Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/RyVeH2WXV0iIJTphLAHFM0Lu6JE.roa
File: RyVeH2WXV0iIJTphLAHFM0Lu6JE.roa (raw, json)
Hash identifier: 3QXCFhtAppq9RTvCp0bG03GWtGGtc9o8SrHKt31zXqw=
Subject key identifier: 47:25:5E:1F:65:97:57:48:88:25:3A:61:2C:01:C5:33:42:EE:E8:91
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE672ADEDEF857FE3DAF141FF9AEE5A
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/RyVeH2WXV0iIJTphLAHFM0Lu6JE.roa
Signing time: Sun 01 Jan 2023 10:35:19 +0000
ROA not before: Sun 01 Jan 2023 10:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206523
IP address blocks: 95.43.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:72:ad:ed:ef:85:7f:e3:da:f1:41:ff:9a:ee:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47255e1f6597574888253a612c01c53342eee891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0f:86:fb:4f:a1:4d:2d:ad:0d:4b:e4:58:45:
f2:c0:57:c5:9c:e7:64:a1:a8:e5:b6:22:57:e7:02:
7d:c4:84:e3:e2:8b:b5:b4:d4:9b:ac:aa:80:35:16:
3d:4a:23:b7:44:d0:d3:d2:b4:e4:d4:00:ef:59:cc:
c2:4b:d6:ba:53:d0:29:9a:4e:f1:42:a6:6e:44:29:
3c:d9:85:98:b3:1e:4b:2f:9d:6e:52:e9:fc:01:9e:
a4:99:88:67:44:ab:25:3b:9e:84:09:3c:7b:5c:ce:
85:14:a0:00:ce:a2:42:5e:87:4a:39:62:74:98:1a:
ee:45:17:c4:d3:0f:3f:65:1f:a7:29:99:2f:99:ee:
0e:e4:f3:64:2e:74:0f:a5:20:29:de:d4:29:d3:72:
95:97:de:d0:25:4b:51:dc:2c:63:0a:b1:4a:84:ec:
ad:20:a6:45:a8:d6:a4:c3:95:75:90:4d:45:0a:1e:
ad:52:74:d5:bb:40:72:fe:89:7b:5f:5f:51:a5:b2:
3a:6d:e5:4c:3e:cf:8c:77:d4:f9:e5:25:19:f0:0f:
64:08:de:a7:58:9a:27:67:20:ba:f6:44:c3:4d:ab:
d8:84:70:bf:39:b1:45:8c:ee:7a:02:43:f4:c8:9d:
bb:06:93:e4:64:72:7f:93:99:dd:a9:f8:e5:c3:a9:
ef:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:25:5E:1F:65:97:57:48:88:25:3A:61:2C:01:C5:33:42:EE:E8:91
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/RyVeH2WXV0iIJTphLAHFM0Lu6JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.43.216.0/24
Signature Algorithm: sha256WithRSAEncryption
35:95:30:10:35:91:32:ad:86:a4:4c:b7:c5:df:1d:b4:9c:5c:
12:d8:ea:40:fe:2f:84:e7:eb:41:38:bf:d9:eb:f1:24:fd:b5:
18:ac:cf:c1:b4:b7:55:8a:3f:fd:56:c9:ab:26:6b:3f:f4:e1:
c9:b9:be:23:26:d8:15:1e:70:9f:5d:6e:3b:15:be:a8:84:08:
b0:54:64:aa:79:56:55:2a:e2:31:5c:14:fd:45:8d:5a:e2:99:
18:cb:71:c0:46:3a:7a:a7:b4:33:df:42:7a:05:d6:05:1e:1c:
80:7e:65:9c:29:34:45:e0:b3:26:d9:23:5f:80:58:37:9a:04:
a3:0e:2f:bd:38:9a:bf:0d:9f:d9:7c:0a:6f:30:b6:0c:01:d6:
0a:c5:cf:5b:3c:b7:85:7e:c4:b6:6e:5c:af:ba:9a:e7:35:ba:
b9:3a:67:6a:5b:5e:c8:0f:68:de:0c:9b:79:1e:67:b0:dd:7e:
b0:11:01:e2:57:4a:a0:53:91:c9:56:04:0c:0e:44:f6:25:0d:
7b:5d:b7:57:75:81:65:c3:aa:7b:03:07:2d:17:a6:ab:c5:a8:
9c:2b:71:ba:c2:a4:7d:47:79:14:11:7e:e9:13:10:34:a8:96:
9b:47:c8:a3:63:f9:1c:dc:fe:15:16:e1:5f:9a:06:37:b6:77:
96:f4:63:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs5nKt7e+Ff+Pa8UH/mu5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzI1NWUxZjY1OTc1NzQ4ODgyNTNhNjEyYzAxYzUzMzQyZWVlODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgg+G+0+hTS2tDUvkWEXywFfFnOdk
oajltiJX5wJ9xITj4ou1tNSbrKqANRY9SiO3RNDT0rTk1ADvWczCS9a6U9Apmk7x
QqZuRCk82YWYsx5LL51uUun8AZ6kmYhnRKslO56ECTx7XM6FFKAAzqJCXodKOWJ0
mBruRRfE0w8/ZR+nKZkvme4O5PNkLnQPpSAp3tQp03KVl97QJUtR3CxjCrFKhOyt
IKZFqNakw5V1kE1FCh6tUnTVu0By/ol7X19RpbI6beVMPs+Md9T55SUZ8A9kCN6n
WJonZyC69kTDTavYhHC/ObFFjO56AkP0yJ27BpPkZHJ/k5ndqfjlw6nvxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEclXh9ll1dIiCU6YSwBxTNC7uiRMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvUnlWZUgyV1hWMGlJSlRwaExBSEZNMEx1NkpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXyvYMA0G
CSqGSIb3DQEBCwUAA4IBAQA1lTAQNZEyrYakTLfF3x20nFwS2OpA/i+E5+tBOL/Z
6/Ek/bUYrM/BtLdVij/9VsmrJms/9OHJub4jJtgVHnCfXW47Fb6ohAiwVGSqeVZV
KuIxXBT9RY1a4pkYy3HARjp6p7Qz30J6BdYFHhyAfmWcKTRF4LMm2SNfgFg3mgSj
Di+9OJq/DZ/ZfApvMLYMAdYKxc9bPLeFfsS2blyvuprnNbq5OmdqW17ID2jeDJt5
Hmew3X6wEQHiV0qgU5HJVgQMDkT2JQ17XbdXdYFlw6p7AwctF6arxaicK3G6wqR9
R3kUEX7pExA0qJabR8ijY/kc3P4VFuFfmgY3tneW9GPl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:46 2025 by rpki-client