Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/4624d2-484b-4bb2-aad2-02ddcd6bda92/1/Mo6yLJo6DoJcGYymRG-euD5PrjI.roa
File: Mo6yLJo6DoJcGYymRG-euD5PrjI.roa (raw, json)
Hash identifier: EEiyBL4GnYx4AU0rT6sGsBexrciFsnK79Ejrz+szO9E=
Subject key identifier: 32:8E:B2:2C:9A:3A:0E:82:5C:19:8C:A6:44:6F:9E:B8:3E:4F:AE:32
Certificate issuer: /CN=1571f157c3a5bd5cff5d1a47d419648a27e35a9b
Certificate serial: 01857315F76539B984CA47953A56AB58D6F1
Authority key identifier: 15:71:F1:57:C3:A5:BD:5C:FF:5D:1A:47:D4:19:64:8A:27:E3:5A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FXHxV8OlvVz_XRpH1BlkiifjWps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/4624d2-484b-4bb2-aad2-02ddcd6bda92/1/Mo6yLJo6DoJcGYymRG-euD5PrjI.roa
Signing time: Mon 02 Jan 2023 15:24:57 +0000
ROA not before: Mon 02 Jan 2023 15:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51576
IP address blocks: 195.95.190.0/24 maxlen: 24
2a06:de80::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f7:65:39:b9:84:ca:47:95:3a:56:ab:58:d6:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1571f157c3a5bd5cff5d1a47d419648a27e35a9b
Validity
Not Before: Jan 2 15:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=328eb22c9a3a0e825c198ca6446f9eb83e4fae32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e8:a1:e2:cd:1a:a1:a4:9e:a8:cc:21:1e:e1:
78:55:91:b1:7f:5e:ec:ab:02:82:3b:e7:26:cd:b3:
69:b0:ab:49:f3:b1:0c:ca:46:6c:e4:e3:40:e2:a8:
b3:a1:b7:82:fe:11:9f:c6:16:b5:94:ee:35:73:d8:
17:a3:bc:6f:32:2e:8b:57:25:6f:6d:52:2e:b6:5a:
72:ba:ee:d0:01:29:a4:0b:20:ff:40:25:c8:ab:78:
f3:d6:61:5e:8a:7c:64:b6:6c:f6:17:1f:7a:0a:0d:
bc:db:31:5c:37:9d:10:fb:b5:d3:92:7b:d3:26:4c:
16:10:8f:30:0f:b5:22:a0:bf:a7:51:98:ee:a4:59:
ac:65:7f:f8:45:8a:4e:c8:e3:91:1f:a0:5f:6e:10:
36:33:27:a0:9c:c4:c7:7d:98:bb:cb:1a:a3:5b:c1:
16:2f:f4:f9:12:68:c9:a4:29:b9:04:0d:1e:60:3e:
ec:05:e6:f9:67:c9:1b:6b:12:2f:67:57:18:c7:84:
6f:3a:52:d7:4f:10:f7:7a:ea:1c:16:fd:ad:90:35:
81:bf:23:6b:8d:74:70:7b:19:10:e5:b7:4f:df:2f:
70:49:04:1a:50:bd:55:c2:da:d0:9e:b7:13:48:5a:
32:ac:c7:26:b7:f3:f6:d5:f3:09:93:0d:1f:e0:50:
04:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8E:B2:2C:9A:3A:0E:82:5C:19:8C:A6:44:6F:9E:B8:3E:4F:AE:32
X509v3 Authority Key Identifier:
keyid:15:71:F1:57:C3:A5:BD:5C:FF:5D:1A:47:D4:19:64:8A:27:E3:5A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FXHxV8OlvVz_XRpH1BlkiifjWps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4624d2-484b-4bb2-aad2-02ddcd6bda92/1/Mo6yLJo6DoJcGYymRG-euD5PrjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/4624d2-484b-4bb2-aad2-02ddcd6bda92/1/FXHxV8OlvVz_XRpH1BlkiifjWps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.190.0/24
