Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/3Hiy5pZXg4UY3aPQoH8ZfRzu5w0.roa
File: 3Hiy5pZXg4UY3aPQoH8ZfRzu5w0.roa (raw, json)
Hash identifier: YJstjxo1saNRinN93p1YGq+jxLGD9s1jC5+Q+1WtHm4=
Subject key identifier: DC:78:B2:E6:96:57:83:85:18:DD:A3:D0:A0:7F:19:7D:1C:EE:E7:0D
Certificate issuer: /CN=557b0ac10b8642a27dd3d74ed6cb5ee045e67b97
Certificate serial: 0186083E67663EC916BB4E8CB31BDBC7CF53
Authority key identifier: 55:7B:0A:C1:0B:86:42:A2:7D:D3:D7:4E:D6:CB:5E:E0:45:E6:7B:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VXsKwQuGQqJ909dO1ste4EXme5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/3Hiy5pZXg4UY3aPQoH8ZfRzu5w0.roa
Signing time: Tue 31 Jan 2023 14:32:32 +0000
ROA not before: Tue 31 Jan 2023 14:32:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44118
IP address blocks: 95.169.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:3e:67:66:3e:c9:16:bb:4e:8c:b3:1b:db:c7:cf:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=557b0ac10b8642a27dd3d74ed6cb5ee045e67b97
Validity
Not Before: Jan 31 14:32:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc78b2e69657838518dda3d0a07f197d1ceee70d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:15:68:0f:c5:c9:8e:b4:d8:cb:b6:fd:09:e3:
3b:b8:30:fe:14:df:50:90:ec:6e:be:99:ab:d5:cc:
c8:bd:69:21:6e:72:00:23:8e:55:f9:cb:d4:33:c6:
fa:82:21:1e:84:2e:9e:54:03:7e:a7:aa:5d:f9:25:
e1:f2:8b:b3:07:a0:9e:8c:83:9f:d4:6d:a6:52:ae:
c0:39:65:96:16:79:42:94:dc:3c:03:8b:3a:82:79:
e1:a2:10:93:3f:e9:9d:8d:96:6b:2b:fb:c6:63:12:
55:c7:7a:10:5b:a1:85:b2:70:73:11:c4:3e:e3:8c:
f0:78:ba:79:90:04:d6:81:d3:da:b8:0d:3f:a5:bf:
c2:7c:8b:fc:c1:17:85:62:16:66:93:59:d5:d6:a0:
f6:23:1f:46:24:a2:3a:4a:0d:0f:b6:c7:c0:e7:d2:
ca:7c:0a:92:99:a7:90:8a:9c:1e:02:84:f4:02:0c:
bd:a0:bb:a5:d3:19:a2:b2:86:88:e5:78:2e:a0:b4:
84:e1:2b:d0:8b:6a:70:4b:91:02:b6:ea:78:06:31:
17:50:19:42:52:08:b1:fc:1f:bd:ee:d9:ed:d7:a3:
a0:4f:e9:f0:11:be:53:66:a4:0e:cb:0c:a7:c0:9f:
c9:34:fa:3d:5f:68:6e:3b:d3:49:b1:e7:1a:9c:ee:
78:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:78:B2:E6:96:57:83:85:18:DD:A3:D0:A0:7F:19:7D:1C:EE:E7:0D
X509v3 Authority Key Identifier:
keyid:55:7B:0A:C1:0B:86:42:A2:7D:D3:D7:4E:D6:CB:5E:E0:45:E6:7B:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VXsKwQuGQqJ909dO1ste4EXme5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/3Hiy5pZXg4UY3aPQoH8ZfRzu5w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5e5c30-8aa4-47e8-bd8f-fbe1a0d0aa98/1/VXsKwQuGQqJ909dO1ste4EXme5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.194.0/24
