Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/ci_EIf9spAhEnynbWwdr76dZh3s.roa
File: ci_EIf9spAhEnynbWwdr76dZh3s.roa (raw, json)
Hash identifier: QLC72oGBEdKKl5sFWz+naMNFmP4LlalSXvxNWZjCET8=
Subject key identifier: 72:2F:C4:21:FF:6C:A4:08:44:9F:29:DB:5B:07:6B:EF:A7:59:87:7B
Certificate issuer: /CN=7b48945b9d716cd47fbde2860d8100fcda987496
Certificate serial: 0187098029B648D8147AC0AAB00DAD9E980F
Authority key identifier: 7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/ci_EIf9spAhEnynbWwdr76dZh3s.roa
Signing time: Wed 22 Mar 2023 13:26:46 +0000
ROA not before: Wed 22 Mar 2023 13:26:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13246
IP address blocks: 185.181.192.0/22 maxlen: 22
185.181.195.0/24 maxlen: 24
95.130.16.0/24 maxlen: 24
95.130.16.0/21 maxlen: 21
95.130.17.0/24 maxlen: 24
95.130.20.0/24 maxlen: 24
95.130.22.0/24 maxlen: 24
2a02:2940::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:09:80:29:b6:48:d8:14:7a:c0:aa:b0:0d:ad:9e:98:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b48945b9d716cd47fbde2860d8100fcda987496
Validity
Not Before: Mar 22 13:26:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=722fc421ff6ca408449f29db5b076befa759877b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:43:b6:33:68:20:8f:fb:6a:45:45:44:ac:72:
d0:5d:e9:a2:9f:37:59:d0:71:9b:cf:82:2c:a4:2a:
45:47:fc:42:15:3d:05:27:53:3c:79:ae:b4:2a:16:
a4:c0:66:5d:48:4c:fb:f4:b6:7d:84:a6:a3:83:d7:
7e:4c:2e:fc:7f:63:98:5f:5b:c4:93:4d:81:05:84:
5c:41:24:66:d6:b6:72:50:77:bc:16:b0:5d:f9:df:
a3:af:7a:44:6d:ec:33:d8:1b:eb:d9:81:89:ea:df:
93:d3:4b:cd:20:d7:1b:08:7e:2a:62:32:b0:a9:00:
02:3d:9c:84:24:05:01:d6:20:ee:a1:11:28:80:fa:
24:82:a5:e9:ee:27:c5:e7:67:cb:18:f8:a5:dd:76:
e6:1c:49:10:d7:e3:03:26:e4:97:6e:cb:74:ac:ea:
da:48:05:f7:b4:04:07:8a:52:9e:f1:dd:52:94:86:
67:26:53:6e:c9:03:87:61:d5:05:2e:a3:69:62:e7:
2c:8b:bb:16:26:e4:1b:f7:49:14:01:a7:4a:9f:6c:
d7:e4:a9:71:92:ab:9e:4d:2c:96:2a:8d:e4:07:96:
2f:de:37:57:69:a0:ca:15:d6:09:51:a1:70:76:98:
b7:ef:16:ae:d3:0a:a8:dc:c2:21:af:94:97:72:f4:
44:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:2F:C4:21:FF:6C:A4:08:44:9F:29:DB:5B:07:6B:EF:A7:59:87:7B
X509v3 Authority Key Identifier:
keyid:7B:48:94:5B:9D:71:6C:D4:7F:BD:E2:86:0D:81:00:FC:DA:98:74:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0iUW51xbNR_veKGDYEA_NqYdJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/ci_EIf9spAhEnynbWwdr76dZh3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/5b6b06-9af6-4026-b47c-4e85897f309c/1/e0iUW51xbNR_veKGDYEA_NqYdJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.16.0/21
