Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/95NfwjaHoHMd3T8KXwmeNM9nvVw.roa
File: 95NfwjaHoHMd3T8KXwmeNM9nvVw.roa (raw, json)
Hash identifier: +8nux6ci3zjPUZXe0AbacbxKZXS4Y+LR57CSRP/6AA4=
Subject key identifier: F7:93:5F:C2:36:87:A0:73:1D:DD:3F:0A:5F:09:9E:34:CF:67:BD:5C
Certificate issuer: /CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Certificate serial: 01844368C5097254B6E9D2351D810523233E
Authority key identifier: 3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/95NfwjaHoHMd3T8KXwmeNM9nvVw.roa
Signing time: Fri 04 Nov 2022 16:10:50 +0000
ROA not before: Fri 04 Nov 2022 16:10:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42011
IP address blocks: 185.209.116.0/22 maxlen: 22
2a0b:4540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:43:68:c5:09:72:54:b6:e9:d2:35:1d:81:05:23:23:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9436d2135c084897b74c6ad36da1700a7a98d
Validity
Not Before: Nov 4 16:10:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7935fc23687a0731ddd3f0a5f099e34cf67bd5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:91:c3:37:ce:98:74:1c:fa:38:03:20:2f:dc:
73:9f:57:91:28:5b:83:c4:1e:c0:7e:a5:b0:f1:e2:
54:9a:4a:de:a0:05:f9:d9:71:0a:b9:c5:b0:a1:41:
76:f0:2c:fc:b0:f7:0c:33:7c:60:62:90:f1:c6:d2:
f4:b2:5a:4b:a6:f8:c7:63:45:e6:67:b1:2b:56:8e:
a3:d7:69:be:bd:aa:47:36:9b:99:f9:7f:0c:63:3c:
ef:ee:14:ae:47:7c:e0:43:ff:bb:d1:dc:41:16:8a:
52:00:d4:26:7e:9b:0a:8f:21:06:18:1e:b8:ba:2c:
20:a5:e5:fe:28:7d:a1:0c:7e:07:df:e6:fa:67:08:
46:5f:45:3e:45:1e:6a:17:1e:b7:f7:44:83:05:de:
9c:10:95:8b:38:d0:a1:e2:5e:67:22:5b:42:85:71:
23:ec:13:1c:dd:11:74:1b:e0:10:2d:e9:b6:ee:29:
ec:be:96:e5:66:3c:1a:10:7a:db:91:5b:ab:69:72:
19:2b:97:3f:49:88:c7:00:c1:90:d8:14:a9:b3:8d:
9e:ae:c9:f3:31:fc:31:21:49:e4:0c:70:56:34:07:
18:11:43:e5:59:74:cf:b8:18:0d:fd:bb:bb:f6:94:
35:8f:52:58:57:7a:5b:5a:2a:08:b6:32:a4:f4:9a:
4a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:93:5F:C2:36:87:A0:73:1D:DD:3F:0A:5F:09:9E:34:CF:67:BD:5C
X509v3 Authority Key Identifier:
keyid:3B:D9:43:6D:21:35:C0:84:89:7B:74:C6:AD:36:DA:17:00:A7:A9:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9lDbSE1wISJe3TGrTbaFwCnqY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/95NfwjaHoHMd3T8KXwmeNM9nvVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/c53c3e-aa2d-41ab-a312-2637d13338f1/1/O9lDbSE1wISJe3TGrTbaFwCnqY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.116.0/22
IPv6:
2a0b:4540::/29