IPv6:
2a06:de80::/29
Signature Algorithm: sha256WithRSAEncryption
d6:2a:2f:23:27:30:c3:40:8b:84:00:48:e3:2c:4f:49:19:b0:
04:32:50:47:c7:14:35:ff:fb:3d:c5:98:5e:51:0c:25:2f:ba:
d5:31:bb:90:f6:02:10:ed:47:f6:37:0b:42:a3:99:6d:2e:48:
23:90:27:e5:99:30:e8:4a:5b:c8:2f:97:40:1d:85:c1:cc:b2:
89:d5:5a:44:13:2a:46:c5:34:73:8d:7c:64:c1:f1:ca:d2:ee:
cb:51:88:16:31:56:45:27:81:7c:1e:b1:7e:b7:61:98:6f:47:
2f:ff:12:56:5e:bf:5d:ab:b7:4b:e2:1d:99:fe:be:0e:61:9e:
3a:0d:e0:27:9b:c6:bb:cb:2e:48:bd:a2:77:79:36:07:25:c3:
d9:17:bd:11:82:ae:ed:4f:c1:02:36:b4:9f:e5:7b:91:62:09:
74:3c:1d:27:e4:cb:e3:4b:a8:54:d9:28:35:1d:0b:26:3e:7f:
bd:39:4b:f6:1e:70:92:df:aa:62:09:eb:80:b0:6e:78:dd:4e:
b1:1f:38:01:9c:f5:06:e7:68:98:85:d0:59:df:34:88:8d:8e:
89:e2:66:0e:f0:5f:b6:61:1f:d3:ea:24:28:3f:f5:c9:08:c9:
98:9f:ad:8a:ca:ba:28:91:00:ee:1a:29:40:ef:a4:8b:16:47:
92:d6:31:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzFfdlObmEykeVOlarWNbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NzFmMTU3YzNhNWJkNWNmZjVkMWE0N2Q0MTk2NDhhMjdl
MzVhOWIwHhcNMjMwMTAyMTUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjhlYjIyYzlhM2EwZTgyNWMxOThjYTY0NDZmOWViODNlNGZhZTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+ih4s0aoaSeqMwhHuF4VZGxf17s
qwKCO+cmzbNpsKtJ87EMykZs5ONA4qizobeC/hGfxha1lO41c9gXo7xvMi6LVyVv
bVIutlpyuu7QASmkCyD/QCXIq3jz1mFeinxktmz2Fx96Cg282zFcN50Q+7XTknvT
JkwWEI8wD7UioL+nUZjupFmsZX/4RYpOyOORH6BfbhA2MyegnMTHfZi7yxqjW8EW
L/T5EmjJpCm5BA0eYD7sBeb5Z8kbaxIvZ1cYx4RvOlLXTxD3euocFv2tkDWBvyNr
jXRwexkQ5bdP3y9wSQQaUL1VwtrQnrcTSFoyrMcmt/P21fMJkw0f4FAE/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDKOsiyaOg6CXBmMpkRvnrg+T64yMB8GA1UdIwQY
MBaAFBVx8VfDpb1c/10aR9QZZIon41qbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlhIeFY4T2x2VnpfWFJwSDFCbGtpaWZqV3BzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80NjI0ZDItNDg0Yi00YmIyLWFhZDIt
MDJkZGNkNmJkYTkyLzEvTW82eUxKbzZEb0pjR1l5bVJHLWV1RDVQcmpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi80NjI0ZDItNDg0Yi00YmIyLWFhZDItMDJkZGNkNmJkYTky
LzEvRlhIeFY4T2x2VnpfWFJwSDFCbGtpaWZqV3BzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw1++MA0E
AgACMAcDBQMqBt6AMA0GCSqGSIb3DQEBCwUAA4IBAQDWKi8jJzDDQIuEAEjjLE9J
GbAEMlBHxxQ1//s9xZheUQwlL7rVMbuQ9gIQ7Uf2NwtCo5ltLkgjkCflmTDoSlvI
L5dAHYXBzLKJ1VpEEypGxTRzjXxkwfHK0u7LUYgWMVZFJ4F8HrF+t2GYb0cv/xJW
Xr9dq7dL4h2Z/r4OYZ46DeAnm8a7yy5IvaJ3eTYHJcPZF70Rgq7tT8ECNrSf5XuR
Ygl0PB0n5MvjS6hU2Sg1HQsmPn+9OUv2HnCS36piCeuAsG543U6xHzgBnPUG52iY
hdBZ3zSIjY6J4mYO8F+2YR/T6iQoP/XJCMmYn62KyrookQDuGilA76SLFkeS1jGJ
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:05:39 2025 by rpki-client