Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/fo7uC0GIyWQuci8cddiZs8m9ls0.roa
File: fo7uC0GIyWQuci8cddiZs8m9ls0.roa (raw, json)
Hash identifier: id46AV5652FTOKh2XZ1lbM54iyD1Xh2jZP9bUGokKzc=
Subject key identifier: 7E:8E:EE:0B:41:88:C9:64:2E:72:2F:1C:75:D8:99:B3:C9:BD:96:CD
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 0183EF1B11990D0E29CDA029685CEEC4D13F
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/fo7uC0GIyWQuci8cddiZs8m9ls0.roa
Signing time: Wed 19 Oct 2022 07:17:51 +0000
ROA not before: Wed 19 Oct 2022 07:17:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49001
IP address blocks: 185.194.220.0/22 maxlen: 22
95.131.33.0/24 maxlen: 24
95.131.37.0/24 maxlen: 24
95.131.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ef:1b:11:99:0d:0e:29:cd:a0:29:68:5c:ee:c4:d1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Oct 19 07:17:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7e8eee0b4188c9642e722f1c75d899b3c9bd96cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:cc:58:47:23:2f:ef:5d:57:ff:ae:d2:c7:7f:
12:9e:40:90:c2:d2:55:5c:9b:99:8f:3a:5d:d3:62:
f5:29:d9:69:31:9e:3d:c7:cf:bb:86:1f:86:43:aa:
32:f9:fb:3f:14:5c:9a:0e:32:fd:f6:c1:78:40:c3:
3c:12:a5:6d:36:d1:9b:e8:b1:59:f7:c3:5b:88:da:
bf:1b:ab:b1:bd:83:33:84:ec:a6:de:1b:fb:33:c3:
52:21:d6:3d:3a:49:12:81:59:9a:66:2c:e9:1b:88:
ec:1c:d5:b8:66:67:a9:25:b0:01:da:0c:ff:e1:79:
37:46:61:9e:61:d6:c2:4f:83:f0:6e:a8:02:d6:06:
32:42:df:74:88:8e:2b:2a:3b:1d:be:af:87:a9:8d:
9e:ad:6a:f4:ba:c2:55:8c:9f:07:ea:95:fc:4a:4f:
26:f6:69:5b:ab:db:c6:53:97:27:30:43:9c:d4:2a:
d8:70:37:3c:74:cd:c3:f7:44:94:6b:54:05:03:10:
f5:41:01:f9:22:24:27:23:40:fa:22:80:dd:64:a8:
b4:35:1b:fb:7d:60:92:db:bb:01:a3:de:e8:53:20:
be:25:a6:06:86:88:fa:de:53:a9:bd:3d:59:b2:0f:
6f:a5:94:79:f1:69:fc:02:33:f7:6b:13:79:11:9d:
80:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:8E:EE:0B:41:88:C9:64:2E:72:2F:1C:75:D8:99:B3:C9:BD:96:CD
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/fo7uC0GIyWQuci8cddiZs8m9ls0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.33.0/24
95.131.35.0/24
95.131.37.0/24
185.194.220.0/22
Signature Algorithm: sha256WithRSAEncryption
23:7e:67:d4:6d:38:af:af:77:0c:d2:04:b5:bc:e5:93:ed:0b:
e4:eb:a1:34:f6:e8:b3:f9:5c:ad:ce:d0:a3:98:de:7a:c1:53:
ff:c1:b1:07:53:dd:9a:17:81:00:1c:99:1e:ce:cd:3d:19:5e:
b6:0e:07:05:7e:d9:ab:28:28:17:04:8f:30:7e:92:fe:14:1a:
3c:f8:79:77:da:5c:a4:9f:43:83:1f:65:75:ee:70:4c:3f:56:
b7:4f:b3:6d:7a:f3:de:da:b4:90:3a:48:81:ae:3a:10:18:7d:
c8:55:a9:fd:2a:73:1a:44:a9:63:98:7e:88:0b:6b:b3:bb:86:
79:7b:c4:96:09:75:b2:c4:d0:30:06:a5:31:b8:45:dd:d1:f6:
08:cb:b3:d5:ce:f7:67:a8:1b:78:0c:df:73:24:d0:8a:ce:1e:
1f:08:9b:4d:1c:b4:43:7f:4b:1c:49:fa:66:79:b2:e3:cc:72:
01:f3:31:41:24:9a:58:74:27:66:2e:47:d5:84:2e:32:46:bf:
4c:ec:82:e6:ad:ee:3a:b2:ff:eb:c9:c4:28:56:84:e7:e1:83:
d4:f2:ab:46:f7:93:d9:87:51:4f:b6:4a:fc:79:53:bd:21:07:
b7:14:31:6d:4d:88:d3:d6:e8:a4:1f:90:96:a2:95:79:cb:19:
c4:cf:2f:44
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPvGxGZDQ4pzaApaFzuxNE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjIxMDE5MDcxNzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZThlZWUwYjQxODhjOTY0MmU3MjJmMWM3NWQ4OTliM2M5YmQ5NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMxYRyMv711X/67Sx38SnkCQwtJV
XJuZjzpd02L1KdlpMZ49x8+7hh+GQ6oy+fs/FFyaDjL99sF4QMM8EqVtNtGb6LFZ
98NbiNq/G6uxvYMzhOym3hv7M8NSIdY9OkkSgVmaZizpG4jsHNW4ZmepJbAB2gz/
4Xk3RmGeYdbCT4PwbqgC1gYyQt90iI4rKjsdvq+HqY2erWr0usJVjJ8H6pX8Sk8m
9mlbq9vGU5cnMEOc1CrYcDc8dM3D90SUa1QFAxD1QQH5IiQnI0D6IoDdZKi0NRv7
fWCS27sBo97oUyC+JaYGhoj63lOpvT1Zsg9vpZR58Wn8AjP3axN5EZ2AqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH6O7gtBiMlkLnIvHHXYmbPJvZbNMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvZm83dUMwR0l5V1F1Y2k4Y2RkaVpzOG05bHMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX4MhAwQA
X4MjAwQAX4MlAwQCucLcMA0GCSqGSIb3DQEBCwUAA4IBAQAjfmfUbTivr3cM0gS1
vOWT7Qvk66E09uiz+VytztCjmN56wVP/wbEHU92aF4EAHJkezs09GV62DgcFftmr
KCgXBI8wfpL+FBo8+Hl32lykn0ODH2V17nBMP1a3T7NtevPe2rSQOkiBrjoQGH3I
Van9KnMaRKljmH6IC2uzu4Z5e8SWCXWyxNAwBqUxuEXd0fYIy7PVzvdnqBt4DN9z
JNCKzh4fCJtNHLRDf0scSfpmebLjzHIB8zFBJJpYdCdmLkfVhC4yRr9M7ILmre46
sv/rycQoVoTn4YPU8qtG95PZh1FPtkr8eVO9IQe3FDFtTYjT1uikH5CWopV5yxnE
zy9E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:22 2024 by rpki-client on console-fra.rpki-client.org