Signature Algorithm: sha256WithRSAEncryption
92:ab:a8:e0:3e:7a:f0:5f:a8:7d:91:32:c1:2f:1d:c9:2a:44:
ed:f6:4d:bc:bd:79:36:8e:6c:68:8f:e9:13:52:f9:04:4e:c3:
ee:60:9e:4a:1f:42:18:11:cd:d5:ed:6d:bd:a8:53:af:1a:5a:
63:fc:aa:8d:51:99:5a:cd:c8:01:25:4a:17:1c:69:11:c8:ae:
ec:c6:b9:37:1b:ad:d0:6b:05:0b:ba:8d:ab:16:7e:5f:bf:35:
cf:85:f5:e4:bf:b4:e7:b1:2a:a0:de:bd:92:6c:cd:ea:32:09:
a6:d1:d1:bb:6c:1d:dd:fa:98:d5:29:7b:87:c9:f0:61:5d:1d:
94:45:d2:fb:c1:5a:46:aa:e2:7b:40:72:5d:b8:67:a1:51:60:
f5:d7:e8:c3:9e:26:62:04:27:84:b4:d0:d4:5b:e1:d1:39:47:
e4:e3:f2:3f:19:4e:14:31:b5:30:db:34:0e:af:30:e8:e0:65:
2f:35:8c:6a:a8:93:88:49:77:dd:af:79:42:73:19:f5:63:9e:
3b:5d:72:c4:4c:65:38:22:95:8a:f9:ce:5d:da:85:8d:39:3c:
99:4d:be:49:17:16:ef:45:c0:e7:4f:76:3e:58:3a:a8:d3:06:
7f:ef:27:af:50:bf:42:6b:ba:1e:87:9e:34:01:84:3c:2e:6c:
c7:16:66:f5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRDaMUJclS26dI1HYEFIyM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDk0MzZkMjEzNWMwODQ4OTdiNzRjNmFkMzZkYTE3MDBh
N2E5OGQwHhcNMjIxMTA0MTYxMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzkzNWZjMjM2ODdhMDczMWRkZDNmMGE1ZjA5OWUzNGNmNjdiZDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5HDN86YdBz6OAMgL9xzn1eRKFuD
xB7AfqWw8eJUmkreoAX52XEKucWwoUF28Cz8sPcMM3xgYpDxxtL0slpLpvjHY0Xm
Z7ErVo6j12m+vapHNpuZ+X8MYzzv7hSuR3zgQ/+70dxBFopSANQmfpsKjyEGGB64
uiwgpeX+KH2hDH4H3+b6ZwhGX0U+RR5qFx6390SDBd6cEJWLONCh4l5nIltChXEj
7BMc3RF0G+AQLem27insvpblZjwaEHrbkVuraXIZK5c/SYjHAMGQ2BSps42ersnz
MfwxIUnkDHBWNAcYEUPlWXTPuBgN/bu79pQ1j1JYV3pbWioItjKk9JpKiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPeTX8I2h6BzHd0/Cl8JnjTPZ71cMB8GA1UdIwQY
MBaAFDvZQ20hNcCEiXt0xq022hcAp6mNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTIt
MjYzN2QxMzMzOGYxLzEvOTVOZndqYUhvSE1kM1Q4S1h3bWVOTTludlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9jNTNjM2UtYWEyZC00MWFiLWEzMTItMjYzN2QxMzMzOGYx
LzEvTzlsRGJTRTF3SVNKZTNUR3JUYmFGd0NucVkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudF0MA0E
AgACMAcDBQMqC0VAMA0GCSqGSIb3DQEBCwUAA4IBAQCSq6jgPnrwX6h9kTLBLx3J
KkTt9k28vXk2jmxoj+kTUvkETsPuYJ5KH0IYEc3V7W29qFOvGlpj/KqNUZlazcgB
JUoXHGkRyK7sxrk3G63QawULuo2rFn5fvzXPhfXkv7TnsSqg3r2SbM3qMgmm0dG7
bB3d+pjVKXuHyfBhXR2URdL7wVpGquJ7QHJduGehUWD11+jDniZiBCeEtNDUW+HR
OUfk4/I/GU4UMbUw2zQOrzDo4GUvNYxqqJOISXfdr3lCcxn1Y547XXLETGU4IpWK
+c5d2oWNOTyZTb5JFxbvRcDnT3Y+WDqo0wZ/7yevUL9Ca7oeh540AYQ8LmzHFmb1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:11 2023 by rpki-client on console-fra.rpki-client.org