Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/e08d0e-ee4c-4ae1-9e0b-1278a42e092a/1/oFWzjjj56b7aQR0tzkoxIRRNapQ.roa
File: oFWzjjj56b7aQR0tzkoxIRRNapQ.roa (raw, json)
Hash identifier: 1TFaTiW0jELoR+kQ3Fqkte0a56CHvKnjR7SWWUmMSpU=
Subject key identifier: A0:55:B3:8E:38:F9:E9:BE:DA:41:1D:2D:CE:4A:31:21:14:4D:6A:94
Certificate issuer: /CN=1c5c72ee422c61667e3056de6b3ffce034305175
Certificate serial: 01856C4A54954BB412A8AB38B45D50BDAC1F
Authority key identifier: 1C:5C:72:EE:42:2C:61:66:7E:30:56:DE:6B:3F:FC:E0:34:30:51:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HFxy7kIsYWZ-MFbeaz_84DQwUXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/e08d0e-ee4c-4ae1-9e0b-1278a42e092a/1/oFWzjjj56b7aQR0tzkoxIRRNapQ.roa
Signing time: Sun 01 Jan 2023 07:44:48 +0000
ROA not before: Sun 01 Jan 2023 07:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57328
IP address blocks: 95.66.198.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:54:95:4b:b4:12:a8:ab:38:b4:5d:50:bd:ac:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c5c72ee422c61667e3056de6b3ffce034305175
Validity
Not Before: Jan 1 07:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a055b38e38f9e9beda411d2dce4a3121144d6a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6c:3f:2d:62:59:b1:b6:8a:01:03:a9:02:8a:
d3:4c:c7:de:b3:9b:54:6c:69:e2:0d:46:94:73:87:
f4:f5:78:ef:f5:bf:12:db:ad:f7:da:52:0b:71:22:
81:f5:43:e1:11:fa:ba:a8:3e:8c:5c:a2:b0:4f:c3:
86:53:06:a7:e8:cc:72:2b:28:21:3c:ac:7f:ae:87:
29:68:38:4d:c9:2a:2c:48:c6:df:ea:71:cf:14:75:
b8:54:71:67:96:5d:bf:bd:fb:4d:d2:37:01:3d:f4:
5c:e4:63:40:2a:42:08:8d:3c:58:ba:70:df:59:95:
43:c0:79:de:70:0d:b7:46:8f:4b:6e:66:d6:0c:53:
98:10:9e:f9:33:88:7c:37:81:9c:48:b5:26:23:08:
79:f2:aa:7a:4d:8f:09:c6:44:b5:06:c3:95:ea:93:
46:7a:6e:bf:da:fa:bd:77:f3:04:f4:f7:b3:f0:d1:
2d:aa:6e:38:97:0f:0b:01:49:96:04:97:93:ae:d5:
a0:5b:38:65:68:01:4d:93:d6:0e:10:41:2e:68:09:
45:d7:f6:c6:82:2b:dd:a3:f9:40:71:42:a1:b1:5c:
25:1f:2e:5c:c1:dd:ee:1d:24:c5:b6:ac:87:76:6e:
8d:5e:eb:2e:44:f1:3a:8d:6e:e3:cf:f9:96:2f:22:
5a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:55:B3:8E:38:F9:E9:BE:DA:41:1D:2D:CE:4A:31:21:14:4D:6A:94
X509v3 Authority Key Identifier:
keyid:1C:5C:72:EE:42:2C:61:66:7E:30:56:DE:6B:3F:FC:E0:34:30:51:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HFxy7kIsYWZ-MFbeaz_84DQwUXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e08d0e-ee4c-4ae1-9e0b-1278a42e092a/1/oFWzjjj56b7aQR0tzkoxIRRNapQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/e08d0e-ee4c-4ae1-9e0b-1278a42e092a/1/HFxy7kIsYWZ-MFbeaz_84DQwUXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.66.198.0/23
