Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/7fea5a-ed78-4ba9-9a17-fdbc7c4cf49e/1/X9pmmTDQtM72iyFYJJwdhnv7Yz0.roa
File: X9pmmTDQtM72iyFYJJwdhnv7Yz0.roa (raw, json)
Hash identifier: ShehqkNekZgrfod1f1DqpGrynLN4b1gGB/OUzCqlcKk=
Subject key identifier: 5F:DA:66:99:30:D0:B4:CE:F6:8B:21:58:24:9C:1D:86:7B:FB:63:3D
Certificate issuer: /CN=874aa16fd2a2c936c0aa4fb5624f62bc56a54df8
Certificate serial: FAF6D6
Authority key identifier: 87:4A:A1:6F:D2:A2:C9:36:C0:AA:4F:B5:62:4F:62:BC:56:A5:4D:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0qhb9KiyTbAqk-1Yk9ivFalTfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/7fea5a-ed78-4ba9-9a17-fdbc7c4cf49e/1/X9pmmTDQtM72iyFYJJwdhnv7Yz0.roa
Signing time: Sat 01 Jan 2022 06:05:34 +0000
ROA not before: Sat 01 Jan 2022 06:05:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8412
IP address blocks: 195.95.162.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16447190 (0xfaf6d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874aa16fd2a2c936c0aa4fb5624f62bc56a54df8
Validity
Not Before: Jan 1 06:05:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fda669930d0b4cef68b2158249c1d867bfb633d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:57:f5:d1:d3:28:2c:8d:c5:07:01:b1:7e:e4:
74:6d:35:0c:27:6a:a6:ca:9b:af:dd:84:d4:75:48:
ad:31:24:7c:3d:ca:15:47:5b:62:d0:52:8b:31:d5:
91:fb:9b:fd:81:d8:97:2e:54:11:76:ce:58:65:ff:
f7:d4:29:f8:df:0e:4f:a9:0e:aa:19:55:a0:82:4f:
13:19:92:60:1e:11:f1:d4:3d:88:af:5e:72:80:a5:
89:85:9a:b5:d7:fb:4f:8f:bb:40:31:f1:6c:2f:15:
35:11:ce:c2:8a:40:e0:fc:ce:ab:2d:32:c7:a0:c2:
6d:f0:f0:14:cf:6b:1e:9f:d4:fd:b4:27:8e:e8:0c:
b8:d1:67:b6:ba:49:ae:27:d1:8d:7e:40:77:65:cf:
a1:b1:31:46:c0:a9:03:0e:b1:25:9b:74:e8:d9:58:
e5:44:c9:3f:5b:c0:a3:68:11:2b:0b:0d:44:74:6e:
fa:f0:63:71:90:de:7c:7d:ed:23:5e:0a:62:4e:f5:
b5:4a:f2:0d:0a:fe:18:66:b7:63:a3:3e:f4:cd:93:
79:46:f3:3b:5a:ed:fb:a1:4c:f3:5e:29:e9:d9:a3:
98:c4:c7:06:7c:39:9b:67:d2:01:4d:70:7a:34:88:
b4:11:db:54:e5:34:94:2d:b7:92:69:d7:a7:b2:9d:
97:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DA:66:99:30:D0:B4:CE:F6:8B:21:58:24:9C:1D:86:7B:FB:63:3D
X509v3 Authority Key Identifier:
keyid:87:4A:A1:6F:D2:A2:C9:36:C0:AA:4F:B5:62:4F:62:BC:56:A5:4D:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0qhb9KiyTbAqk-1Yk9ivFalTfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7fea5a-ed78-4ba9-9a17-fdbc7c4cf49e/1/X9pmmTDQtM72iyFYJJwdhnv7Yz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/7fea5a-ed78-4ba9-9a17-fdbc7c4cf49e/1/h0qhb9KiyTbAqk-1Yk9ivFalTfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.162.0/24
