Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/5CfBWcp78Tfkt80pEhKfRBEHQZ8.roa
File: 5CfBWcp78Tfkt80pEhKfRBEHQZ8.roa (raw, json)
Hash identifier: LtolLbh/gpSzjAXAhwMmVvGZio7YoTADnZ77A0TtWgI=
Subject key identifier: E4:27:C1:59:CA:7B:F1:37:E4:B7:CD:29:12:12:9F:44:11:07:41:9F
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018539806BF9A53179C68F6D6C840D3EB5F6
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/5CfBWcp78Tfkt80pEhKfRBEHQZ8.roa
Signing time: Thu 22 Dec 2022 11:03:15 +0000
ROA not before: Thu 22 Dec 2022 11:03:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 95.111.128.0/20 maxlen: 24
95.111.144.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:80:6b:f9:a5:31:79:c6:8f:6d:6c:84:0d:3e:b5:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Dec 22 11:03:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e427c159ca7bf137e4b7cd2912129f441107419f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:75:92:3a:89:f7:21:b1:84:9b:29:b0:d5:bc:
a2:25:bc:9d:9f:bc:f4:5e:f4:87:4b:3b:a8:24:3c:
ac:f3:3a:59:d7:dc:28:4f:e5:7c:bd:be:f4:c5:6e:
9a:d3:24:59:ad:4e:c8:2d:c2:ab:b9:af:06:c3:92:
06:53:be:4f:08:15:c1:88:48:33:6a:47:9f:cd:7b:
24:fb:d1:90:a2:94:6b:39:1f:1d:38:cb:10:7c:fd:
24:6f:21:8f:60:22:88:30:81:6f:2e:f1:ad:42:2c:
8b:91:b3:0b:4d:d9:c9:11:d0:09:62:91:00:66:16:
23:99:d7:ca:09:1b:61:2a:fa:71:ff:88:3b:01:68:
bb:50:b7:14:75:e8:17:33:0a:bf:5e:bf:b1:82:d8:
4e:6f:6c:95:a6:7c:f5:49:92:21:c8:8f:e5:f4:e0:
29:a5:9a:ef:fc:50:6f:c6:03:bd:69:7d:de:45:7a:
d5:75:80:f7:b8:3d:9b:32:cb:dd:5d:0d:f5:41:18:
0f:53:1a:10:61:8a:1f:db:99:07:5d:9c:77:fb:e7:
65:bb:07:11:01:86:3c:db:b5:7a:f0:a7:22:e9:77:
f4:42:3d:df:ec:69:b6:6c:00:d5:92:13:e6:41:67:
cf:5b:21:4a:0b:eb:93:ad:cd:80:2c:c1:b1:b6:a7:
88:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:27:C1:59:CA:7B:F1:37:E4:B7:CD:29:12:12:9F:44:11:07:41:9F
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/5CfBWcp78Tfkt80pEhKfRBEHQZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.128.0/19
Signature Algorithm: sha256WithRSAEncryption
79:bc:81:5b:59:0e:ac:85:0c:1c:25:76:38:df:b0:b3:84:2b:
fc:e9:97:70:cf:c4:bb:da:2f:e9:2c:52:ab:ad:df:b3:77:49:
fe:f4:43:2a:74:87:4b:cd:61:9e:99:e2:a5:c6:6d:a9:d6:bc:
ea:6e:4b:ef:cf:96:26:2e:bc:8c:ff:5b:2a:50:75:42:b6:94:
cd:2f:2a:47:14:9f:d8:0f:55:37:9a:e5:c3:19:e2:94:33:b5:
c8:70:e9:b4:cf:95:0c:32:ef:75:a1:38:81:d6:bd:33:5c:68:
00:a3:76:d5:d5:a4:fb:dd:0f:22:b3:77:a0:5e:56:ba:93:0e:
c9:05:f5:e8:2b:ba:5d:73:23:6b:b2:1e:a8:9d:ac:27:cc:47:
b4:90:f2:d3:ad:5a:e0:d3:4e:d8:a4:b4:96:e4:5b:ad:9c:84:
a5:17:de:64:5f:1e:d7:d1:d7:c1:46:23:b9:9d:32:3d:92:b6:
69:9e:12:dd:dd:70:2c:a9:f2:0e:81:a1:a1:69:4f:16:fc:ef:
1d:de:d0:2c:d4:59:7f:49:7b:3c:01:0d:e9:92:a2:d7:8b:1f:
a3:c9:6b:42:60:25:04:9c:ee:e8:75:25:e1:b2:0f:e9:07:5f:
dc:df:66:85:4c:e1:a3:47:8b:f8:69:6e:70:ab:a2:21:39:13:
0b:8a:48:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU5gGv5pTF5xo9tbIQNPrX2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIxMjIyMTEwMzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDI3YzE1OWNhN2JmMTM3ZTRiN2NkMjkxMjEyOWY0NDExMDc0MTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3WSOon3IbGEmymw1byiJbydn7z0
XvSHSzuoJDys8zpZ19woT+V8vb70xW6a0yRZrU7ILcKrua8Gw5IGU75PCBXBiEgz
akefzXsk+9GQopRrOR8dOMsQfP0kbyGPYCKIMIFvLvGtQiyLkbMLTdnJEdAJYpEA
ZhYjmdfKCRthKvpx/4g7AWi7ULcUdegXMwq/Xr+xgthOb2yVpnz1SZIhyI/l9OAp
pZrv/FBvxgO9aX3eRXrVdYD3uD2bMsvdXQ31QRgPUxoQYYof25kHXZx3++dluwcR
AYY827V68Kci6Xf0Qj3f7Gm2bADVkhPmQWfPWyFKC+uTrc2ALMGxtqeIawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOQnwVnKe/E35LfNKRISn0QRB0GfMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvNUNmQldjcDc4VGZrdDgwcEVoS2ZSQkVIUVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFX2+AMA0G
CSqGSIb3DQEBCwUAA4IBAQB5vIFbWQ6shQwcJXY437CzhCv86Zdwz8S72i/pLFKr
rd+zd0n+9EMqdIdLzWGemeKlxm2p1rzqbkvvz5YmLryM/1sqUHVCtpTNLypHFJ/Y
D1U3muXDGeKUM7XIcOm0z5UMMu91oTiB1r0zXGgAo3bV1aT73Q8is3egXla6kw7J
BfXoK7pdcyNrsh6onawnzEe0kPLTrVrg007YpLSW5FutnISlF95kXx7X0dfBRiO5
nTI9krZpnhLd3XAsqfIOgaGhaU8W/O8d3tAs1Fl/SXs8AQ3pkqLXix+jyWtCYCUE
nO7odSXhsg/pB1/c32aFTOGjR4v4aW5wq6IhORMLikgU
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org