Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/dWFEj3P-boqu0mfwu8LqvMwIetk.roa
File: dWFEj3P-boqu0mfwu8LqvMwIetk.roa (raw, json)
Hash identifier: Ee1//f3bSYTbhIGB2yRNbP6cZ3ygbzqvIQV7o6W1QNM=
Subject key identifier: 75:61:44:8F:73:FE:6E:8A:AE:D2:67:F0:BB:C2:EA:BC:CC:08:7A:D9
Certificate issuer: /CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Certificate serial: 01856D386655E42A227307314795829C39DC
Authority key identifier: 36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/dWFEj3P-boqu0mfwu8LqvMwIetk.roa
Signing time: Sun 01 Jan 2023 12:04:50 +0000
ROA not before: Sun 01 Jan 2023 12:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41717
IP address blocks: 95.181.154.0/24 maxlen: 24
95.181.162.0/24 maxlen: 24
95.181.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:38:66:55:e4:2a:22:73:07:31:47:95:82:9c:39:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363769f8644a5a718ae62b058dd1fb62cb5a3c20
Validity
Not Before: Jan 1 12:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7561448f73fe6e8aaed267f0bbc2eabccc087ad9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3b:a9:24:df:0d:7e:fb:f6:7a:c3:60:2b:e5:
b3:e6:2c:0d:fe:7d:54:45:84:9e:ab:3d:81:3c:42:
e9:cc:6e:4a:fb:71:cb:23:24:25:7b:b0:03:05:06:
75:87:aa:59:08:73:12:6a:89:c1:5b:26:04:fb:6f:
3a:08:4c:80:dd:fe:a9:50:6c:54:7f:fa:04:ae:36:
93:95:ad:9c:00:15:68:91:2a:b7:6e:8b:d4:ba:21:
37:18:27:a7:f5:46:1b:7b:20:a7:b9:62:21:5a:f8:
da:71:2b:b2:33:e5:0d:68:96:b5:51:8b:52:e7:f1:
13:8c:bf:1d:33:b7:c5:0f:6f:df:6d:dd:4e:97:26:
ef:a4:a7:c7:a8:64:a9:2c:61:75:15:e8:22:86:ee:
64:89:e1:a6:96:f2:b3:eb:ee:ba:29:33:ae:57:b1:
06:22:82:5f:a0:6a:8a:d9:05:ee:e8:9e:7e:d1:5e:
76:7a:8f:95:a2:c2:4d:b6:36:13:ab:c4:e9:58:fa:
51:26:5a:c3:d0:41:c4:66:14:78:09:cb:c0:ae:5c:
3b:cd:80:27:5c:ca:0d:27:ba:66:41:51:f7:fc:e3:
92:69:1f:98:a6:3f:e7:29:ab:61:a0:96:30:74:06:
fb:bf:bd:3c:d8:ad:47:3d:0d:94:22:cb:26:86:37:
c1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:61:44:8F:73:FE:6E:8A:AE:D2:67:F0:BB:C2:EA:BC:CC:08:7A:D9
X509v3 Authority Key Identifier:
keyid:36:37:69:F8:64:4A:5A:71:8A:E6:2B:05:8D:D1:FB:62:CB:5A:3C:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Njdp-GRKWnGK5isFjdH7YstaPCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/dWFEj3P-boqu0mfwu8LqvMwIetk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0f8fea-f00a-4415-b396-399fc9693b22/1/Njdp-GRKWnGK5isFjdH7YstaPCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.181.154.0/24
95.181.162.0/24
