Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/R4geNE-vP5MRL43Lrza58fhBcOQ.roa
File: R4geNE-vP5MRL43Lrza58fhBcOQ.roa (raw, json)
Hash identifier: pdVQJHI/S6ytKrZfUedMBjLJHVUTw/mA0n0aOVcGpT0=
Subject key identifier: 47:88:1E:34:4F:AF:3F:93:11:2F:8D:CB:AF:36:B9:F1:F8:41:70:E4
Certificate issuer: /CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Certificate serial: 01856CC177E7E527A638E7D7EC7EAB650911
Authority key identifier: 5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/R4geNE-vP5MRL43Lrza58fhBcOQ.roa
Signing time: Sun 01 Jan 2023 09:54:56 +0000
ROA not before: Sun 01 Jan 2023 09:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39235
IP address blocks: 77.95.192.0/21 maxlen: 21
80.251.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:c1:77:e7:e5:27:a6:38:e7:d7:ec:7e:ab:65:09:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d39d15bd2fcc84771ba6aa29aa54428b21cef60
Validity
Not Before: Jan 1 09:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47881e344faf3f93112f8dcbaf36b9f1f84170e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:33:34:0a:7d:92:0d:d2:84:e4:fc:58:bd:fa:
16:54:3e:0c:95:7c:ee:5e:6e:ff:e7:40:a5:60:b4:
7f:71:b4:42:6c:9f:77:d7:18:4c:96:55:e5:03:05:
f7:24:d2:b4:b7:42:f4:d9:86:a2:e2:cf:d2:f8:a4:
88:d7:82:6f:3b:7d:fc:7f:08:c7:18:a5:a7:7b:38:
0c:87:f8:50:86:55:b6:da:9f:e2:bc:92:03:e0:32:
38:47:7f:f0:5c:4a:fa:49:88:83:e2:4b:d8:e0:d6:
9f:35:f5:15:db:b4:63:a0:1b:70:13:4a:f7:f8:af:
a1:87:83:2c:0f:f8:ea:bb:02:6f:ae:7a:bc:fa:b3:
bf:0f:09:d7:77:22:85:a4:0f:08:63:50:d5:bc:5e:
1c:c4:2c:82:68:0c:e4:ee:50:70:76:d0:ed:ce:2c:
93:dc:4c:74:2b:18:48:45:29:31:b9:e7:44:3d:75:
e4:0c:c8:58:93:80:d1:1e:71:04:8a:e5:cb:47:f1:
17:16:b0:ad:7f:53:b6:8e:48:97:15:d8:44:63:b1:
50:00:d9:93:65:e1:7f:31:3a:f6:d9:5a:47:f0:58:
66:bb:75:89:be:2d:21:f4:4b:7a:d4:e2:9a:b0:9c:
c3:91:db:7b:de:f1:9e:58:54:3e:99:42:c9:7a:5d:
ff:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:88:1E:34:4F:AF:3F:93:11:2F:8D:CB:AF:36:B9:F1:F8:41:70:E4
X509v3 Authority Key Identifier:
keyid:5D:39:D1:5B:D2:FC:C8:47:71:BA:6A:A2:9A:A5:44:28:B2:1C:EF:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XTnRW9L8yEdxumqimqVEKLIc72A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/R4geNE-vP5MRL43Lrza58fhBcOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/c8092e-9f8c-4718-b770-c29b44de53a8/1/XTnRW9L8yEdxumqimqVEKLIc72A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.192.0/21
