Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/lDY0gKHbfdT8xOP4DGId5fiafD0.roa
File: lDY0gKHbfdT8xOP4DGId5fiafD0.roa (raw, json)
Hash identifier: uBmKpbje+GL6iNaKSOHNfnNZRH4PR0/0o1Zp4sf9jso=
Subject key identifier: 94:36:34:80:A1:DB:7D:D4:FC:C4:E3:F8:0C:62:1D:E5:F8:9A:7C:3D
Certificate issuer: /CN=1cbd5746e300091ded1a11a13b16807b4fd0f1fc
Certificate serial: 01864C20E9AFBACF0D7F795C6E3D638943F4
Authority key identifier: 1C:BD:57:46:E3:00:09:1D:ED:1A:11:A1:3B:16:80:7B:4F:D0:F1:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HL1XRuMACR3tGhGhOxaAe0_Q8fw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/lDY0gKHbfdT8xOP4DGId5fiafD0.roa
Signing time: Mon 13 Feb 2023 18:54:30 +0000
ROA not before: Mon 13 Feb 2023 18:54:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200132
IP address blocks: 195.95.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4c:20:e9:af:ba:cf:0d:7f:79:5c:6e:3d:63:89:43:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cbd5746e300091ded1a11a13b16807b4fd0f1fc
Validity
Not Before: Feb 13 18:54:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94363480a1db7dd4fcc4e3f80c621de5f89a7c3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f4:a3:a0:13:a6:9d:8c:3c:d8:bd:fe:d6:8a:
48:c7:71:a1:5e:b6:51:3f:db:9e:9a:e4:f7:00:30:
ae:d1:d1:81:07:d7:a7:4c:8f:85:ab:6d:fe:d8:1f:
29:70:ff:16:68:c6:16:f6:f5:90:11:f5:12:a9:63:
6b:e8:88:99:ff:8e:ed:e8:45:4b:f2:ed:95:d1:0a:
5b:c3:67:56:fa:21:29:43:f8:51:e3:70:de:43:b8:
6f:3e:c7:a8:f3:44:fe:af:83:40:87:62:91:09:0d:
35:8f:2d:c5:62:66:3c:77:a8:ac:ab:68:e9:0f:f6:
a1:c8:d1:10:14:34:1d:dd:34:16:01:57:0f:0a:39:
c7:60:9d:cd:95:0b:38:40:7f:b5:81:f9:02:1e:70:
44:90:f5:5e:4f:7f:db:2e:20:47:bb:b6:a1:ac:7e:
2e:a3:32:9c:8c:5b:21:04:2f:c9:91:9d:89:77:27:
ec:4b:62:13:5a:4a:62:4b:f9:27:19:15:3e:af:ae:
31:2f:58:43:39:41:c7:82:56:34:06:b4:c0:2b:ca:
7b:c9:1b:64:ff:20:4c:11:f4:3b:4b:42:49:23:ae:
78:a5:53:f9:6f:ce:27:26:d5:bd:83:90:6c:4c:15:
8c:21:e7:45:c6:b1:3d:ba:fb:9b:c3:6b:80:ef:97:
37:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:36:34:80:A1:DB:7D:D4:FC:C4:E3:F8:0C:62:1D:E5:F8:9A:7C:3D
X509v3 Authority Key Identifier:
keyid:1C:BD:57:46:E3:00:09:1D:ED:1A:11:A1:3B:16:80:7B:4F:D0:F1:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HL1XRuMACR3tGhGhOxaAe0_Q8fw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/lDY0gKHbfdT8xOP4DGId5fiafD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/e3086c-d72f-41ea-9444-bdea63e5a7c4/1/HL1XRuMACR3tGhGhOxaAe0_Q8fw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.177.0/24