Signature Algorithm: sha256WithRSAEncryption
9c:4e:ec:4e:43:8d:41:91:77:b6:c4:42:e8:bb:c8:c2:7f:1a:
70:e6:4c:3b:86:3b:e5:02:4b:86:58:eb:bf:da:2c:fb:ce:1c:
9c:a4:93:47:54:30:b3:d8:26:6f:f8:60:a5:41:57:a1:05:37:
ad:4e:9b:58:3b:44:98:51:1f:c5:cc:c4:42:6f:53:ce:0c:d8:
34:62:e7:54:de:3a:9e:79:54:63:a8:50:a1:33:5b:4f:9d:50:
1b:05:0c:e5:99:d4:81:70:c3:27:d9:76:13:cb:81:06:cf:51:
a1:a4:45:a3:c5:a8:a7:c8:85:fe:dd:16:c2:a4:99:4f:53:f0:
79:34:c6:36:5a:1b:eb:65:ca:74:ac:d8:c1:72:1a:84:30:bf:
0e:8b:b8:04:40:0c:a1:97:3f:fb:6d:f8:99:1a:d2:f2:36:48:
6f:0f:60:87:fa:3a:d9:b5:04:53:12:c1:73:74:d6:9f:98:e1:
ac:60:34:80:9e:a1:e4:38:fc:c7:29:a7:44:17:23:4a:70:ed:
b5:04:67:e3:ec:1d:14:32:3e:e5:2f:63:e3:73:f0:f4:e3:fc:
d5:1f:64:80:c7:b5:4d:bd:f2:65:47:34:be:8e:35:24:7f:a2:
4c:73:a8:8c:1e:d1:b8:f0:d0:94:eb:58:f4:5c:ca:f4:3d:6f:
a5:60:3e:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSlSVS7QSqKs4tF1QvawfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjNWM3MmVlNDIyYzYxNjY3ZTMwNTZkZTZiM2ZmY2UwMzQz
MDUxNzUwHhcNMjMwMTAxMDc0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDU1YjM4ZTM4ZjllOWJlZGE0MTFkMmRjZTRhMzEyMTE0NGQ2YTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGw/LWJZsbaKAQOpAorTTMfes5tU
bGniDUaUc4f09Xjv9b8S26332lILcSKB9UPhEfq6qD6MXKKwT8OGUwan6MxyKygh
PKx/rocpaDhNySosSMbf6nHPFHW4VHFnll2/vftN0jcBPfRc5GNAKkIIjTxYunDf
WZVDwHnecA23Ro9LbmbWDFOYEJ75M4h8N4GcSLUmIwh58qp6TY8JxkS1BsOV6pNG
em6/2vq9d/ME9Pez8NEtqm44lw8LAUmWBJeTrtWgWzhlaAFNk9YOEEEuaAlF1/bG
givdo/lAcUKhsVwlHy5cwd3uHSTFtqyHdm6NXusuRPE6jW7jz/mWLyJa1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKBVs444+em+2kEdLc5KMSEUTWqUMB8GA1UdIwQY
MBaAFBxccu5CLGFmfjBW3ms//OA0MFF1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEZ4eTdrSXNZV1otTUZiZWF6Xzg0RFF3VVhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9lMDhkMGUtZWU0Yy00YWUxLTllMGIt
MTI3OGE0MmUwOTJhLzEvb0ZXempqajU2YjdhUVIwdHprb3hJUlJOYXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9lMDhkMGUtZWU0Yy00YWUxLTllMGItMTI3OGE0MmUwOTJh
LzEvSEZ4eTdrSXNZV1otTUZiZWF6Xzg0RFF3VVhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBX0LGMA0G
CSqGSIb3DQEBCwUAA4IBAQCcTuxOQ41BkXe2xELou8jCfxpw5kw7hjvlAkuGWOu/
2iz7zhycpJNHVDCz2CZv+GClQVehBTetTptYO0SYUR/FzMRCb1PODNg0YudU3jqe
eVRjqFChM1tPnVAbBQzlmdSBcMMn2XYTy4EGz1GhpEWjxainyIX+3RbCpJlPU/B5
NMY2WhvrZcp0rNjBchqEML8Oi7gEQAyhlz/7bfiZGtLyNkhvD2CH+jrZtQRTEsFz
dNafmOGsYDSAnqHkOPzHKadEFyNKcO21BGfj7B0UMj7lL2Pjc/D04/zVH2SAx7VN
vfJlRzS+jjUkf6JMc6iMHtG48NCU61j0XMr0PW+lYD57
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:53 2025 by rpki-client