185.181.192.0/22
IPv6:
2a02:2940::/32
Signature Algorithm: sha256WithRSAEncryption
5c:1e:29:d8:35:01:e2:32:0e:ca:d7:ed:1d:24:30:2e:02:57:
f6:b7:57:2f:95:24:8b:70:e7:c1:a5:b7:fa:f1:48:3d:1f:23:
43:eb:da:2c:b3:8d:70:b9:49:9f:6f:d8:3a:36:9e:6f:eb:a8:
21:d5:76:bc:44:6b:56:0b:89:ce:68:22:88:74:64:35:98:f3:
b6:a4:4c:45:89:f0:23:6c:85:b7:95:be:7d:2c:3c:91:87:f4:
32:b0:0a:a4:f3:b8:a9:73:2a:f2:f1:ea:81:6c:01:25:53:c6:
b4:75:6a:b1:50:fb:a1:12:0d:ea:53:07:a8:4f:6a:21:d9:b7:
9f:c5:75:2b:e1:ac:7e:8d:be:cc:dc:b2:9b:b6:3d:63:05:66:
8d:eb:66:89:25:e3:64:45:9f:c9:64:23:10:ae:3b:88:be:62:
0b:ca:87:80:f3:1a:44:72:58:73:9b:b9:80:45:f6:d5:70:42:
c4:2c:8a:b2:38:de:84:e1:b6:16:3c:d9:8b:42:8f:3d:2a:55:
47:9e:9a:25:16:4e:6d:4a:9b:e5:5c:02:8b:51:4f:a0:a0:30:
38:29:42:8b:ff:c7:c3:c8:38:22:78:77:dd:4f:42:10:2b:5b:
9e:ee:55:8e:66:bc:d8:05:d4:61:5a:81:26:7d:fb:0d:1f:7e:
14:17:3f:78
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYcJgCm2SNgUesCqsA2tnpgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNDg5NDViOWQ3MTZjZDQ3ZmJkZTI4NjBkODEwMGZjZGE5
ODc0OTYwHhcNMjMwMzIyMTMyNjQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjJmYzQyMWZmNmNhNDA4NDQ5ZjI5ZGI1YjA3NmJlZmE3NTk4NzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUO2M2ggj/tqRUVErHLQXeminzdZ
0HGbz4IspCpFR/xCFT0FJ1M8ea60KhakwGZdSEz79LZ9hKajg9d+TC78f2OYX1vE
k02BBYRcQSRm1rZyUHe8FrBd+d+jr3pEbewz2Bvr2YGJ6t+T00vNINcbCH4qYjKw
qQACPZyEJAUB1iDuoREogPokgqXp7ifF52fLGPil3XbmHEkQ1+MDJuSXbst0rOra
SAX3tAQHilKe8d1SlIZnJlNuyQOHYdUFLqNpYucsi7sWJuQb90kUAadKn2zX5Klx
kqueTSyWKo3kB5Yv3jdXaaDKFdYJUaFwdpi37xau0wqo3MIhr5SXcvREYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHIvxCH/bKQIRJ8p21sHa++nWYd7MB8GA1UdIwQY
MBaAFHtIlFudcWzUf73ihg2BAPzamHSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2Mt
NGU4NTg5N2YzMDljLzEvY2lfRUlmOXNwQWhFbnluYld3ZHI3NmRaaDNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS81YjZiMDYtOWFmNi00MDI2LWI0N2MtNGU4NTg5N2YzMDlj
LzEvZTBpVVc1MXhiTlJfdmVLR0RZRUFfTnFZZEpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX4IQAwQC
ubXAMA0EAgACMAcDBQAqAilAMA0GCSqGSIb3DQEBCwUAA4IBAQBcHinYNQHiMg7K
1+0dJDAuAlf2t1cvlSSLcOfBpbf68Ug9HyND69oss41wuUmfb9g6Np5v66gh1Xa8
RGtWC4nOaCKIdGQ1mPO2pExFifAjbIW3lb59LDyRh/QysAqk87ipcyry8eqBbAEl
U8a0dWqxUPuhEg3qUweoT2oh2befxXUr4ax+jb7M3LKbtj1jBWaN62aJJeNkRZ/J
ZCMQrjuIvmILyoeA8xpEclhzm7mARfbVcELELIqyON6E4bYWPNmLQo89KlVHnpol
Fk5tSpvlXAKLUU+goDA4KUKL/8fDyDgieHfdT0IQK1ue7lWOZrzYBdRhWoEmffsN
H34UFz94
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:43 2025 by rpki-client