Signature Algorithm: sha256WithRSAEncryption
45:e3:27:20:4d:72:fd:d4:6e:e8:43:15:98:6a:d1:31:13:3a:
e5:d6:46:1e:50:7f:b7:b3:ac:0b:ee:19:e3:cc:7f:fc:ee:19:
89:84:db:0c:e2:0e:54:db:06:cb:91:b5:fc:13:d0:c3:a3:ed:
cb:83:e4:31:8f:d3:3d:3f:fa:cf:08:82:02:d7:2c:fd:70:c4:
51:fa:7e:78:bb:11:75:a7:32:02:71:b6:44:83:78:cb:10:99:
4c:2e:fe:da:b9:81:c2:ed:46:31:55:f7:e0:9e:84:b1:b4:b1:
ba:dd:3b:7f:c3:b0:73:52:82:79:1f:81:c9:47:4f:aa:cb:f8:
ff:1d:71:5c:fb:63:d4:7e:af:e9:b3:5f:c0:ca:1b:6f:3e:09:
98:d9:a5:fb:2f:fa:79:70:05:dc:34:3b:74:38:55:86:83:d7:
fe:4b:29:15:d6:ff:57:17:3c:12:fd:34:7d:19:66:68:67:7c:
59:02:5b:dc:46:1f:22:25:e8:96:ec:8b:19:f5:df:16:e1:67:
ff:d1:bd:4d:31:ae:e6:55:44:9b:74:80:14:ef:4d:d8:5f:43:
de:04:ba:07:3e:84:bc:81:53:c0:0d:52:d0:20:59:50:9a:9b:
08:95:27:94:cf:0c:7e:15:74:6d:bb:de:64:9a:83:d8:2d:9a:
ab:dd:fc:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYIPmdmPskWu06Msxvbx89TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1N2IwYWMxMGI4NjQyYTI3ZGQzZDc0ZWQ2Y2I1ZWUwNDVl
NjdiOTcwHhcNMjMwMTMxMTQzMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzc4YjJlNjk2NTc4Mzg1MThkZGEzZDBhMDdmMTk3ZDFjZWVlNzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRVoD8XJjrTYy7b9CeM7uDD+FN9Q
kOxuvpmr1czIvWkhbnIAI45V+cvUM8b6giEehC6eVAN+p6pd+SXh8ouzB6CejIOf
1G2mUq7AOWWWFnlClNw8A4s6gnnhohCTP+mdjZZrK/vGYxJVx3oQW6GFsnBzEcQ+
44zweLp5kATWgdPauA0/pb/CfIv8wReFYhZmk1nV1qD2Ix9GJKI6Sg0PtsfA59LK
fAqSmaeQipweAoT0Agy9oLul0xmisoaI5XguoLSE4SvQi2pwS5ECtup4BjEXUBlC
Ugix/B+97tnt16OgT+nwEb5TZqQOywynwJ/JNPo9X2huO9NJsecanO54VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNx4suaWV4OFGN2j0KB/GX0c7ucNMB8GA1UdIwQY
MBaAFFV7CsELhkKifdPXTtbLXuBF5nuXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlhzS3dRdUdRcUo5MDlkTzFzdGU0RVhtZTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81ZTVjMzAtOGFhNC00N2U4LWJkOGYt
ZmJlMWEwZDBhYTk4LzEvM0hpeTVwWlhnNFVZM2FQUW9IOFpmUnp1NXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81ZTVjMzAtOGFhNC00N2U4LWJkOGYtZmJlMWEwZDBhYTk4
LzEvVlhzS3dRdUdRcUo5MDlkTzFzdGU0RVhtZTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6nCMA0G
CSqGSIb3DQEBCwUAA4IBAQBF4ycgTXL91G7oQxWYatExEzrl1kYeUH+3s6wL7hnj
zH/87hmJhNsM4g5U2wbLkbX8E9DDo+3Lg+Qxj9M9P/rPCIIC1yz9cMRR+n54uxF1
pzICcbZEg3jLEJlMLv7auYHC7UYxVffgnoSxtLG63Tt/w7BzUoJ5H4HJR0+qy/j/
HXFc+2PUfq/ps1/AyhtvPgmY2aX7L/p5cAXcNDt0OFWGg9f+SykV1v9XFzwS/TR9
GWZoZ3xZAlvcRh8iJeiW7IsZ9d8W4Wf/0b1NMa7mVUSbdIAU703YX0PeBLoHPoS8
gVPADVLQIFlQmpsIlSeUzwx+FXRtu95kmoPYLZqr3fyC
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:09:34 2025 by rpki-client