Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/kX1G8qTuyihz4VijkL2bqvFoMYc.roa
File: kX1G8qTuyihz4VijkL2bqvFoMYc.roa (raw, json)
Hash identifier: RPuJmGXl7B45rmsCwFb/BK4BeEaUbmfTK9g8oicCAgE=
Subject key identifier: 91:7D:46:F2:A4:EE:CA:28:73:E1:58:A3:90:BD:9B:AA:F1:68:31:87
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 018570FBAA14BFD7E9E570B87A64BC7864F8
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/kX1G8qTuyihz4VijkL2bqvFoMYc.roa
Signing time: Mon 02 Jan 2023 05:36:59 +0000
ROA not before: Mon 02 Jan 2023 05:36:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198682
IP address blocks: 95.170.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:aa:14:bf:d7:e9:e5:70:b8:7a:64:bc:78:64:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Jan 2 05:36:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=917d46f2a4eeca2873e158a390bd9baaf1683187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:78:99:25:4e:32:58:f9:dc:05:c4:e3:fb:4e:
44:29:21:0e:4c:26:13:43:66:45:8f:f6:c6:07:bd:
e2:74:77:60:40:c7:df:7a:ff:d7:78:3a:e0:2a:86:
c8:4a:1a:de:60:3f:9f:c8:33:15:96:e6:cf:8a:f0:
19:51:64:db:64:d8:c4:47:13:3f:a9:df:1d:c7:4c:
27:3c:d3:57:b9:ba:a1:f2:58:a9:65:16:85:16:0c:
c0:6a:43:c6:52:7a:19:1b:94:8a:20:58:5a:a3:46:
38:70:1d:28:f6:97:21:3b:3a:29:af:97:c1:30:fd:
e3:aa:04:6e:0e:d4:dc:e8:79:db:d8:af:71:a5:7d:
29:e0:29:70:8f:e3:b3:12:9d:da:33:38:1e:f5:20:
76:0e:dd:ce:4d:5b:dd:a1:f4:52:fb:df:8f:96:c1:
ad:29:dc:3d:b3:49:6e:56:14:2d:cf:0b:29:be:85:
42:9c:a0:0f:21:1a:92:44:22:0e:93:e3:b9:87:51:
66:34:57:b0:d2:e9:46:33:58:60:93:49:62:b2:30:
e6:d7:c9:9e:e8:63:d1:f7:90:06:0f:e8:e8:48:75:
ad:93:7c:2b:fa:e2:3f:c0:28:5a:f3:85:59:fa:fb:
57:71:d9:b2:06:c1:a7:b8:e9:b1:17:20:ce:fe:a0:
15:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7D:46:F2:A4:EE:CA:28:73:E1:58:A3:90:BD:9B:AA:F1:68:31:87
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/kX1G8qTuyihz4VijkL2bqvFoMYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.4.0/24
Signature Algorithm: sha256WithRSAEncryption
35:e5:9d:ba:18:b2:3b:89:aa:f2:c2:25:00:43:a8:71:a5:c7:
8f:9a:ba:c0:e3:ad:cd:d6:6e:e5:ba:b6:c3:82:36:ed:c0:40:
89:4a:6c:c1:b6:59:45:0d:77:9c:58:66:83:e1:34:29:50:6b:
f3:4b:b7:e4:0a:0f:db:90:21:7c:cb:71:af:3d:e8:b8:dc:c4:
1f:eb:c4:f3:ee:8c:a7:3e:9f:bd:ab:96:07:c1:b0:a5:d5:ac:
9f:2d:cf:bf:12:d7:82:11:2a:0e:53:4d:ba:b8:6f:19:ef:6a:
44:67:44:94:7a:a0:94:da:4c:39:0c:6d:3a:18:7d:93:e8:c3:
c3:8d:7b:4a:d4:73:4d:88:79:06:52:1a:a7:43:0f:a0:17:3e:
9c:bc:d8:09:21:05:60:cb:e2:db:1e:14:0a:24:57:c7:2b:24:
82:cd:f0:ca:43:26:eb:24:51:cd:4f:51:02:d1:57:17:f1:71:
d0:3f:2d:45:ec:6f:b1:73:9f:d8:8d:68:a4:f4:93:ef:c2:2f:
25:21:44:36:41:c9:fd:74:0c:b9:f0:4b:b5:58:99:39:37:02:
a0:e0:08:84:8c:11:1c:70:64:2c:b5:74:d3:03:a6:e1:f9:e9:
b6:db:d7:05:44:3d:cc:41:9d:2a:ce:4d:8d:6a:cc:01:48:fe:
3b:0f:5d:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+6oUv9fp5XC4emS8eGT4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjMwMTAyMDUzNjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTdkNDZmMmE0ZWVjYTI4NzNlMTU4YTM5MGJkOWJhYWYxNjgzMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXiZJU4yWPncBcTj+05EKSEOTCYT
Q2ZFj/bGB73idHdgQMffev/XeDrgKobIShreYD+fyDMVlubPivAZUWTbZNjERxM/
qd8dx0wnPNNXubqh8lipZRaFFgzAakPGUnoZG5SKIFhao0Y4cB0o9pchOzopr5fB
MP3jqgRuDtTc6Hnb2K9xpX0p4Clwj+OzEp3aMzge9SB2Dt3OTVvdofRS+9+PlsGt
Kdw9s0luVhQtzwspvoVCnKAPIRqSRCIOk+O5h1FmNFew0ulGM1hgk0lisjDm18me
6GPR95AGD+joSHWtk3wr+uI/wCha84VZ+vtXcdmyBsGnuOmxFyDO/qAV1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJF9RvKk7sooc+FYo5C9m6rxaDGHMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEva1gxRzhxVHV5aWh6NFZpamtMMmJxdkZvTVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6oEMA0G
CSqGSIb3DQEBCwUAA4IBAQA15Z26GLI7iarywiUAQ6hxpcePmrrA463N1m7lurbD
gjbtwECJSmzBtllFDXecWGaD4TQpUGvzS7fkCg/bkCF8y3GvPei43MQf68Tz7oyn
Pp+9q5YHwbCl1ayfLc+/EteCESoOU026uG8Z72pEZ0SUeqCU2kw5DG06GH2T6MPD
jXtK1HNNiHkGUhqnQw+gFz6cvNgJIQVgy+LbHhQKJFfHKySCzfDKQybrJFHNT1EC
0VcX8XHQPy1F7G+xc5/YjWik9JPvwi8lIUQ2Qcn9dAy58Eu1WJk5NwKg4AiEjBEc
cGQstXTTA6bh+em229cFRD3MQZ0qzk2NaswBSP47D13F
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:30 2025 by rpki-client