Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/05126d-4ab7-4f99-a012-2b788312151d/1/pG3ToxY0oZciijPF-Utye3dR3q8.roa
File: pG3ToxY0oZciijPF-Utye3dR3q8.roa (raw, json)
Hash identifier: TwIvXImYbBKuSAbiHn14YhgrVXSzewl6KVgfDaBrd+0=
Subject key identifier: A4:6D:D3:A3:16:34:A1:97:22:8A:33:C5:F9:4B:72:7B:77:51:DE:AF
Certificate issuer: /CN=b16ad449c7ae4bd22c6aee5fbdc0823042fff8fc
Certificate serial: 01865F885CF1FD816FCE32E03332DE176204
Authority key identifier: B1:6A:D4:49:C7:AE:4B:D2:2C:6A:EE:5F:BD:C0:82:30:42:FF:F8:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sWrUSceuS9Isau5fvcCCMEL_-Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/05126d-4ab7-4f99-a012-2b788312151d/1/pG3ToxY0oZciijPF-Utye3dR3q8.roa
Signing time: Fri 17 Feb 2023 13:20:17 +0000
ROA not before: Fri 17 Feb 2023 13:20:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49046
IP address blocks: 95.130.40.0/21 maxlen: 21
95.130.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:88:5c:f1:fd:81:6f:ce:32:e0:33:32:de:17:62:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b16ad449c7ae4bd22c6aee5fbdc0823042fff8fc
Validity
Not Before: Feb 17 13:20:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a46dd3a31634a197228a33c5f94b727b7751deaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0a:5d:e5:d8:75:17:cd:8e:0b:2e:78:f4:e5:
ae:48:27:63:bc:8e:62:e0:39:19:ec:be:ad:32:49:
30:56:8e:77:49:54:56:32:15:98:e3:5e:12:b1:14:
90:38:05:d6:5c:f0:74:98:34:b9:3c:66:71:d4:04:
f1:cf:7f:ce:6a:ce:1b:04:ef:67:19:67:33:5d:b2:
d8:7b:bb:0f:92:09:91:37:7c:1e:9f:f1:29:08:e9:
03:67:3a:85:d9:c8:a4:8e:b7:be:98:67:29:04:cf:
ef:21:d0:fa:32:6b:ce:c3:f6:a3:38:c4:f9:c0:ac:
3a:5b:a1:d6:06:ed:5f:4d:df:ad:23:51:b7:56:16:
f2:41:6e:5d:f4:a2:72:01:ca:5e:3b:32:c9:e6:c9:
1f:f4:3e:ad:57:6a:4a:9d:86:8b:34:79:09:77:3e:
2a:33:12:82:14:3a:eb:13:b7:36:6f:93:4d:3e:cf:
62:82:fb:5c:cc:fe:79:54:be:f4:ec:ed:c1:de:e4:
00:99:2e:08:cc:60:64:39:96:1f:91:fa:c6:f1:1d:
6b:e4:44:4b:af:3d:ad:5c:35:62:86:91:ce:10:81:
30:36:a8:54:b7:b7:cb:71:fe:88:35:f5:48:ea:5d:
c3:05:e7:a4:6b:62:00:ab:a7:a4:8f:4f:b4:7f:0e:
b0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6D:D3:A3:16:34:A1:97:22:8A:33:C5:F9:4B:72:7B:77:51:DE:AF
X509v3 Authority Key Identifier:
keyid:B1:6A:D4:49:C7:AE:4B:D2:2C:6A:EE:5F:BD:C0:82:30:42:FF:F8:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sWrUSceuS9Isau5fvcCCMEL_-Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/05126d-4ab7-4f99-a012-2b788312151d/1/pG3ToxY0oZciijPF-Utye3dR3q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/05126d-4ab7-4f99-a012-2b788312151d/1/sWrUSceuS9Isau5fvcCCMEL_-Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.40.0/21
