Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/9jlBlQxAoiNQLBmbfOXsj95bg7s.roa
File: 9jlBlQxAoiNQLBmbfOXsj95bg7s.roa (raw, json)
Hash identifier: 4WszZQ3BQUZtKGC7r4r2Cg1YAtwFki8tVwdakhlS7A4=
Subject key identifier: F6:39:41:95:0C:40:A2:23:50:2C:19:9B:7C:E5:EC:8F:DE:5B:83:BB
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 01853FADEFA2AC7EC1EC46E5D9A0100D7AA3
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/9jlBlQxAoiNQLBmbfOXsj95bg7s.roa
Signing time: Fri 23 Dec 2022 15:50:41 +0000
ROA not before: Fri 23 Dec 2022 15:50:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 95.181.149.0/24 maxlen: 24
95.181.148.0/22 maxlen: 22
95.181.151.0/24 maxlen: 24
95.181.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:ad:ef:a2:ac:7e:c1:ec:46:e5:d9:a0:10:0d:7a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Dec 23 15:50:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f63941950c40a223502c199b7ce5ec8fde5b83bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:33:78:89:88:11:75:e8:96:6c:d8:d0:c3:da:
34:11:3d:ea:a8:ff:3c:88:80:b0:0e:1a:cd:a4:93:
c3:22:71:dd:b1:b4:9d:61:52:d9:4e:81:c6:7a:c9:
9d:b5:a5:04:05:4d:fe:bd:96:fa:be:67:e4:9e:e0:
7b:61:74:dd:f0:ae:b1:c7:3a:b9:72:ad:b5:ab:63:
13:ab:22:c8:f2:08:97:88:f7:f6:0a:07:d5:c1:72:
c7:c0:f2:9e:c8:fe:7f:71:8c:73:0b:98:80:b1:d5:
f3:6b:1a:6e:f1:d1:22:92:7e:e8:59:96:48:d9:ad:
bf:78:eb:db:ab:2f:6a:cb:45:fb:ba:25:d3:ae:51:
e9:64:35:5b:1f:0a:c1:d5:c1:3b:99:60:5b:aa:d7:
90:74:3e:d0:89:8d:10:bd:6a:44:76:99:65:be:db:
38:6e:37:02:d5:63:11:87:24:f2:25:b9:b6:e2:c4:
6f:60:cc:6e:84:17:ff:14:0c:06:e6:7e:ee:e5:3e:
5f:88:34:7f:c6:6d:15:5e:f7:25:9f:af:62:4e:2f:
11:12:67:f6:b1:53:9c:83:68:06:05:58:1f:8a:19:
2b:4e:fa:96:1a:1a:65:3f:2d:af:8b:09:78:64:0b:
60:4f:f8:27:ef:83:5a:cc:ce:0d:01:ee:da:40:aa:
a3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:39:41:95:0C:40:A2:23:50:2C:19:9B:7C:E5:EC:8F:DE:5B:83:BB
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/9jlBlQxAoiNQLBmbfOXsj95bg7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.148.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:28:a9:d5:bd:f2:bb:64:a1:14:e6:f5:4e:93:63:88:cd:34:
8d:86:e4:71:f8:5c:3d:db:bd:c3:0b:44:7a:4e:c2:9e:80:05:
17:81:c4:a3:86:83:29:83:df:1c:ee:35:77:61:61:82:e7:b0:
0b:0f:6d:1c:fc:a3:9c:3b:9b:88:ef:63:61:06:1a:8d:d7:3c:
72:76:b7:1e:a1:d3:de:7e:3f:82:93:08:b2:d6:ff:cb:f3:28:
73:aa:38:eb:54:b6:c0:22:ee:d7:2f:08:7e:44:92:af:b1:7d:
58:04:24:c8:b1:0a:2e:14:b5:2c:6c:a0:55:c8:1c:65:85:00:
1b:9f:41:0a:c1:12:b7:59:60:97:2a:97:24:02:91:9d:64:bd:
98:a2:a9:17:e5:d5:0a:1d:ad:e4:79:f1:37:fc:98:90:22:2f:
79:37:18:eb:fe:57:6e:43:8c:2c:5c:e0:7b:13:29:dc:55:7d:
5a:f2:4c:08:79:1a:73:30:71:83:e7:a4:4f:5e:1f:f1:ed:0a:
8e:a2:18:ca:e4:50:91:44:7b:eb:c2:06:28:5d:dd:21:ea:b7:
aa:d3:64:59:e5:07:3e:42:83:e1:47:de:06:3c:e9:92:8a:0b:
82:83:e5:bd:a6:2c:11:41:6c:15:ca:67:14:0a:d3:aa:c6:bd:
36:7e:4d:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU/re+irH7B7Ebl2aAQDXqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjIxMjIzMTU1MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjM5NDE5NTBjNDBhMjIzNTAyYzE5OWI3Y2U1ZWM4ZmRlNWI4M2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jN4iYgRdeiWbNjQw9o0ET3qqP88
iICwDhrNpJPDInHdsbSdYVLZToHGesmdtaUEBU3+vZb6vmfknuB7YXTd8K6xxzq5
cq21q2MTqyLI8giXiPf2CgfVwXLHwPKeyP5/cYxzC5iAsdXzaxpu8dEikn7oWZZI
2a2/eOvbqy9qy0X7uiXTrlHpZDVbHwrB1cE7mWBbqteQdD7QiY0QvWpEdpllvts4
bjcC1WMRhyTyJbm24sRvYMxuhBf/FAwG5n7u5T5fiDR/xm0VXvcln69iTi8REmf2
sVOcg2gGBVgfihkrTvqWGhplPy2viwl4ZAtgT/gn74NazM4NAe7aQKqjNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPY5QZUMQKIjUCwZm3zl7I/eW4O7MB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvOWpsQmxReEFvaU5RTEJtYmZPWHNqOTViZzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX7WUMA0G
CSqGSIb3DQEBCwUAA4IBAQAKKKnVvfK7ZKEU5vVOk2OIzTSNhuRx+Fw9273DC0R6
TsKegAUXgcSjhoMpg98c7jV3YWGC57ALD20c/KOcO5uI72NhBhqN1zxydrceodPe
fj+Ckwiy1v/L8yhzqjjrVLbAIu7XLwh+RJKvsX1YBCTIsQouFLUsbKBVyBxlhQAb
n0EKwRK3WWCXKpckApGdZL2YoqkX5dUKHa3kefE3/JiQIi95Nxjr/lduQ4wsXOB7
EyncVX1a8kwIeRpzMHGD56RPXh/x7QqOohjK5FCRRHvrwgYoXd0h6req02RZ5Qc+
QoPhR94GPOmSiguCg+W9piwRQWwVymcUCtOqxr02fk1v
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:14 2025 by rpki-client