95.181.167.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:88:10:27:fd:3a:b6:af:c3:a3:e6:a9:c8:aa:41:fd:a3:03:
24:50:eb:c0:29:5f:b8:c1:7c:c7:ce:56:b3:e6:70:57:50:0c:
16:aa:33:64:08:7d:8d:fb:f0:20:da:70:c0:19:d1:b3:b2:2b:
53:e8:dd:55:84:d4:88:cb:7b:cc:fe:89:dd:a5:38:db:9e:ac:
da:dd:91:70:6c:82:06:7e:d8:26:d8:25:b1:7f:c0:26:3d:89:
7e:09:24:da:01:e1:81:b3:a0:23:cc:a8:02:73:fe:c1:30:58:
df:06:68:00:81:89:e4:75:42:30:9b:b8:21:26:2a:40:9c:d9:
4a:d6:f0:bd:8f:4e:24:93:dc:23:eb:69:af:db:a7:9d:d1:07:
68:7a:57:81:88:12:4d:aa:04:55:aa:80:5d:e6:4b:53:93:5b:
88:20:23:b7:42:40:77:35:51:69:20:ad:4b:7e:9f:b3:28:26:
f0:c3:5e:8f:5a:fd:9e:c4:f4:fd:65:c3:af:ed:86:8d:3f:11:
f3:a4:80:c2:5b:dd:81:af:77:83:e9:c0:1c:96:4a:1b:b9:7f:
49:5b:6b:40:5d:e0:28:dd:e9:a1:48:83:42:e5:d6:f8:eb:0f:
03:13:eb:33:0c:a1:d6:8d:55:82:79:cf:f6:5c:7e:c6:19:41:
b0:65:32:46
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVtOGZV5CoicwcxR5WCnDncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2Mzc2OWY4NjQ0YTVhNzE4YWU2MmIwNThkZDFmYjYyY2I1
YTNjMjAwHhcNMjMwMTAxMTIwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTYxNDQ4ZjczZmU2ZThhYWVkMjY3ZjBiYmMyZWFiY2NjMDg3YWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jupJN8Nfvv2esNgK+Wz5iwN/n1U
RYSeqz2BPELpzG5K+3HLIyQle7ADBQZ1h6pZCHMSaonBWyYE+286CEyA3f6pUGxU
f/oErjaTla2cABVokSq3bovUuiE3GCen9UYbeyCnuWIhWvjacSuyM+UNaJa1UYtS
5/ETjL8dM7fFD2/fbd1OlybvpKfHqGSpLGF1Fegihu5kieGmlvKz6+66KTOuV7EG
IoJfoGqK2QXu6J5+0V52eo+VosJNtjYTq8TpWPpRJlrD0EHEZhR4CcvArlw7zYAn
XMoNJ7pmQVH3/OOSaR+Ypj/nKathoJYwdAb7v7082K1HPQ2UIssmhjfBLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHVhRI9z/m6KrtJn8LvC6rzMCHrZMB8GA1UdIwQY
MBaAFDY3afhkSlpxiuYrBY3R+2LLWjwgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYt
Mzk5ZmM5NjkzYjIyLzEvZFdGRWozUC1ib3F1MG1md3U4THF2TXdJZXRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8wZjhmZWEtZjAwYS00NDE1LWIzOTYtMzk5ZmM5NjkzYjIy
LzEvTmpkcC1HUktXbkdLNWlzRmpkSDdZc3RhUENBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAX7WaAwQA
X7WiAwQAX7WnMA0GCSqGSIb3DQEBCwUAA4IBAQB6iBAn/Tq2r8Oj5qnIqkH9owMk
UOvAKV+4wXzHzlaz5nBXUAwWqjNkCH2N+/Ag2nDAGdGzsitT6N1VhNSIy3vM/ond
pTjbnqza3ZFwbIIGftgm2CWxf8AmPYl+CSTaAeGBs6AjzKgCc/7BMFjfBmgAgYnk
dUIwm7ghJipAnNlK1vC9j04kk9wj62mv26ed0QdoeleBiBJNqgRVqoBd5ktTk1uI
ICO3QkB3NVFpIK1Lfp+zKCbww16PWv2exPT9ZcOv7YaNPxHzpIDCW92Br3eD6cAc
lkobuX9JW2tAXeAo3emhSINC5db46w8DE+szDKHWjVWCec/2XH7GGUGwZTJG
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:56:19 2025 by rpki-client