80.251.240.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:3b:25:8d:69:8d:fe:b0:c5:51:81:3a:c3:48:fb:4d:00:09:
8c:cd:11:d4:14:d2:d6:d4:1d:e5:9e:a1:a8:74:96:7f:cc:1a:
0f:ad:86:ad:30:29:29:83:6f:35:96:8b:b5:0d:b7:f3:db:22:
0e:f3:fe:82:f7:ea:c4:20:bb:6d:49:b0:6d:75:5f:7f:1f:46:
de:96:71:c1:e2:e3:c8:b3:85:c7:9c:e8:52:da:fe:11:96:a8:
71:49:77:50:94:4f:5e:2e:62:e1:05:a3:4e:dd:e2:99:53:d2:
90:c6:40:85:17:03:9f:c2:c1:81:8d:c3:7d:75:e4:5e:f8:57:
83:87:5b:86:23:6e:de:54:2c:21:c2:a0:1b:5b:e9:2b:d4:ea:
f6:1a:fc:e2:bd:df:00:8f:53:a5:8d:8d:ad:34:97:a8:b4:cf:
a3:0b:39:0c:f7:c7:83:a8:2c:fa:ef:5a:4d:17:b0:74:45:d5:
ec:00:5a:bc:9e:e8:d1:99:cd:12:38:13:dc:83:11:57:13:30:
28:eb:8c:8e:8e:be:79:ca:35:b0:e2:51:5b:de:0e:62:76:76:
ea:b6:27:ff:03:b0:20:17:40:0b:32:0f:62:c4:c6:08:57:1f:
f2:aa:42:b1:d6:02:f4:d2:d9:86:50:36:c3:e4:05:c6:00:65:
94:e0:e5:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVswXfn5SemOOfX7H6rZQkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMzlkMTViZDJmY2M4NDc3MWJhNmFhMjlhYTU0NDI4YjIx
Y2VmNjAwHhcNMjMwMTAxMDk1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Nzg4MWUzNDRmYWYzZjkzMTEyZjhkY2JhZjM2YjlmMWY4NDE3MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjM0Cn2SDdKE5PxYvfoWVD4MlXzu
Xm7/50ClYLR/cbRCbJ931xhMllXlAwX3JNK0t0L02Yai4s/S+KSI14JvO338fwjH
GKWnezgMh/hQhlW22p/ivJID4DI4R3/wXEr6SYiD4kvY4NafNfUV27RjoBtwE0r3
+K+hh4MsD/jquwJvrnq8+rO/DwnXdyKFpA8IY1DVvF4cxCyCaAzk7lBwdtDtziyT
3Ex0KxhIRSkxuedEPXXkDMhYk4DRHnEEiuXLR/EXFrCtf1O2jkiXFdhEY7FQANmT
ZeF/MTr22VpH8Fhmu3WJvi0h9Et61OKasJzDkdt73vGeWFQ+mULJel3/RQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEeIHjRPrz+TES+Ny682ufH4QXDkMB8GA1UdIwQY
MBaAFF050VvS/MhHcbpqopqlRCiyHO9gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAt
YzI5YjQ0ZGU1M2E4LzEvUjRnZU5FLXZQNU1STDQzTHJ6YTU4ZmhCY09RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9jODA5MmUtOWY4Yy00NzE4LWI3NzAtYzI5YjQ0ZGU1M2E4
LzEvWFRuUlc5TDh5RWR4dW1xaW1xVkVLTEljNzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDTV/AAwQE
UPvwMA0GCSqGSIb3DQEBCwUAA4IBAQCgOyWNaY3+sMVRgTrDSPtNAAmMzRHUFNLW
1B3lnqGodJZ/zBoPrYatMCkpg281lou1Dbfz2yIO8/6C9+rEILttSbBtdV9/H0be
lnHB4uPIs4XHnOhS2v4RlqhxSXdQlE9eLmLhBaNO3eKZU9KQxkCFFwOfwsGBjcN9
deRe+FeDh1uGI27eVCwhwqAbW+kr1Or2Gvzivd8Aj1OljY2tNJeotM+jCzkM98eD
qCz671pNF7B0RdXsAFq8nujRmc0SOBPcgxFXEzAo64yOjr55yjWw4lFb3g5idnbq
tif/A7AgF0ALMg9ixMYIVx/yqkKx1gL00tmGUDbD5AXGAGWU4OXB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:40 2025 by rpki-client