Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/hMsjk0yX7hFoQbmBb6XuvUXEcZQ.roa
File: hMsjk0yX7hFoQbmBb6XuvUXEcZQ.roa (raw, json)
Hash identifier: QgdiPWv2DGXxTAl3gkfXCp93jjRda29wDIVSMcyh5JY=
Subject key identifier: 84:CB:23:93:4C:97:EE:11:68:41:B9:81:6F:A5:EE:BD:45:C4:71:94
Certificate issuer: /CN=792304cece7fb6551d621e257743753d7d3e7eba
Certificate serial: 01856F9DB68FE697F1167E39AD869B2D1081
Authority key identifier: 79:23:04:CE:CE:7F:B6:55:1D:62:1E:25:77:43:75:3D:7D:3E:7E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eSMEzs5_tlUdYh4ld0N1PX0-fro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/hMsjk0yX7hFoQbmBb6XuvUXEcZQ.roa
Signing time: Sun 01 Jan 2023 23:14:44 +0000
ROA not before: Sun 01 Jan 2023 23:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59574
IP address blocks: 185.204.110.0/24 maxlen: 24
95.215.231.0/24 maxlen: 24
95.215.230.0/24 maxlen: 24
95.215.230.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9d:b6:8f:e6:97:f1:16:7e:39:ad:86:9b:2d:10:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=792304cece7fb6551d621e257743753d7d3e7eba
Validity
Not Before: Jan 1 23:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84cb23934c97ee116841b9816fa5eebd45c47194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:07:09:28:07:f5:7c:47:55:65:a2:8a:2b:86:
72:fe:b2:68:0f:8b:56:9d:9a:84:c0:fe:ae:e2:70:
3d:43:a9:6b:7a:62:84:45:ad:38:b2:fd:c0:3f:1c:
00:1a:90:ee:4f:ab:35:d6:6c:13:b9:4a:9c:5b:6f:
02:96:14:10:a3:84:dd:75:b4:dd:5c:35:f9:91:40:
98:10:22:6f:0d:5e:bb:8c:30:8f:a9:62:41:ab:4e:
fd:d9:17:c0:16:b1:d5:39:0f:6d:69:ea:92:9e:13:
84:58:c1:57:2e:0c:6d:12:b7:28:fc:f9:7b:49:79:
eb:f5:ec:4f:a9:c5:42:4c:81:d7:9c:ee:26:37:38:
d7:2b:b1:7d:d3:55:3a:b7:f5:e7:5e:f1:7f:8b:48:
b1:32:b5:23:b5:5c:59:1c:b1:93:f4:1c:90:4a:a8:
db:01:d7:ad:84:e3:72:b5:30:4d:57:b9:9f:f9:8a:
10:bc:27:70:f3:8d:0a:4b:c9:56:fd:cd:3e:e1:ec:
47:d7:54:b0:18:5a:63:18:0f:d4:ad:ee:94:7b:62:
7e:0e:f9:a6:1a:54:85:b8:bb:3e:92:58:41:d6:e2:
f6:97:af:6f:0f:91:3c:d2:a3:77:1b:a1:59:6f:d2:
bd:5e:f9:78:a8:86:ac:4e:45:af:5d:cb:27:a7:19:
f4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:CB:23:93:4C:97:EE:11:68:41:B9:81:6F:A5:EE:BD:45:C4:71:94
X509v3 Authority Key Identifier:
keyid:79:23:04:CE:CE:7F:B6:55:1D:62:1E:25:77:43:75:3D:7D:3E:7E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eSMEzs5_tlUdYh4ld0N1PX0-fro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/hMsjk0yX7hFoQbmBb6XuvUXEcZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/eSMEzs5_tlUdYh4ld0N1PX0-fro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.230.0/23
