Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/1-egtgyYsF4_tv9d4kihihygi8YU.roa
File: 1-egtgyYsF4_tv9d4kihihygi8YU.roa (raw, json)
Hash identifier: 1/s8L5WV8gGEA11qeTw7BWRXXWoSVj0OzoaSxhonJ8c=
Subject key identifier: F9:E8:2D:83:26:2C:17:8F:ED:BF:D7:78:92:28:62:87:28:22:F1:85
Certificate issuer: /CN=0b1b318e5057a1c10341607cddddadb46d71abf5
Certificate serial: 08D312ED
Authority key identifier: 0B:1B:31:8E:50:57:A1:C1:03:41:60:7C:DD:DD:AD:B4:6D:71:AB:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxsxjlBXocEDQWB83d2ttG1xq_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/1-egtgyYsF4_tv9d4kihihygi8YU.roa
Signing time: Sat 01 Jan 2022 12:02:22 +0000
ROA not before: Sat 01 Jan 2022 12:02:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42160
IP address blocks: 81.95.112.0/24 maxlen: 24
81.95.112.0/22 maxlen: 24
81.95.118.0/23 maxlen: 23
81.95.117.0/24 maxlen: 24
81.95.116.0/24 maxlen: 24
81.95.112.0/20 maxlen: 20
81.95.124.0/22 maxlen: 22
81.95.122.0/23 maxlen: 23
81.95.120.0/23 maxlen: 23
185.55.92.0/22 maxlen: 22
193.110.248.0/23 maxlen: 23
193.110.248.0/21 maxlen: 21
193.110.252.0/22 maxlen: 22
193.110.250.0/23 maxlen: 23
2a02:5940::/32 maxlen: 34
2a02:5940:c000::/34 maxlen: 34
2a02:5940:8000::/34 maxlen: 34
2a02:5940:4000::/34 maxlen: 34
2a02:5940::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148050669 (0x8d312ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1b318e5057a1c10341607cddddadb46d71abf5
Validity
Not Before: Jan 1 12:02:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9e82d83262c178fedbfd778922862872822f185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c7:7a:67:33:4b:0c:6e:04:42:d1:dc:95:22:
d9:ca:40:5b:15:1e:bb:ce:24:28:35:fd:b6:cb:0e:
8a:62:14:68:50:88:bd:78:7b:99:2c:10:8c:70:39:
e0:f2:42:ea:76:2b:ae:46:6b:8e:47:4b:1f:3b:b7:
5a:82:55:57:3a:40:02:0f:2a:da:2c:50:5e:96:bf:
32:11:93:7d:14:2c:ba:24:b3:4b:ea:83:fd:97:53:
89:a9:d3:80:e3:72:33:ac:4e:d0:2e:0e:01:ed:6d:
bb:bb:50:85:bf:21:de:c8:76:f1:e6:68:c9:8a:25:
67:ce:09:03:a2:5c:d9:32:c8:85:c7:0b:4f:16:34:
aa:58:9e:98:a8:4a:c1:6c:6b:ce:84:0b:12:19:10:
ea:9e:3f:a8:f4:ee:bf:1d:c1:f7:c0:e9:07:26:3d:
d9:72:0c:07:b5:3e:dc:f8:d4:6b:3b:e6:f1:8b:e9:
13:d4:94:6e:77:29:c6:32:92:9c:01:c1:fc:1b:99:
38:01:72:56:ef:08:fc:ab:dc:c2:f7:3b:a7:02:65:
f9:2f:20:9b:6e:9d:ae:b0:15:74:42:e8:bb:ec:33:
ea:81:9d:99:e7:f6:56:70:9a:fb:0a:c7:62:97:14:
df:86:f7:05:11:c9:7e:ef:6a:3a:f9:8c:ff:03:e7:
da:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E8:2D:83:26:2C:17:8F:ED:BF:D7:78:92:28:62:87:28:22:F1:85
X509v3 Authority Key Identifier:
keyid:0B:1B:31:8E:50:57:A1:C1:03:41:60:7C:DD:DD:AD:B4:6D:71:AB:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxsxjlBXocEDQWB83d2ttG1xq_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/1-egtgyYsF4_tv9d4kihihygi8YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/CxsxjlBXocEDQWB83d2ttG1xq_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.112.0/20
