Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/tiPx2zmcR6RtEx3uuLmwWdUUMu0.roa
File: tiPx2zmcR6RtEx3uuLmwWdUUMu0.roa (raw, json)
Hash identifier: p8qnUbI+FhrTDSbB2OazaiKkxPTnkCWyySuzVj+dGo8=
Subject key identifier: B6:23:F1:DB:39:9C:47:A4:6D:13:1D:EE:B8:B9:B0:59:D5:14:32:ED
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 0183887BF4020375DD16F4D2F4024C1DCF77
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/tiPx2zmcR6RtEx3uuLmwWdUUMu0.roa
Signing time: Thu 29 Sep 2022 09:02:48 +0000
ROA not before: Thu 29 Sep 2022 09:02:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205631
IP address blocks: 185.95.30.0/24 maxlen: 24
2a05:1500:400::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:7b:f4:02:03:75:dd:16:f4:d2:f4:02:4c:1d:cf:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Sep 29 09:02:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b623f1db399c47a46d131deeb8b9b059d51432ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e9:81:52:5c:29:f0:ab:49:5b:a7:11:a7:65:
58:13:9d:25:cf:97:aa:2f:39:55:a3:5e:88:12:1e:
09:26:24:b1:c7:86:a3:0a:5d:c7:18:64:b3:35:07:
46:b4:d5:09:5f:5e:35:5e:c3:3f:6a:be:e0:e6:40:
0b:32:3a:06:34:58:ff:25:ad:0c:d5:00:f4:a1:22:
0c:fd:d6:ee:e6:23:ba:69:e0:20:b7:98:5b:6e:be:
14:97:6e:93:40:ba:b4:ad:a7:0c:eb:25:4e:94:de:
60:fe:f9:26:00:19:74:b8:fc:d4:33:eb:9b:38:36:
b9:69:02:e9:46:8e:07:4f:fa:92:db:a4:40:d8:44:
d9:ca:00:b1:e6:aa:0d:11:5c:f2:61:20:f6:17:2f:
27:48:38:bb:07:78:ff:6f:b2:83:f0:f9:7a:c4:b5:
ae:cc:73:36:1f:50:13:45:2f:cd:8d:32:e3:0a:af:
f6:df:33:44:8b:f6:e5:bc:88:e3:68:19:87:60:2d:
06:d2:7f:1b:62:fe:97:81:bc:ce:ba:95:25:3c:69:
f0:6e:6d:b9:91:3f:b1:73:d5:ae:0b:e0:10:a0:c9:
4d:6d:39:9c:71:b2:e3:eb:ca:51:b4:4f:1c:72:0f:
51:8c:ba:3a:06:68:53:52:a2:e1:6d:c1:d6:26:1e:
4c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:23:F1:DB:39:9C:47:A4:6D:13:1D:EE:B8:B9:B0:59:D5:14:32:ED
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/tiPx2zmcR6RtEx3uuLmwWdUUMu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.30.0/24
IPv6:
2a05:1500:400::/40
Signature Algorithm: sha256WithRSAEncryption
0d:18:9c:c6:f7:8b:76:0a:0b:04:45:d6:19:72:b7:a2:bc:e5:
93:80:21:f2:84:b2:dc:bb:c1:f2:ae:4e:16:ca:a2:36:ba:48:
54:bb:39:00:38:35:81:9f:9e:5e:82:96:be:54:94:93:bc:35:
37:12:ee:42:e0:b4:fa:73:ac:50:99:a0:15:3e:0b:e2:3a:3f:
61:36:51:47:13:bd:7d:84:9f:fa:10:fa:67:3e:d2:2f:3b:69:
bf:6f:c4:a9:66:57:de:6a:93:0b:98:46:f2:6c:e5:75:ae:98:
ad:79:a4:7a:dd:2a:b5:88:3c:d5:ca:23:b9:b5:80:bd:c4:c2:
58:d5:fb:92:1f:d6:67:c7:6f:07:ab:49:1c:80:4c:8f:e4:bf:
3b:48:26:ac:af:87:55:9e:9e:7e:b5:12:9f:99:9a:33:b2:d4:
3b:7f:2a:9a:93:ed:df:f5:24:80:41:ce:4c:38:ad:19:84:fe:
4e:08:7c:48:aa:d7:1c:ea:20:b3:d8:9e:41:fa:57:95:64:50:
02:79:df:03:de:60:db:65:71:1a:d0:df:46:52:2c:18:2b:9d:
f6:3b:03:c1:21:67:7a:d3:6e:75:33:d7:60:58:35:d7:a2:ea:
ca:8e:84:e1:d7:c0:1a:96:c0:5f:07:e9:6a:03:dc:14:f1:7e:
9a:5f:20:a3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYOIe/QCA3XdFvTS9AJMHc93MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjIwOTI5MDkwMjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjIzZjFkYjM5OWM0N2E0NmQxMzFkZWViOGI5YjA1OWQ1MTQzMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+mBUlwp8KtJW6cRp2VYE50lz5eq
LzlVo16IEh4JJiSxx4ajCl3HGGSzNQdGtNUJX141XsM/ar7g5kALMjoGNFj/Ja0M
1QD0oSIM/dbu5iO6aeAgt5hbbr4Ul26TQLq0racM6yVOlN5g/vkmABl0uPzUM+ub
ODa5aQLpRo4HT/qS26RA2ETZygCx5qoNEVzyYSD2Fy8nSDi7B3j/b7KD8Pl6xLWu
zHM2H1ATRS/NjTLjCq/23zNEi/blvIjjaBmHYC0G0n8bYv6XgbzOupUlPGnwbm25
kT+xc9WuC+AQoMlNbTmccbLj68pRtE8ccg9RjLo6BmhTUqLhbcHWJh5MvQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLYj8ds5nEekbRMd7ri5sFnVFDLtMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvdGlQeDJ6bWNSNlJ0RXgzdXVMbXdXZFVVTXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAuV8eMA4E
AgACMAgDBgAqBRUABDANBgkqhkiG9w0BAQsFAAOCAQEADRicxveLdgoLBEXWGXK3
orzlk4Ah8oSy3LvB8q5OFsqiNrpIVLs5ADg1gZ+eXoKWvlSUk7w1NxLuQuC0+nOs
UJmgFT4L4jo/YTZRRxO9fYSf+hD6Zz7SLztpv2/EqWZX3mqTC5hG8mzlda6YrXmk
et0qtYg81cojubWAvcTCWNX7kh/WZ8dvB6tJHIBMj+S/O0gmrK+HVZ6efrUSn5ma
M7LUO38qmpPt3/UkgEHOTDitGYT+Tgh8SKrXHOogs9ieQfpXlWRQAnnfA95g22Vx
GtDfRlIsGCud9jsDwSFnetNudTPXYFg116Lqyo6E4dfAGpbAXwfpagPcFPF+ml8g
ow==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org