Signature Algorithm: sha256WithRSAEncryption
20:46:55:bd:3f:d1:66:60:b7:c0:56:19:3f:9f:ac:17:0d:0f:
0f:57:e7:b4:d0:6c:7d:2e:04:1d:40:ba:4b:79:c8:32:a1:39:
49:9b:45:79:e2:85:51:4c:1b:56:8b:42:dd:37:e7:17:6b:67:
cf:db:96:b3:b2:45:ed:b9:45:99:19:25:32:ba:b0:d6:fb:eb:
c0:dc:c6:af:f0:ba:1a:1b:b2:84:db:bc:34:79:58:c4:f9:99:
ba:8e:c6:2b:d1:aa:90:9c:1a:e3:34:8c:4b:4f:71:9e:cf:e4:
61:82:08:11:4c:82:9f:6a:b2:76:86:62:a3:35:59:d9:93:d7:
3c:8a:cd:e9:51:74:ce:76:43:d6:0e:3c:89:ad:f9:d1:fe:d3:
73:b0:93:2b:ef:1d:62:a2:ce:cd:ad:aa:f3:8f:cc:7b:0a:23:
f5:0b:f6:c7:0e:90:ce:d3:df:b5:d3:95:7a:e3:b5:7a:d1:31:
0c:51:ee:ee:04:5d:9c:94:21:27:cb:c6:ef:a1:16:12:c3:98:
3b:e8:4b:f9:ad:5f:d1:aa:87:dd:6a:58:86:b0:fe:88:c0:5e:
e7:ec:b5:b6:1a:91:a9:44:38:67:87:21:46:0b:cf:ad:9b:b9:
e3:7a:ce:c7:bd:3d:82:9a:86:57:38:db:94:6e:38:d9:ac:26:
5a:af:3d:56
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPr21jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NzRhYTE2ZmQyYTJjOTM2YzBhYTRmYjU2MjRmNjJiYzU2YTU0ZGY4MB4XDTIyMDEw
MTA2MDUzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZkYTY2OTkzMGQw
YjRjZWY2OGIyMTU4MjQ5YzFkODY3YmZiNjMzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5X9dHTKCyNxQcBsX7kdG01DCdqpsqbr92E1HVIrTEkfD3K
FUdbYtBSizHVkfub/YHYly5UEXbOWGX/99Qp+N8OT6kOqhlVoIJPExmSYB4R8dQ9
iK9ecoCliYWatdf7T4+7QDHxbC8VNRHOwopA4PzOqy0yx6DCbfDwFM9rHp/U/bQn
jugMuNFntrpJrifRjX5Ad2XPobExRsCpAw6xJZt06NlY5UTJP1vAo2gRKwsNRHRu
+vBjcZDefH3tI14KYk71tUryDQr+GGa3Y6M+9M2TeUbzO1rt+6FM814p6dmjmMTH
Bnw5m2fSAU1wejSItBHbVOU0lC23kmnXp7Kdl+kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRf2maZMNC0zvaLIVgknB2Ge/tjPTAfBgNVHSMEGDAWgBSHSqFv0qLJNsCq
T7ViT2K8VqVN+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gwcWhiOUtpeVRiQXFrLTFZazlpdkZhbFRmZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvN2ZlYTVhLWVkNzgtNGJhOS05YTE3LWZkYmM3YzRjZjQ5ZS8x
L1g5cG1tVERRdE03Mml5RllKSndkaG52N1l6MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
N2ZlYTVhLWVkNzgtNGJhOS05YTE3LWZkYmM3YzRjZjQ5ZS8xL2gwcWhiOUtpeVRi
QXFrLTFZazlpdkZhbFRmZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMNfojANBgkqhkiG9w0BAQsFAAOC
AQEAIEZVvT/RZmC3wFYZP5+sFw0PD1fntNBsfS4EHUC6S3nIMqE5SZtFeeKFUUwb
VotC3TfnF2tnz9uWs7JF7blFmRklMrqw1vvrwNzGr/C6GhuyhNu8NHlYxPmZuo7G
K9GqkJwa4zSMS09xns/kYYIIEUyCn2qydoZiozVZ2ZPXPIrN6VF0znZD1g48ia35
0f7Tc7CTK+8dYqLOza2q84/Mewoj9Qv2xw6QztPftdOVeuO1etExDFHu7gRdnJQh
J8vG76EWEsOYO+hL+a1f0aqH3WpYhrD+iMBe5+y1thqRqUQ4Z4chRgvPrZu543rO
x709gpqGVzjblG442awmWq89Vg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:49 2025 by rpki-client