Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/sfV8wZeAyQSyMo-K0zfbHhAPvyE.roa
File: sfV8wZeAyQSyMo-K0zfbHhAPvyE.roa (raw, json)
Hash identifier: UgiOYVJwRPuZKerDgowvW5T/vQxGyZBUzSQbQmgTrKI=
Subject key identifier: B1:F5:7C:C1:97:80:C9:04:B2:32:8F:8A:D3:37:DB:1E:10:0F:BF:21
Certificate issuer: /CN=570a181aa090cb970605a25a7a57d653547f2324
Certificate serial: 07255190
Authority key identifier: 57:0A:18:1A:A0:90:CB:97:06:05:A2:5A:7A:57:D6:53:54:7F:23:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/sfV8wZeAyQSyMo-K0zfbHhAPvyE.roa
Signing time: Sat 01 Jan 2022 04:58:33 +0000
ROA not before: Sat 01 Jan 2022 04:58:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49054
IP address blocks: 95.131.168.0/22 maxlen: 22
95.131.170.0/24 maxlen: 24
95.131.169.0/24 maxlen: 24
185.247.233.0/24 maxlen: 24
185.247.232.0/24 maxlen: 24
185.247.232.0/22 maxlen: 22
185.247.234.0/24 maxlen: 24
2a0d:d080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119886224 (0x7255190)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570a181aa090cb970605a25a7a57d653547f2324
Validity
Not Before: Jan 1 04:58:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1f57cc19780c904b2328f8ad337db1e100fbf21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8e:16:6e:df:91:57:ec:64:5e:4d:75:a6:d3:
4f:b4:a1:62:24:29:e6:c0:e8:f3:d3:4b:b3:31:03:
f4:f7:8b:25:30:f1:9a:53:65:eb:c3:65:cb:a1:0c:
8d:0d:b1:14:27:d4:a8:31:13:c9:bb:8b:7d:44:a8:
c8:55:80:c1:e6:ed:e9:eb:a4:dc:e1:5a:45:03:c2:
80:71:68:f1:87:7a:03:03:99:36:1c:30:1a:be:e9:
0c:98:9f:6e:57:c8:bb:f2:60:ee:26:ba:ad:2a:89:
ce:88:d3:ae:0b:0c:d9:50:51:d2:e1:1b:d5:b5:fc:
32:ad:91:47:32:7e:2a:0b:e5:db:2e:03:79:8e:4b:
29:1c:a0:81:1a:50:43:08:32:fe:0c:9a:93:d4:8f:
45:53:c5:2c:16:12:83:46:ed:27:a9:34:83:76:3c:
f1:5a:6c:09:99:1e:67:6e:fc:31:78:7f:b1:52:e2:
1d:3a:b9:c3:97:34:04:6b:e0:20:a5:99:91:46:5b:
d2:d1:41:4d:3a:6a:a6:45:5c:3f:66:5b:c0:23:17:
eb:4f:b8:a2:ad:6e:75:aa:71:0b:e4:f0:ad:f3:97:
4e:c1:5c:aa:60:39:e8:94:ce:31:41:7e:3c:af:03:
ab:3b:95:35:89:c7:56:15:bb:64:de:80:e1:b3:c9:
6d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F5:7C:C1:97:80:C9:04:B2:32:8F:8A:D3:37:DB:1E:10:0F:BF:21
X509v3 Authority Key Identifier:
keyid:57:0A:18:1A:A0:90:CB:97:06:05:A2:5A:7A:57:D6:53:54:7F:23:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VwoYGqCQy5cGBaJaelfWU1R_IyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/sfV8wZeAyQSyMo-K0zfbHhAPvyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0c8b0f-5384-4580-89c2-a637650c74ae/1/VwoYGqCQy5cGBaJaelfWU1R_IyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.168.0/22
185.247.232.0/22