185.55.92.0/22
193.110.248.0/21
IPv6:
2a02:5940::/32
Signature Algorithm: sha256WithRSAEncryption
1b:65:42:71:ab:43:e6:9d:00:ad:43:f5:64:3a:38:1f:1d:a9:
22:b7:ec:30:1d:5d:9a:7d:ec:aa:83:3b:5a:ba:d3:aa:33:36:
23:f8:85:1b:ce:ee:94:28:bc:10:82:36:45:59:c6:9b:83:9c:
95:7d:00:c1:61:5e:99:0c:8e:f2:6c:8b:1b:d4:4b:72:68:9d:
a8:eb:0c:2f:2a:40:00:39:37:a0:8b:f8:c4:08:db:38:9e:cd:
ad:f5:4b:d7:7e:b3:15:6b:4f:cc:7a:17:bc:f6:e5:ec:ad:bd:
07:cb:f4:28:27:53:fa:ee:e0:43:fd:d6:ba:d9:45:f2:92:e1:
6b:ae:2a:ad:48:db:a7:89:bc:07:5b:9b:1d:95:d6:ea:82:b2:
54:0f:8b:0b:47:ee:45:98:0f:c1:52:f3:03:5a:b5:21:0c:cb:
e8:99:f0:3d:6f:99:2f:2b:a2:b5:93:57:f0:ab:5a:e9:32:7e:
ef:33:2d:bb:9b:fa:6b:0c:b4:3e:53:4a:e1:b7:57:43:c9:17:
a7:c9:e3:30:96:fb:f1:a8:3c:c2:85:4e:73:8a:2d:9f:1c:43:
61:f9:e6:f9:08:eb:10:ae:29:03:27:0a:8b:5f:16:83:ff:60:
0d:61:70:3e:8c:e9:3c:7e:98:35:ef:ed:a2:fd:04:8e:cf:d2:
81:4f:c3:d9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECNMS7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjFiMzE4ZTUwNTdhMWMxMDM0MTYwN2NkZGRkYWRiNDZkNzFhYmY1MB4XDTIyMDEw
MTEyMDIyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjllODJkODMyNjJj
MTc4ZmVkYmZkNzc4OTIyODYyODcyODIyZjE4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHHemczSwxuBELR3JUi2cpAWxUeu84kKDX9tssOimIUaFCI
vXh7mSwQjHA54PJC6nYrrkZrjkdLHzu3WoJVVzpAAg8q2ixQXpa/MhGTfRQsuiSz
S+qD/ZdTianTgONyM6xO0C4OAe1tu7tQhb8h3sh28eZoyYolZ84JA6Jc2TLIhccL
TxY0qliemKhKwWxrzoQLEhkQ6p4/qPTuvx3B98DpByY92XIMB7U+3PjUazvm8Yvp
E9SUbncpxjKSnAHB/BuZOAFyVu8I/Kvcwvc7pwJl+S8gm26drrAVdELou+wz6oGd
mef2VnCa+wrHYpcU34b3BRHJfu9qOvmM/wPn2n8CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBT56C2DJiwXj+2/13iSKGKHKCLxhTAfBgNVHSMEGDAWgBQLGzGOUFehwQNB
YHzd3a20bXGr9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0N4c3hqbEJYb2NFRFFXQjgzZDJ0dEcxeHFfVS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvNGI0ZGY3LWQ3MmItNDc0Zi05NjNmLTU5ZTZhNmQ0ZDU3Ni8x
LzEtZWd0Z3lZc0Y0X3R2OWQ0a2loaWh5Z2k4WVUucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5
LzRiNGRmNy1kNzJiLTQ3NGYtOTYzZi01OWU2YTZkNGQ1NzYvMS9DeHN4amxCWG9j
RURRV0I4M2QydHRHMXhxX1UuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
OgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBARRX3ADBAK5N1wDBAPBbvgwDQQC
AAIwBwMFACoCWUAwDQYJKoZIhvcNAQELBQADggEBABtlQnGrQ+adAK1D9WQ6OB8d
qSK37DAdXZp97KqDO1q606ozNiP4hRvO7pQovBCCNkVZxpuDnJV9AMFhXpkMjvJs
ixvUS3JonajrDC8qQAA5N6CL+MQI2zieza31S9d+sxVrT8x6F7z25eytvQfL9Cgn
U/ru4EP91rrZRfKS4WuuKq1I26eJvAdbmx2V1uqCslQPiwtH7kWYD8FS8wNatSEM
y+iZ8D1vmS8rorWTV/CrWukyfu8zLbub+msMtD5TSuG3V0PJF6fJ4zCW+/GoPMKF
TnOKLZ8cQ2H55vkI6xCuKQMnCotfFoP/YA1hcD6M6Tx+mDXv7aL9BI7P0oFPw9k=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:17:49 2025 by rpki-client