Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/mS3fU4oiPEGB9FqeqS9nQr2PTs0.roa
File: mS3fU4oiPEGB9FqeqS9nQr2PTs0.roa (raw, json)
Hash identifier: 8xxH8pXeWSAskDj+bcxNkR/3kL9LMLmHIt/Gg7fVbNM=
Subject key identifier: 99:2D:DF:53:8A:22:3C:41:81:F4:5A:9E:A9:2F:67:42:BD:8F:4E:CD
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 08F0B3CF
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/mS3fU4oiPEGB9FqeqS9nQr2PTs0.roa
Signing time: Sat 01 Jan 2022 08:05:22 +0000
ROA not before: Sat 01 Jan 2022 08:05:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197168
IP address blocks: 95.158.142.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 149992399 (0x8f0b3cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 1 08:05:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=992ddf538a223c4181f45a9ea92f6742bd8f4ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c2:e4:9d:6e:39:19:4d:60:ef:6d:bb:22:7f:
6e:fa:d5:b1:1e:ce:56:4b:7d:2e:6a:85:77:d5:a1:
8b:82:a5:41:8e:58:79:e6:b6:f8:47:aa:8a:70:c2:
c5:3d:9a:4b:58:9e:f7:4d:1b:d8:01:80:32:4a:5d:
01:ef:cb:62:7d:2e:4b:77:97:76:3b:56:5a:f0:d6:
a8:18:4c:3c:aa:a8:e2:d8:87:f1:a0:a9:81:9f:7c:
ae:d6:99:6d:15:c4:06:df:fa:3c:bc:9f:64:29:d8:
aa:58:12:cc:b8:a5:97:a0:4d:f6:3a:b7:96:96:80:
05:96:95:b6:43:63:97:4d:fc:b9:94:57:48:c8:53:
60:34:29:93:b7:66:12:24:a2:43:c3:8f:f8:42:4d:
d3:ba:7a:0a:8c:f8:54:a3:bf:95:2e:2e:aa:02:6f:
6b:43:81:b6:f2:38:51:20:82:31:fc:03:bb:c6:a8:
77:d7:63:0f:c6:e8:db:81:6c:4f:6c:d1:cd:fe:40:
6e:ac:da:48:eb:36:94:bc:30:1c:b2:a5:b5:4f:3a:
33:97:ee:e8:c1:11:50:51:47:84:9e:2d:c6:75:40:
a9:79:ad:bf:1d:91:73:d7:97:ba:ae:7c:0b:fb:b4:
46:3e:fd:1a:cb:02:b7:ca:e8:8e:33:9b:0a:d4:98:
35:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:2D:DF:53:8A:22:3C:41:81:F4:5A:9E:A9:2F:67:42:BD:8F:4E:CD
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/mS3fU4oiPEGB9FqeqS9nQr2PTs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.158.142.0/23
Signature Algorithm: sha256WithRSAEncryption
59:ce:fe:eb:c5:4a:04:56:cb:71:d3:75:3b:f1:a2:db:59:f2:
43:87:cb:6d:cf:fa:ad:fa:b8:20:5a:0c:f4:67:88:01:db:be:
0b:b5:90:8a:20:4b:19:39:95:7b:17:e8:fe:81:e1:7f:5f:1c:
d0:fb:6f:a4:6f:63:a1:67:b6:ce:ed:a4:a6:95:8b:2d:c9:db:
6a:ef:53:2b:6c:d6:67:ac:79:2c:93:74:a7:5f:a1:0c:88:49:
38:2d:79:d7:b6:34:6c:b4:11:e1:df:30:63:94:e2:fa:da:16:
fc:69:b3:df:84:d0:82:08:c3:6b:60:6d:df:06:68:16:a3:64:
77:75:20:72:3b:f0:2b:97:95:02:e0:44:42:2a:6c:9f:ee:41:
6d:2d:ea:15:30:4c:12:7b:52:25:17:fe:e7:72:da:f1:be:ec:
ce:5d:b6:6f:00:c1:b1:bf:d9:3c:da:0d:61:69:60:13:8d:17:
64:7e:a6:bf:38:12:e4:fb:8b:93:ad:b5:a5:5a:d7:e7:f3:50:
93:db:a4:27:4f:20:83:57:7b:bf:3b:3d:3e:ae:87:57:15:df:
f4:3d:63:4e:28:e1:ec:1b:97:d6:ec:a8:ea:a0:dd:29:83:9d:
4c:11:b5:2b:8e:37:11:bb:10:1a:81:c0:c0:a5:9b:ca:4d:b8:
6f:b0:eb:3a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECPCzzzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDEw
MTA4MDUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTkyZGRmNTM4YTIy
M2M0MTgxZjQ1YTllYTkyZjY3NDJiZDhmNGVjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzC5J1uORlNYO9tuyJ/bvrVsR7OVkt9LmqFd9Whi4KlQY5Y
eea2+EeqinDCxT2aS1ie900b2AGAMkpdAe/LYn0uS3eXdjtWWvDWqBhMPKqo4tiH
8aCpgZ98rtaZbRXEBt/6PLyfZCnYqlgSzLill6BN9jq3lpaABZaVtkNjl038uZRX
SMhTYDQpk7dmEiSiQ8OP+EJN07p6Coz4VKO/lS4uqgJva0OBtvI4USCCMfwDu8ao
d9djD8bo24FsT2zRzf5AbqzaSOs2lLwwHLKltU86M5fu6MERUFFHhJ4txnVAqXmt
vx2Rc9eXuq58C/u0Rj79GssCt8rojjObCtSYNb8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSZLd9TiiI8QYH0Wp6pL2dCvY9OzTAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L21TM2ZVNG9pUEVHQjlGcWVxUzluUXIyUFRzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAV+ejjANBgkqhkiG9w0BAQsFAAOC
AQEAWc7+68VKBFbLcdN1O/Gi21nyQ4fLbc/6rfq4IFoM9GeIAdu+C7WQiiBLGTmV
exfo/oHhf18c0PtvpG9joWe2zu2kppWLLcnbau9TK2zWZ6x5LJN0p1+hDIhJOC15
17Y0bLQR4d8wY5Ti+toW/Gmz34TQggjDa2Bt3wZoFqNkd3UgcjvwK5eVAuBEQips
n+5BbS3qFTBMEntSJRf+53La8b7szl22bwDBsb/ZPNoNYWlgE40XZH6mvzgS5PuL
k621pVrX5/NQk9ukJ08gg1d7vzs9Pq6HVxXf9D1jTijh7BuX1uyo6qDdKYOdTBG1
K443EbsQGoHAwKWbyk24b7DrOg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:37 2023 by rpki-client on console-ams.rpki-client.org