Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/sO6bw2-pU16N2_cZGwh7waHaxH0.roa
File: sO6bw2-pU16N2_cZGwh7waHaxH0.roa (raw, json)
Hash identifier: dYgPLqd4xVIf2GQlc9NGXKuNYhXq5c9Sgoz1LrGE75U=
Subject key identifier: B0:EE:9B:C3:6F:A9:53:5E:8D:DB:F7:19:1B:08:7B:C1:A1:DA:C4:7D
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 1802C85B
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/sO6bw2-pU16N2_cZGwh7waHaxH0.roa
Signing time: Sat 01 Jan 2022 04:00:31 +0000
ROA not before: Sat 01 Jan 2022 04:00:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197236
IP address blocks: 95.43.229.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 402835547 (0x1802c85b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 1 04:00:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0ee9bc36fa9535e8ddbf7191b087bc1a1dac47d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:61:60:53:42:9c:23:8e:58:74:8f:b1:99:fd:
ab:d0:8f:39:d4:d2:07:dc:1a:b3:67:e3:c2:12:a8:
a9:0a:58:89:50:67:ac:7d:d3:77:be:46:4b:d5:73:
da:b9:ae:14:19:06:f4:4a:05:d1:9f:2e:25:9b:d7:
16:d7:0b:e7:66:17:50:8b:58:ee:2b:70:55:07:ea:
2f:8a:32:05:76:cc:65:b6:3c:fb:90:70:55:5a:85:
83:80:9b:57:93:5e:1d:51:87:88:1f:d6:f9:c6:31:
33:15:2c:cd:91:7c:6d:c6:e5:60:c9:b8:94:72:7a:
a8:43:52:a0:43:a1:f9:46:6a:1c:7d:54:21:81:a4:
f2:ff:0d:a0:e0:c0:a1:67:a5:5e:8b:7c:8e:4c:08:
80:b9:e5:d9:a0:19:85:bd:88:89:d8:fb:15:24:d3:
62:34:9e:78:64:46:d0:bc:75:c9:ac:00:17:7d:b3:
6b:e8:22:60:c8:cc:78:e3:37:73:84:6f:8f:00:41:
ec:13:91:76:af:02:bd:47:9a:ab:aa:7f:a0:1a:38:
4f:39:29:b8:e1:a5:33:99:9d:51:f2:8a:85:92:65:
7c:41:95:65:c0:b3:fe:0c:db:8e:7c:dc:06:79:c9:
b9:3f:41:ea:cb:4d:96:5d:06:20:6d:70:6a:15:08:
ff:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:EE:9B:C3:6F:A9:53:5E:8D:DB:F7:19:1B:08:7B:C1:A1:DA:C4:7D
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/sO6bw2-pU16N2_cZGwh7waHaxH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.43.229.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:e0:02:7b:89:bd:a9:dc:5c:b4:b0:9d:8f:71:80:b2:57:34:
dd:8b:c7:1d:4d:3a:da:77:12:bf:24:d2:64:08:6b:2b:30:5b:
a4:d8:51:3d:3c:74:d3:a5:51:1c:ab:c9:f1:c4:f8:37:10:45:
8d:87:76:c4:fc:fd:20:fa:94:b9:b2:9c:c7:39:5d:eb:0c:2e:
21:47:9d:f4:b1:32:54:7b:ea:18:ad:3f:fa:49:3a:b6:86:3e:
59:c7:44:10:ad:83:62:24:0c:16:b2:b3:75:fd:af:9f:d7:b5:
00:36:dc:f0:a6:32:a0:d6:dd:5b:7b:35:66:83:f5:64:cd:5b:
26:a2:ec:98:aa:43:07:e6:1b:11:71:0a:71:7d:f3:5f:96:23:
35:4c:e0:d2:d8:d5:15:4a:c7:70:ab:36:0e:41:d8:04:4d:bc:
8e:85:72:78:22:81:cf:7c:55:76:be:ba:aa:8a:f4:71:b6:f0:
11:2a:b3:7b:d7:fc:19:d0:f9:28:c2:b9:40:d7:84:fe:0b:27:
e4:69:4b:43:55:e7:da:ef:f9:2f:ac:dd:5a:21:c5:d5:f5:91:
9a:44:1b:95:2c:e8:7c:1d:8e:89:75:99:8c:a4:a2:ca:da:88:
0f:46:c4:c1:38:e4:3a:10:89:57:53:10:0f:86:41:9c:a3:47:
1d:a6:b5:cc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGALIWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDEw
MTA0MDAzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBlZTliYzM2ZmE5
NTM1ZThkZGJmNzE5MWIwODdiYzFhMWRhYzQ3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPFhYFNCnCOOWHSPsZn9q9CPOdTSB9was2fjwhKoqQpYiVBn
rH3Td75GS9Vz2rmuFBkG9EoF0Z8uJZvXFtcL52YXUItY7itwVQfqL4oyBXbMZbY8
+5BwVVqFg4CbV5NeHVGHiB/W+cYxMxUszZF8bcblYMm4lHJ6qENSoEOh+UZqHH1U
IYGk8v8NoODAoWelXot8jkwIgLnl2aAZhb2Iidj7FSTTYjSeeGRG0Lx1yawAF32z
a+giYMjMeOM3c4RvjwBB7BORdq8CvUeaq6p/oBo4TzkpuOGlM5mdUfKKhZJlfEGV
ZcCz/gzbjnzcBnnJuT9B6stNll0GIG1wahUI/60CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSw7pvDb6lTXo3b9xkbCHvBodrEfTAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L3NPNmJ3Mi1wVTE2TjJfY1pHd2g3d2FIYXhIMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF8r5TANBgkqhkiG9w0BAQsFAAOC
AQEAb+ACe4m9qdxctLCdj3GAslc03YvHHU062ncSvyTSZAhrKzBbpNhRPTx006VR
HKvJ8cT4NxBFjYd2xPz9IPqUubKcxzld6wwuIUed9LEyVHvqGK0/+kk6toY+WcdE
EK2DYiQMFrKzdf2vn9e1ADbc8KYyoNbdW3s1ZoP1ZM1bJqLsmKpDB+YbEXEKcX3z
X5YjNUzg0tjVFUrHcKs2DkHYBE28joVyeCKBz3xVdr66qor0cbbwESqze9f8GdD5
KMK5QNeE/gsn5GlLQ1Xn2u/5L6zdWiHF1fWRmkQblSzofB2OiXWZjKSiytqID0bE
wTjkOhCJV1MQD4ZBnKNHHaa1zA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:49 2025 by rpki-client