185.204.110.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:54:e9:c5:19:91:f6:d0:10:7d:cb:02:58:99:3d:40:bd:6f:
b2:ab:57:75:70:e7:a6:68:fa:2e:68:d1:ed:e9:65:35:02:7e:
40:6e:77:45:56:58:a3:c6:f6:3e:b5:64:b6:ef:35:13:dd:5d:
35:0f:d5:00:be:e5:dc:cf:53:13:68:fd:c0:af:55:cd:b9:99:
b4:a0:a7:f9:1d:62:b0:52:4c:59:78:d0:da:1b:eb:fc:c2:9c:
18:5f:e5:ec:4d:b2:49:db:58:38:30:75:e0:53:5a:0f:c8:46:
86:29:ff:bd:96:90:52:c0:82:e5:4c:25:c7:72:26:81:6b:53:
c2:15:cf:2a:9b:ce:77:54:dc:19:96:14:9b:79:4e:b4:7c:1d:
f4:19:38:c7:d8:18:a7:b0:f8:ef:f3:d5:e4:69:9d:73:35:35:
62:fd:24:55:03:c8:17:92:69:41:96:42:f3:e7:9c:1b:57:26:
cb:99:f5:cb:50:09:d9:4e:ac:fe:b8:3d:dc:56:bd:ac:6a:f8:
eb:9b:50:2a:a3:5b:f8:df:da:d4:a2:1c:db:fe:d6:90:0d:0f:
05:bb:2b:95:03:b9:da:3b:76:f7:bd:f1:79:25:0a:40:d5:18:
a0:e8:10:6c:65:41:48:32:14:9d:07:e1:92:4a:02:e2:50:6f:
72:d2:0f:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvnbaP5pfxFn45rYabLRCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MjMwNGNlY2U3ZmI2NTUxZDYyMWUyNTc3NDM3NTNkN2Qz
ZTdlYmEwHhcNMjMwMTAxMjMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGNiMjM5MzRjOTdlZTExNjg0MWI5ODE2ZmE1ZWViZDQ1YzQ3MTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQcJKAf1fEdVZaKKK4Zy/rJoD4tW
nZqEwP6u4nA9Q6lremKERa04sv3APxwAGpDuT6s11mwTuUqcW28ClhQQo4TddbTd
XDX5kUCYECJvDV67jDCPqWJBq0792RfAFrHVOQ9taeqSnhOEWMFXLgxtErco/Pl7
SXnr9exPqcVCTIHXnO4mNzjXK7F901U6t/XnXvF/i0ixMrUjtVxZHLGT9ByQSqjb
AdethONytTBNV7mf+YoQvCdw840KS8lW/c0+4exH11SwGFpjGA/Ure6Ue2J+Dvmm
GlSFuLs+klhB1uL2l69vD5E80qN3G6FZb9K9Xvl4qIasTkWvXcsnpxn0sQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFITLI5NMl+4RaEG5gW+l7r1FxHGUMB8GA1UdIwQY
MBaAFHkjBM7Of7ZVHWIeJXdDdT19Pn66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVNNRXpzNV90bFVkWWg0bGQwTjFQWDAtZnJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lODRiNWQtMzUxMS00NGU5LTkyNjEt
ZWQ4MmFlN2RiZDU5LzEvaE1zamsweVg3aEZvUWJtQmI2WHV2VVhFY1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lODRiNWQtMzUxMS00NGU5LTkyNjEtZWQ4MmFlN2RiZDU5
LzEvZVNNRXpzNV90bFVkWWg0bGQwTjFQWDAtZnJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBX9fmAwQA
ucxuMA0GCSqGSIb3DQEBCwUAA4IBAQClVOnFGZH20BB9ywJYmT1AvW+yq1d1cOem
aPouaNHt6WU1An5AbndFVlijxvY+tWS27zUT3V01D9UAvuXcz1MTaP3Ar1XNuZm0
oKf5HWKwUkxZeNDaG+v8wpwYX+XsTbJJ21g4MHXgU1oPyEaGKf+9lpBSwILlTCXH
ciaBa1PCFc8qm853VNwZlhSbeU60fB30GTjH2BinsPjv89XkaZ1zNTVi/SRVA8gX
kmlBlkLz55wbVybLmfXLUAnZTqz+uD3cVr2savjrm1Aqo1v439rUohzb/taQDQ8F
uyuVA7naO3b3vfF5JQpA1Rig6BBsZUFIMhSdB+GSSgLiUG9y0g96
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:42 2025 by rpki-client