Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/asPKBRtq3tBBbLfQSLwMgTT08Q8.roa
File: asPKBRtq3tBBbLfQSLwMgTT08Q8.roa (raw, json)
Hash identifier: kascHfIIvcLgcMwhFNCclsL44+6Zwoo3rLnbHgm0TfA=
Subject key identifier: 6A:C3:CA:05:1B:6A:DE:D0:41:6C:B7:D0:48:BC:0C:81:34:F4:F1:0F
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 0181D4A5421FAB3694DE19C518D38ED8F005
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/asPKBRtq3tBBbLfQSLwMgTT08Q8.roa
Signing time: Wed 06 Jul 2022 17:53:28 +0000
ROA not before: Wed 06 Jul 2022 17:53:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206424
IP address blocks: 95.85.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d4:a5:42:1f:ab:36:94:de:19:c5:18:d3:8e:d8:f0:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jul 6 17:53:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ac3ca051b6aded0416cb7d048bc0c8134f4f10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:55:40:f2:46:f3:dc:60:88:92:88:45:ea:cd:
b2:e1:a5:f7:c4:53:aa:7c:80:67:39:b5:88:e2:ef:
f0:b3:b5:18:6b:19:8e:59:95:1f:f3:30:4c:2d:ce:
29:be:92:58:10:ec:86:6c:f9:3e:3f:30:c4:30:96:
20:49:74:b3:8d:e6:f0:1f:ad:de:18:a7:e4:f8:06:
48:ef:57:01:b2:76:31:ab:ea:b6:a1:9b:3c:3f:b0:
de:5b:05:8e:f7:f0:9d:64:35:5e:75:ae:95:d0:74:
bb:ee:0e:02:07:dd:fc:9d:f5:93:50:ab:eb:74:ea:
dc:84:75:5f:60:49:67:fa:15:ca:df:3d:15:f9:dd:
ff:3c:c3:60:bf:84:56:f7:3e:a5:49:b6:c8:15:10:
14:33:d8:7c:de:1c:5a:eb:6e:5d:cc:93:a8:32:8b:
11:be:ab:48:a5:69:48:6e:d0:44:72:57:55:fc:c4:
91:ec:db:11:60:5e:b6:aa:50:90:ae:47:5c:be:df:
b9:97:66:07:0d:eb:e2:44:87:04:43:da:b3:f4:1c:
ba:26:ed:98:c9:0d:84:f8:b8:68:f1:23:92:8a:1a:
28:c9:47:dc:48:39:d0:60:59:8e:85:a2:d9:8f:63:
c4:3a:dd:bc:2d:c6:41:a0:ef:f7:25:90:97:f6:f4:
31:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C3:CA:05:1B:6A:DE:D0:41:6C:B7:D0:48:BC:0C:81:34:F4:F1:0F
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/asPKBRtq3tBBbLfQSLwMgTT08Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.83.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:9c:7c:2e:7e:39:e1:7d:3b:60:3b:18:82:b2:fb:79:f0:ed:
33:41:d2:b4:6f:3e:36:d0:13:91:e5:9c:57:40:bb:a2:3a:c6:
5b:d3:ad:ae:39:36:19:76:90:b6:15:75:4c:22:ce:eb:67:18:
a5:21:41:9c:76:08:e1:3b:f6:24:6c:f1:b2:1c:39:7b:6f:5c:
68:20:14:7a:ef:88:22:bc:e5:9c:06:f8:c0:4e:ed:25:d9:38:
fa:22:d1:13:ad:8b:50:1e:90:64:fb:47:a4:ad:48:92:f7:84:
9d:db:01:6f:d7:d1:ca:74:42:be:dc:ca:f5:67:91:51:e2:f2:
23:4d:c6:20:28:8f:b4:a9:5f:fa:da:0f:ce:22:a5:ee:ad:1d:
12:a1:04:6a:91:bd:88:0c:fc:3a:9e:05:b7:3f:b5:bd:05:ed:
56:fa:5d:65:1e:1c:f7:b7:f3:eb:eb:83:4d:a8:b3:f7:2e:38:
89:4c:dd:65:5b:ff:bb:96:b6:5d:77:29:70:bc:58:6c:bc:6a:
cd:44:0d:b6:6b:94:4b:1b:ba:cf:b2:cd:42:ec:a4:ad:fc:fa:
86:3b:4d:5c:a5:f3:38:c8:74:79:81:56:5c:82:d5:e2:91:0c:
c2:a0:75:9d:9f:03:e4:cc:8c:a7:2c:c4:01:a0:76:7f:a6:14:
f5:53:96:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHUpUIfqzaU3hnFGNOO2PAFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjIwNzA2MTc1MzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWMzY2EwNTFiNmFkZWQwNDE2Y2I3ZDA0OGJjMGM4MTM0ZjRmMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFVA8kbz3GCIkohF6s2y4aX3xFOq
fIBnObWI4u/ws7UYaxmOWZUf8zBMLc4pvpJYEOyGbPk+PzDEMJYgSXSzjebwH63e
GKfk+AZI71cBsnYxq+q2oZs8P7DeWwWO9/CdZDVeda6V0HS77g4CB938nfWTUKvr
dOrchHVfYEln+hXK3z0V+d3/PMNgv4RW9z6lSbbIFRAUM9h83hxa625dzJOoMosR
vqtIpWlIbtBEcldV/MSR7NsRYF62qlCQrkdcvt+5l2YHDeviRIcEQ9qz9By6Ju2Y
yQ2E+Lho8SOSihooyUfcSDnQYFmOhaLZj2PEOt28LcZBoO/3JZCX9vQx9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrDygUbat7QQWy30Ei8DIE09PEPMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvYXNQS0JSdHEzdEJCYkxmUVNMd01nVFQwOFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX1VTMA0G
CSqGSIb3DQEBCwUAA4IBAQAcnHwufjnhfTtgOxiCsvt58O0zQdK0bz420BOR5ZxX
QLuiOsZb062uOTYZdpC2FXVMIs7rZxilIUGcdgjhO/YkbPGyHDl7b1xoIBR674gi
vOWcBvjATu0l2Tj6ItETrYtQHpBk+0ekrUiS94Sd2wFv19HKdEK+3Mr1Z5FR4vIj
TcYgKI+0qV/62g/OIqXurR0SoQRqkb2IDPw6ngW3P7W9Be1W+l1lHhz3t/Pr64NN
qLP3LjiJTN1lW/+7lrZddylwvFhsvGrNRA22a5RLG7rPss1C7KSt/PqGO01cpfM4
yHR5gVZcgtXikQzCoHWdnwPkzIynLMQBoHZ/phT1U5af
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:34:59 2025 by rpki-client