IPv6:
2a0d:d080::/29
Signature Algorithm: sha256WithRSAEncryption
2f:42:9b:2d:7e:e5:27:83:2c:d2:b2:9c:27:d5:f8:cf:4a:2e:
07:40:b3:0d:65:d1:12:02:3f:2a:ec:89:c4:95:f6:e1:96:42:
4a:05:ac:63:3f:71:fc:11:6f:33:c5:d7:fe:75:32:7b:b8:54:
78:c1:81:65:ac:a1:1e:03:0d:92:b9:81:8c:98:05:ce:01:fa:
29:15:d4:e6:5f:f7:e2:18:19:03:9a:a6:09:96:97:50:8c:e1:
a8:4b:ba:5c:12:52:cb:83:9c:cf:0a:99:94:1d:8c:f1:80:61:
0d:38:2b:bf:46:b6:87:cb:44:49:c7:a1:6d:22:a9:f4:ff:9a:
37:ff:37:78:77:ea:0e:87:55:30:1f:04:fd:a0:d7:13:9a:00:
b2:76:da:ec:17:6a:7d:52:c9:ec:60:42:a1:af:d6:b7:eb:56:
16:d3:bd:03:4f:42:ce:92:44:14:71:95:3c:28:b7:22:ce:b9:
a5:e2:26:96:ba:53:5b:0e:88:55:e9:b4:47:2b:6c:df:f1:b8:
a5:76:61:86:7b:2e:27:4c:63:65:e7:9a:b8:de:d2:06:b1:2a:
c7:6f:1b:19:97:ad:a6:ab:eb:28:19:86:0e:01:52:18:cd:84:
ce:ee:3d:c1:e9:d1:96:d6:d2:e8:a6:cb:68:49:01:d3:fa:97:
b5:7b:ea:3e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEByVRkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NzBhMTgxYWEwOTBjYjk3MDYwNWEyNWE3YTU3ZDY1MzU0N2YyMzI0MB4XDTIyMDEw
MTA0NTgzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFmNTdjYzE5Nzgw
YzkwNGIyMzI4ZjhhZDMzN2RiMWUxMDBmYmYyMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCOFm7fkVfsZF5NdabTT7ShYiQp5sDo89NLszED9PeLJTDx
mlNl68Nly6EMjQ2xFCfUqDETybuLfUSoyFWAwebt6euk3OFaRQPCgHFo8Yd6AwOZ
NhwwGr7pDJifblfIu/Jg7ia6rSqJzojTrgsM2VBR0uEb1bX8Mq2RRzJ+Kgvl2y4D
eY5LKRyggRpQQwgy/gyak9SPRVPFLBYSg0btJ6k0g3Y88VpsCZkeZ278MXh/sVLi
HTq5w5c0BGvgIKWZkUZb0tFBTTpqpkVcP2ZbwCMX60+4oq1udapxC+TwrfOXTsFc
qmA56JTOMUF+PK8DqzuVNYnHVhW7ZN6A4bPJbR8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSx9XzBl4DJBLIyj4rTN9seEA+/ITAfBgNVHSMEGDAWgBRXChgaoJDLlwYF
olp6V9ZTVH8jJDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Z3b1lHcUNReTVjR0JhSmFlbGZXVTFSX0l5US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvMGM4YjBmLTUzODQtNDU4MC04OWMyLWE2Mzc2NTBjNzRhZS8x
L3NmVjh3WmVBeVFTeU1vLUswemZiSGhBUHZ5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
MGM4YjBmLTUzODQtNDU4MC04OWMyLWE2Mzc2NTBjNzRhZS8xL1Z3b1lHcUNReTVj
R0JhSmFlbGZXVTFSX0l5US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAl+DqAMEArn36DANBAIAAjAHAwUD
Kg3QgDANBgkqhkiG9w0BAQsFAAOCAQEAL0KbLX7lJ4Ms0rKcJ9X4z0ouB0CzDWXR
EgI/KuyJxJX24ZZCSgWsYz9x/BFvM8XX/nUye7hUeMGBZayhHgMNkrmBjJgFzgH6
KRXU5l/34hgZA5qmCZaXUIzhqEu6XBJSy4OczwqZlB2M8YBhDTgrv0a2h8tESceh
bSKp9P+aN/83eHfqDodVMB8E/aDXE5oAsnba7BdqfVLJ7GBCoa/Wt+tWFtO9A09C
zpJEFHGVPCi3Is65peImlrpTWw6IVem0Ryts3/G4pXZhhnsuJ0xjZeeauN7SBrEq
x28bGZetpqvrKBmGDgFSGM2Ezu49wenRltbS6KbLaEkB0/qXtXvqPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:56 2024 by rpki-client on console-ams.rpki-client.org