Signature Algorithm: sha256WithRSAEncryption
42:bf:39:31:68:23:86:47:24:d2:1d:d8:cc:bc:62:a4:14:21:
09:56:d8:01:1f:cb:13:85:94:a7:42:3c:3c:e4:f0:ea:8d:6c:
3b:b1:3e:af:8e:dd:99:2e:96:9f:e8:8b:45:b7:4f:97:9f:97:
db:db:ca:67:39:78:43:ee:bd:eb:b2:28:87:58:22:c7:c8:7b:
4e:2e:be:30:bd:ed:33:62:91:96:d3:35:de:07:4e:5c:5a:7a:
6f:4b:60:38:d8:f4:13:9b:d6:da:3c:7c:40:ed:69:95:6d:6e:
e4:79:0d:89:0d:02:b4:7c:5a:c9:2c:87:b4:0f:dd:82:f7:ae:
78:65:9b:26:eb:d1:ac:72:a1:ed:d6:91:78:ce:54:c3:ae:65:
1d:b1:f0:19:ae:b5:50:c7:c2:6f:f0:58:f7:64:15:79:31:94:
c9:9e:2e:27:35:a2:79:a1:9d:34:45:cf:0a:a4:31:91:c7:49:
fe:fb:af:3a:63:a7:80:14:1b:d0:c4:65:93:a8:d2:cb:63:58:
fe:a1:4a:25:76:64:34:ef:dd:a4:34:d7:5c:a5:84:15:a6:f2:
b1:59:bd:9e:a8:f3:28:b6:5d:00:00:52:8f:fe:6c:cc:79:bd:
d6:90:d1:23:ac:4e:07:bb:55:aa:13:80:bb:8f:15:af:aa:41:
60:19:53:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZfiFzx/YFvzjLgMzLeF2IEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNmFkNDQ5YzdhZTRiZDIyYzZhZWU1ZmJkYzA4MjMwNDJm
ZmY4ZmMwHhcNMjMwMjE3MTMyMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDZkZDNhMzE2MzRhMTk3MjI4YTMzYzVmOTRiNzI3Yjc3NTFkZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwpd5dh1F82OCy549OWuSCdjvI5i
4DkZ7L6tMkkwVo53SVRWMhWY414SsRSQOAXWXPB0mDS5PGZx1ATxz3/Oas4bBO9n
GWczXbLYe7sPkgmRN3wen/EpCOkDZzqF2cikjre+mGcpBM/vIdD6MmvOw/ajOMT5
wKw6W6HWBu1fTd+tI1G3VhbyQW5d9KJyAcpeOzLJ5skf9D6tV2pKnYaLNHkJdz4q
MxKCFDrrE7c2b5NNPs9igvtczP55VL707O3B3uQAmS4IzGBkOZYfkfrG8R1r5ERL
rz2tXDVihpHOEIEwNqhUt7fLcf6INfVI6l3DBeeka2IAq6ekj0+0fw6wOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRt06MWNKGXIoozxflLcnt3Ud6vMB8GA1UdIwQY
MBaAFLFq1EnHrkvSLGruX73AgjBC//j8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1dyVVNjZXVTOUlzYXU1ZnZjQ0NNRUxfLVB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8wNTEyNmQtNGFiNy00Zjk5LWEwMTIt
MmI3ODgzMTIxNTFkLzEvcEczVG94WTBvWmNpaWpQRi1VdHllM2RSM3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8wNTEyNmQtNGFiNy00Zjk5LWEwMTItMmI3ODgzMTIxNTFk
LzEvc1dyVVNjZXVTOUlzYXU1ZnZjQ0NNRUxfLVB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDX4IoMA0G
CSqGSIb3DQEBCwUAA4IBAQBCvzkxaCOGRyTSHdjMvGKkFCEJVtgBH8sThZSnQjw8
5PDqjWw7sT6vjt2ZLpaf6ItFt0+Xn5fb28pnOXhD7r3rsiiHWCLHyHtOLr4wve0z
YpGW0zXeB05cWnpvS2A42PQTm9baPHxA7WmVbW7keQ2JDQK0fFrJLIe0D92C9654
ZZsm69GscqHt1pF4zlTDrmUdsfAZrrVQx8Jv8Fj3ZBV5MZTJni4nNaJ5oZ00Rc8K
pDGRx0n++686Y6eAFBvQxGWTqNLLY1j+oUoldmQ0792kNNdcpYQVpvKxWb2eqPMo
tl0AAFKP/mzMeb3WkNEjrE4Hu1WqE4C7jxWvqkFgGVOX
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:13 2025 by rpki-client