Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/Lv8Oj4wrVFiZgUKOCtPD2nW7z4w.roa
File: Lv8Oj4wrVFiZgUKOCtPD2nW7z4w.roa (raw, json)
Hash identifier: GmcbWg3Nmdm2Vvyst7qCUTNi1mNEdNYdf1G7y+DDzpI=
Subject key identifier: 2E:FF:0E:8F:8C:2B:54:58:99:81:42:8E:0A:D3:C3:DA:75:BB:CF:8C
Certificate issuer: /CN=b2a48af3d96931bd90c3bfd55f1fa3047b356014
Certificate serial: 01890D67
Authority key identifier: B2:A4:8A:F3:D9:69:31:BD:90:C3:BF:D5:5F:1F:A3:04:7B:35:60:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/Lv8Oj4wrVFiZgUKOCtPD2nW7z4w.roa
Signing time: Sat 01 Jan 2022 02:58:27 +0000
ROA not before: Sat 01 Jan 2022 02:58:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34515
IP address blocks: 185.95.186.0/24 maxlen: 24
185.95.184.0/24 maxlen: 24
185.95.185.0/24 maxlen: 24
185.95.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25759079 (0x1890d67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2a48af3d96931bd90c3bfd55f1fa3047b356014
Validity
Not Before: Jan 1 02:58:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2eff0e8f8c2b54589981428e0ad3c3da75bbcf8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:86:17:3a:3e:bd:09:a1:d7:f2:88:c8:13:e0:
e2:a0:64:f2:bf:c2:1b:bb:18:e0:64:3c:1a:69:bb:
56:d0:b9:bd:8b:ab:71:54:60:f7:32:e8:49:8b:3a:
f0:24:af:c0:f7:27:80:71:33:6b:11:69:c8:73:f2:
db:79:d8:a1:f2:a9:34:ff:7e:0b:7b:7c:10:1c:ca:
48:53:67:ee:fd:f3:f9:af:27:a6:1f:7a:a2:4e:0d:
6b:a5:0a:2b:67:af:d0:1f:15:0f:54:59:7d:cc:2e:
30:2c:7b:a5:ff:00:c6:2e:5d:0c:21:76:59:48:c9:
39:0f:5f:33:21:50:3c:b9:06:c4:3e:4f:ed:0b:65:
8d:94:0d:99:32:75:2b:b3:a0:14:50:74:c1:07:ab:
89:ed:eb:ee:dd:7d:3a:04:fe:77:18:29:42:fb:d2:
5a:ce:c2:2f:cf:ce:38:33:4b:c0:86:f4:9b:9c:63:
3f:b5:99:05:ed:69:c9:e6:6d:c5:40:17:92:c3:5b:
59:90:a5:b9:b6:5b:44:26:3d:4a:be:57:68:de:c1:
ad:c7:5c:d1:36:50:66:f7:03:09:c5:fa:61:63:7e:
4f:90:d9:8f:08:e3:85:47:f4:d8:4f:32:75:47:c6:
d0:66:dd:dd:e8:f2:76:80:1f:7d:b2:70:64:c1:5c:
c1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:FF:0E:8F:8C:2B:54:58:99:81:42:8E:0A:D3:C3:DA:75:BB:CF:8C
X509v3 Authority Key Identifier:
keyid:B2:A4:8A:F3:D9:69:31:BD:90:C3:BF:D5:5F:1F:A3:04:7B:35:60:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/Lv8Oj4wrVFiZgUKOCtPD2nW7z4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.184.0/22
Signature Algorithm: sha256WithRSAEncryption
22:f1:65:65:5e:0b:44:fc:8d:66:f4:bf:b3:77:b5:26:21:fe:
0f:ac:6b:26:ee:00:83:f2:5d:9a:14:04:10:2f:0b:b3:6c:52:
d3:87:71:1f:fd:28:1d:9f:12:c7:83:62:7c:7d:6b:e6:aa:40:
b2:d4:9a:e3:16:aa:32:38:26:9f:2d:45:cb:30:9f:df:bc:50:
ef:66:16:8d:30:d2:9e:0b:df:78:74:35:3c:00:e3:93:2d:0d:
20:29:0f:e5:01:f4:7a:63:56:df:4e:5f:bb:2c:10:b1:cc:1d:
00:62:67:04:b6:9b:30:fe:1c:ff:8c:0c:ba:c5:d8:3f:9e:4b:
6a:2c:12:1e:1f:7e:7b:33:84:56:61:f4:3c:d8:e1:cd:24:81:
a4:0f:fa:bb:5b:27:3d:82:1d:04:86:72:c3:d4:2f:db:90:ef:
96:b5:4a:0f:63:c3:15:e5:ae:d9:dc:c2:37:95:60:a4:ec:22:
db:41:8d:62:8a:6c:b4:58:3d:7d:bf:30:6d:d9:b1:89:0e:1f:
e9:01:66:4c:08:ed:bb:10:22:89:d5:a1:65:5f:b8:08:a5:c4:
00:3b:2f:ae:f4:34:bc:43:55:89:4f:d9:d3:e4:49:84:b2:2c:
bf:a7:1f:7f:cd:c5:40:c6:3d:1a:c2:76:9f:bc:c6:bf:eb:cd:
ef:39:f8:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYkNZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MmE0OGFmM2Q5NjkzMWJkOTBjM2JmZDU1ZjFmYTMwNDdiMzU2MDE0MB4XDTIyMDEw
MTAyNTgyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVmZjBlOGY4YzJi
NTQ1ODk5ODE0MjhlMGFkM2MzZGE3NWJiY2Y4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmGFzo+vQmh1/KIyBPg4qBk8r/CG7sY4GQ8Gmm7VtC5vYur
cVRg9zLoSYs68CSvwPcngHEzaxFpyHPy23nYofKpNP9+C3t8EBzKSFNn7v3z+a8n
ph96ok4Na6UKK2ev0B8VD1RZfcwuMCx7pf8Axi5dDCF2WUjJOQ9fMyFQPLkGxD5P
7QtljZQNmTJ1K7OgFFB0wQerie3r7t19OgT+dxgpQvvSWs7CL8/OODNLwIb0m5xj
P7WZBe1pyeZtxUAXksNbWZClubZbRCY9Sr5XaN7Brcdc0TZQZvcDCcX6YWN+T5DZ
jwjjhUf02E8ydUfG0Gbd3ejydoAffbJwZMFcwfcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQu/w6PjCtUWJmBQo4K08PadbvPjDAfBgNVHSMEGDAWgBSypIrz2WkxvZDD
v9VfH6MEezVgFDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NxU0s4OWxwTWIyUXc3X1ZYeC1qQkhzMVlCUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZDUxYWRmLTE0OTItNGMxNC04ODIxLWI5YmQwNjU5NDgzYS8x
L0x2OE9qNHdyVkZpWmdVS09DdFBEMm5XN3o0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZDUxYWRmLTE0OTItNGMxNC04ODIxLWI5YmQwNjU5NDgzYS8xL3NxU0s4OWxwTWIy
UXc3X1ZYeC1qQkhzMVlCUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlfuDANBgkqhkiG9w0BAQsFAAOC
AQEAIvFlZV4LRPyNZvS/s3e1JiH+D6xrJu4Ag/JdmhQEEC8Ls2xS04dxH/0oHZ8S
x4NifH1r5qpAstSa4xaqMjgmny1FyzCf37xQ72YWjTDSngvfeHQ1PADjky0NICkP
5QH0emNW305fuywQscwdAGJnBLabMP4c/4wMusXYP55LaiwSHh9+ezOEVmH0PNjh
zSSBpA/6u1snPYIdBIZyw9Qv25DvlrVKD2PDFeWu2dzCN5VgpOwi20GNYopstFg9
fb8wbdmxiQ4f6QFmTAjtuxAiidWhZV+4CKXEADsvrvQ0vENViU/Z0+RJhLIsv6cf
f83FQMY9GsJ2n7zGv+vN7zn4tg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:41 2025 by rpki-client