Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/5863ea-419a-4c29-8e3e-8d525a563e61/1/mjnf0rzzai4fsEY4WhXSZlrB95k.roa
File: mjnf0rzzai4fsEY4WhXSZlrB95k.roa (raw, json)
Hash identifier: gddgvDdp2QxrraALVj3NtWSBx4x0+P0nux0DpVrAcHY=
Subject key identifier: 9A:39:DF:D2:BC:F3:6A:2E:1F:B0:46:38:5A:15:D2:66:5A:C1:F7:99
Certificate issuer: /CN=d4c7c4eab5c07948cbf44a8a01c6a827fdae9341
Certificate serial: 194DD2CA
Authority key identifier: D4:C7:C4:EA:B5:C0:79:48:CB:F4:4A:8A:01:C6:A8:27:FD:AE:93:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1MfE6rXAeUjL9EqKAcaoJ_2uk0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/5863ea-419a-4c29-8e3e-8d525a563e61/1/mjnf0rzzai4fsEY4WhXSZlrB95k.roa
Signing time: Mon 14 Mar 2022 09:20:43 +0000
ROA not before: Mon 14 Mar 2022 09:20:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1680
IP address blocks: 195.114.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 424530634 (0x194dd2ca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4c7c4eab5c07948cbf44a8a01c6a827fdae9341
Validity
Not Before: Mar 14 09:20:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a39dfd2bcf36a2e1fb046385a15d2665ac1f799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:59:07:81:1e:b8:aa:f7:54:9d:29:44:c4:d5:
cc:93:2d:36:19:7c:7d:ec:b6:2a:38:5f:19:dd:4f:
59:0b:8d:3b:b8:fe:13:84:f5:07:cd:56:2e:66:82:
7d:24:4a:44:08:35:6b:2f:b7:76:31:e9:b9:22:8b:
bb:cf:65:f9:3b:88:b5:10:d8:00:4b:8b:92:92:f0:
6b:7c:bf:08:12:4d:39:bf:6e:86:3c:bb:ab:65:c9:
fe:7c:2f:ce:e4:dd:fb:6c:40:51:56:c7:8c:00:63:
d4:c7:cc:d1:26:92:a4:03:37:ae:3d:b2:01:cc:77:
1c:66:8f:a1:07:8f:0e:bd:bf:84:34:bb:67:b3:b9:
94:ad:1f:bf:16:28:31:81:21:34:14:7d:5f:3e:06:
32:6b:0f:26:06:23:49:52:0b:ef:61:9c:3b:73:d5:
77:9e:40:c1:9c:d6:77:25:c4:00:ca:32:15:7c:11:
a7:d6:06:6b:8c:4f:d0:82:d7:ac:46:ab:89:a6:34:
7d:ee:aa:79:f8:6e:2d:de:1d:d2:93:e9:c2:f9:73:
7d:d8:4a:ad:8f:9e:de:2a:92:84:25:ed:3b:13:a9:
64:1a:1e:11:de:c7:67:18:5b:6c:c4:88:8b:48:0d:
dc:dd:dc:ce:d9:8c:7d:10:a2:29:36:a7:43:a3:f1:
73:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:39:DF:D2:BC:F3:6A:2E:1F:B0:46:38:5A:15:D2:66:5A:C1:F7:99
X509v3 Authority Key Identifier:
keyid:D4:C7:C4:EA:B5:C0:79:48:CB:F4:4A:8A:01:C6:A8:27:FD:AE:93:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1MfE6rXAeUjL9EqKAcaoJ_2uk0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/5863ea-419a-4c29-8e3e-8d525a563e61/1/mjnf0rzzai4fsEY4WhXSZlrB95k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/5863ea-419a-4c29-8e3e-8d525a563e61/1/1MfE6rXAeUjL9EqKAcaoJ_2uk0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.28.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:2e:ee:b3:96:01:6e:c2:25:33:e7:8c:25:11:d9:46:f4:5d:
d8:33:91:09:b9:b7:3a:76:04:0a:2e:64:88:2a:98:8a:1c:8c:
31:7c:42:80:b5:75:89:c5:1d:33:fa:f5:df:20:6e:6c:0a:dc:
5a:f6:af:b5:0f:38:c5:8f:39:0e:f6:07:05:98:33:10:4e:b3:
62:e0:4e:5d:1b:04:0c:90:ce:17:51:6c:a4:3b:e9:a4:52:32:
7e:1f:45:91:6d:70:b9:8e:7a:58:f0:78:f7:78:75:b1:b0:36:
55:9f:b3:d0:6f:1a:a4:6e:3c:70:2f:24:44:ab:8a:11:ab:f2:
b8:7a:c6:67:c1:77:3f:a0:e2:f7:31:90:72:a9:e6:d1:cb:8c:
cb:49:18:b0:4e:58:0d:5a:3f:09:bc:41:d0:01:f6:78:00:00:
a8:16:fa:3b:59:ca:11:00:46:37:d8:0c:d8:98:fc:e6:fb:0a:
22:47:82:df:8d:c8:16:0e:c4:be:e9:74:13:94:29:b2:7c:74:
42:b6:c9:47:2b:71:5b:15:50:ad:bb:58:cb:09:37:0d:f8:19:
ca:69:7b:e2:9a:f9:e8:8b:43:25:94:e7:f2:87:e0:55:3b:78:
e6:ee:83:e2:b7:03:98:3f:c2:4e:d4:03:cf:d0:e8:f2:eb:56:
b1:e6:b8:3f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGU3SyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGM3YzRlYWI1YzA3OTQ4Y2JmNDRhOGEwMWM2YTgyN2ZkYWU5MzQxMB4XDTIyMDMx
NDA5MjA0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWEzOWRmZDJiY2Yz
NmEyZTFmYjA0NjM4NWExNWQyNjY1YWMxZjc5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPBZB4EeuKr3VJ0pRMTVzJMtNhl8fey2KjhfGd1PWQuNO7j+
E4T1B81WLmaCfSRKRAg1ay+3djHpuSKLu89l+TuItRDYAEuLkpLwa3y/CBJNOb9u
hjy7q2XJ/nwvzuTd+2xAUVbHjABj1MfM0SaSpAM3rj2yAcx3HGaPoQePDr2/hDS7
Z7O5lK0fvxYoMYEhNBR9Xz4GMmsPJgYjSVIL72GcO3PVd55AwZzWdyXEAMoyFXwR
p9YGa4xP0ILXrEariaY0fe6qefhuLd4d0pPpwvlzfdhKrY+e3iqShCXtOxOpZBoe
Ed7HZxhbbMSIi0gN3N3cztmMfRCiKTanQ6Pxc9ECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSaOd/SvPNqLh+wRjhaFdJmWsH3mTAfBgNVHSMEGDAWgBTUx8TqtcB5SMv0
SooBxqgn/a6TQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFNZkU2clhBZVVqTDlFcUtBY2FvSl8ydWswRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvNTg2M2VhLTQxOWEtNGMyOS04ZTNlLThkNTI1YTU2M2U2MS8x
L21qbmYwcnp6YWk0ZnNFWTRXaFhTWmxyQjk1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
NTg2M2VhLTQxOWEtNGMyOS04ZTNlLThkNTI1YTU2M2U2MS8xLzFNZkU2clhBZVVq
TDlFcUtBY2FvSl8ydWswRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcNyHDANBgkqhkiG9w0BAQsFAAOC
AQEAOy7us5YBbsIlM+eMJRHZRvRd2DORCbm3OnYECi5kiCqYihyMMXxCgLV1icUd
M/r13yBubArcWvavtQ84xY85DvYHBZgzEE6zYuBOXRsEDJDOF1FspDvppFIyfh9F
kW1wuY56WPB493h1sbA2VZ+z0G8apG48cC8kRKuKEavyuHrGZ8F3P6Di9zGQcqnm
0cuMy0kYsE5YDVo/CbxB0AH2eAAAqBb6O1nKEQBGN9gM2Jj85vsKIkeC343IFg7E
vul0E5Qpsnx0QrbJRytxWxVQrbtYywk3DfgZyml74pr56ItDJZTn8ofgVTt45u6D
4rcDmD/CTtQDz9Do8utWsea4Pw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:51 2025 by rpki-client