSMEGDAWgBRtdD7WPoaO9Q9t
hMAAOoNIP8YqAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JYUS0xajZHanZVUGJZVEFBRHFEU0RfR0tnTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvZTA1MzUyLWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8x
L3J0YUtzSmNiU0FxNzhwRW5oZG9SY0hHeWJIUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
ZTA1MzUyLWYxNDgtNDBhMC04N2E0LWU5NzI0YTdhNmJjOC8xL2JYUS0xajZHanZV
UGJZVEFBRHFEU0RfR0tnTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEA1+kADAMAwQDX6QYAwQDX6QgMA0G
CSqGSIb3DQEBCwUAA4IBAQAh7lfvVRPppWMsCTWe5Z2OWqdJX0ygUmvMO3euC3W9
0Af/JpryosGSFA4/sffNkv4oY9bu9PnoXs4EQNbX0jYUgNk5p09fC/IABYKxk77P
8sHzmohRaPleY1Jqw85cv8vCLwEvSK6QfbE/18zBHnBH9C9y9uP2ruzCnK+m2dm0
EZn6uUtHA0Z0aLCussaAX+vFzAiEDQ76Ai/uwO+2nNfCWbhRm9QWedf55A0qbUhh
F9VvtH9omETRqDVX8Xw5FyRJ0uDh9R0YWzSlCyGNMdNXBcy9mAHEiftMS79xw0Qj
HU0L5iRplnE7N5yxYymIavomdC2IIAyemwadhVLt4qOb
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:25:54 2025 by rpki-client