Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ksODTPj4gDySQhIokmG7eNBsOf4.roa
File: ksODTPj4gDySQhIokmG7eNBsOf4.roa (raw, json)
Hash identifier: 1AdhLkcMsACT6PPKWzWzyL8Xld8n6z6OYAQeWtOzT6c=
Subject key identifier: 92:C3:83:4C:F8:F8:80:3C:92:42:12:28:92:61:BB:78:D0:6C:39:FE
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01856CE65740D115A490076A23431EF132E2
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ksODTPj4gDySQhIokmG7eNBsOf4.roa
Signing time: Sun 01 Jan 2023 10:35:13 +0000
ROA not before: Sun 01 Jan 2023 10:35:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39163
IP address blocks: 213.91.197.0/24 maxlen: 24
95.43.201.0/24 maxlen: 24
62.176.120.0/24 maxlen: 24
95.43.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:e6:57:40:d1:15:a4:90:07:6a:23:43:1e:f1:32:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 10:35:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92c3834cf8f8803c924212289261bb78d06c39fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bb:ae:40:1e:50:17:cb:42:c0:88:ed:96:24:
73:ab:27:93:9a:b9:b1:60:1f:dd:52:ea:bd:82:96:
2b:56:8e:e3:b8:08:26:0e:d7:a3:f1:7e:62:00:72:
54:5a:e4:fa:12:a2:1c:d3:67:80:92:98:3d:f7:e6:
39:00:e1:9c:27:f0:f3:13:aa:02:e0:ce:17:da:68:
d7:cf:9c:16:c9:51:2c:a3:be:63:2d:a2:c4:b0:50:
4a:4d:d9:46:6d:ae:90:2b:d1:f0:1d:2e:f3:dc:80:
b9:92:b4:ef:9a:f2:ec:93:8c:03:a0:62:b7:a9:55:
03:4a:54:ee:5a:e4:bc:25:e8:6e:1c:5e:25:5f:7d:
87:cf:41:c7:32:d7:77:dd:36:9a:53:f9:0b:c4:9c:
3b:f9:81:5a:4b:73:f2:bc:8d:e8:fb:7b:ea:79:a7:
88:a3:07:c7:69:12:9d:4b:ef:78:18:18:79:3a:c4:
32:05:72:f5:15:58:0d:87:23:b5:5b:da:f7:97:0a:
b1:46:59:8f:bc:ee:6a:91:03:d8:7a:5a:96:e7:12:
71:48:c5:32:5a:a8:79:37:f7:ce:fc:e9:dd:cb:d4:
cf:bc:dd:8a:5f:2c:a4:2f:cf:4e:59:5f:1b:98:5b:
12:81:48:31:60:7e:4e:d7:b5:b7:73:58:bc:e1:d0:
3f:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C3:83:4C:F8:F8:80:3C:92:42:12:28:92:61:BB:78:D0:6C:39:FE
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/ksODTPj4gDySQhIokmG7eNBsOf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.176.120.0/24
95.43.201.0/24
95.43.251.0/24
213.91.197.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:d2:80:e7:73:04:a6:af:c3:47:ce:f0:85:5c:39:d6:e5:40:
05:31:73:3a:3b:9b:18:ce:d8:65:5c:13:b7:23:58:90:f7:8a:
d9:c1:4d:1c:0b:68:54:43:b5:5c:2a:e4:ac:68:c4:1c:62:e5:
74:0e:ee:21:5a:0b:b1:cc:75:a8:cd:85:3c:a4:d0:d2:2c:04:
1a:ea:43:8f:2f:7b:8a:c5:f5:92:04:df:1e:a4:d0:8d:13:99:
0d:41:d3:40:89:59:a5:7c:54:6e:60:5d:24:e2:1e:e5:1c:d3:
e7:ab:71:9c:62:f5:88:fc:e5:2b:61:98:0e:a4:c6:c6:5c:73:
42:e6:d0:fd:7f:ba:2d:2d:fc:aa:e7:61:28:52:df:01:a6:c3:
8a:ae:87:ee:84:4b:33:f8:e8:ba:d1:4e:af:95:48:16:3d:3e:
14:83:13:57:8f:3f:2c:cb:81:eb:3b:3f:21:75:e0:8a:c1:7c:
e5:2d:37:1a:ac:ed:18:6f:5c:0e:02:c3:32:43:96:d3:7a:7d:
9c:d8:37:f6:1b:b5:d9:8a:f6:08:83:e5:7a:c9:f3:f7:d2:cc:
bb:ad:bb:ba:06:42:6c:2f:12:d1:f3:7a:ee:b1:3f:06:3b:11:
4e:bf:ef:90:e7:3d:5f:c1:05:f3:b3:5b:4b:7b:3e:d2:b5:00:
37:93:78:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVs5ldA0RWkkAdqI0Me8TLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjMwMTAxMTAzNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmMzODM0Y2Y4Zjg4MDNjOTI0MjEyMjg5MjYxYmI3OGQwNmMzOWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7uuQB5QF8tCwIjtliRzqyeTmrmx
YB/dUuq9gpYrVo7juAgmDtej8X5iAHJUWuT6EqIc02eAkpg99+Y5AOGcJ/DzE6oC
4M4X2mjXz5wWyVEso75jLaLEsFBKTdlGba6QK9HwHS7z3IC5krTvmvLsk4wDoGK3
qVUDSlTuWuS8JehuHF4lX32Hz0HHMtd33TaaU/kLxJw7+YFaS3PyvI3o+3vqeaeI
owfHaRKdS+94GBh5OsQyBXL1FVgNhyO1W9r3lwqxRlmPvO5qkQPYelqW5xJxSMUy
Wqh5N/fO/Ondy9TPvN2KXyykL89OWV8bmFsSgUgxYH5O17W3c1i84dA/iwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJLDg0z4+IA8kkISKJJhu3jQbDn+MB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEva3NPRFRQajRnRHlTUWhJb2ttRzdlTkJzT2Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPrB4AwQA
XyvJAwQAXyv7AwQA1VvFMA0GCSqGSIb3DQEBCwUAA4IBAQCO0oDncwSmr8NHzvCF
XDnW5UAFMXM6O5sYzthlXBO3I1iQ94rZwU0cC2hUQ7VcKuSsaMQcYuV0Du4hWgux
zHWozYU8pNDSLAQa6kOPL3uKxfWSBN8epNCNE5kNQdNAiVmlfFRuYF0k4h7lHNPn
q3GcYvWI/OUrYZgOpMbGXHNC5tD9f7otLfyq52EoUt8BpsOKrofuhEsz+Oi60U6v
lUgWPT4UgxNXjz8sy4HrOz8hdeCKwXzlLTcarO0Yb1wOAsMyQ5bTen2c2Df2G7XZ
ivYIg+V6yfP30sy7rbu6BkJsLxLR83rusT8GOxFOv++Q5z1fwQXzs1tLez7StQA3
k3gC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:39 2025 by rpki-client