Signature Algorithm: sha256WithRSAEncryption
61:83:2d:22:7f:28:db:a4:3c:f5:0a:7e:cf:8c:93:89:bb:0a:
0d:ba:c5:56:01:7b:e6:01:80:e9:f4:5c:40:94:3c:41:42:81:
87:11:a0:71:a7:44:da:c1:38:11:6a:40:f4:13:54:62:66:41:
c2:e3:b7:fc:41:80:ad:2a:54:6c:bc:8c:92:42:c3:60:b2:be:
2f:46:f8:b3:0c:09:70:7d:19:4a:cc:7f:91:98:fc:6b:13:7d:
2c:b5:e1:23:38:89:95:07:7d:fb:df:e1:2c:6a:18:b6:0f:cd:
4b:29:cd:f5:43:2d:10:41:39:12:2f:cd:f3:d8:60:70:e4:b8:
a6:fa:fb:01:e1:22:ac:65:28:73:3d:62:d2:a8:a5:ac:91:7a:
bb:6a:5e:bd:f8:9a:97:a7:1f:66:77:c4:fa:02:7e:c5:db:83:
e6:ab:d5:db:a7:05:73:dc:b9:e3:eb:8c:43:cd:5f:e6:fc:b4:
0e:f9:75:b1:36:8f:db:89:1b:01:7b:20:ef:82:38:11:bd:c5:
ca:6a:78:57:ae:ad:71:5c:8a:1e:f0:9b:cf:e9:93:ff:d6:4e:
3d:0a:78:ed:d5:ce:25:10:dd:1a:b4:c8:04:b9:40:2b:07:db:
0c:33:a5:51:8f:32:a3:4b:c0:1a:80:ba:70:e4:40:b3:6d:ef:
a7:28:b2:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZMIOmvus8Nf3lcbj1jiUP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjYmQ1NzQ2ZTMwMDA5MWRlZDFhMTFhMTNiMTY4MDdiNGZk
MGYxZmMwHhcNMjMwMjEzMTg1NDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDM2MzQ4MGExZGI3ZGQ0ZmNjNGUzZjgwYzYyMWRlNWY4OWE3YzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivSjoBOmnYw82L3+1opIx3GhXrZR
P9uemuT3ADCu0dGBB9enTI+Fq23+2B8pcP8WaMYW9vWQEfUSqWNr6IiZ/47t6EVL
8u2V0Qpbw2dW+iEpQ/hR43DeQ7hvPseo80T+r4NAh2KRCQ01jy3FYmY8d6isq2jp
D/ahyNEQFDQd3TQWAVcPCjnHYJ3NlQs4QH+1gfkCHnBEkPVeT3/bLiBHu7ahrH4u
ozKcjFshBC/JkZ2JdyfsS2ITWkpiS/knGRU+r64xL1hDOUHHglY0BrTAK8p7yRtk
/yBMEfQ7S0JJI654pVP5b84nJtW9g5BsTBWMIedFxrE9uvubw2uA75c3/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQ2NICh233U/MTj+AxiHeX4mnw9MB8GA1UdIwQY
MBaAFBy9V0bjAAkd7RoRoTsWgHtP0PH8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEwxWFJ1TUFDUjN0R2hHaE94YUFlMF9ROGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9lMzA4NmMtZDcyZi00MWVhLTk0NDQt
YmRlYTYzZTVhN2M0LzEvbERZMGdLSGJmZFQ4eE9QNERHSWQ1ZmlhZkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9lMzA4NmMtZDcyZi00MWVhLTk0NDQtYmRlYTYzZTVhN2M0
LzEvSEwxWFJ1TUFDUjN0R2hHaE94YUFlMF9ROGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1+xMA0G
CSqGSIb3DQEBCwUAA4IBAQBhgy0ifyjbpDz1Cn7PjJOJuwoNusVWAXvmAYDp9FxA
lDxBQoGHEaBxp0TawTgRakD0E1RiZkHC47f8QYCtKlRsvIySQsNgsr4vRvizDAlw
fRlKzH+RmPxrE30steEjOImVB3373+Esahi2D81LKc31Qy0QQTkSL83z2GBw5Lim
+vsB4SKsZShzPWLSqKWskXq7al69+JqXpx9md8T6An7F24Pmq9XbpwVz3Lnj64xD
zV/m/LQO+XWxNo/biRsBeyDvgjgRvcXKanhXrq1xXIoe8JvP6ZP/1k49Cnjt1c4l
EN0atMgEuUArB9sMM6VRjzKjS8AagLpw5ECzbe+nKLIp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:47 2025 by rpki-client