Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/RHnjSpw6LbTmAUlPFWudwBCuQ9s.roa
File: RHnjSpw6LbTmAUlPFWudwBCuQ9s.roa (raw, json)
Hash identifier: sYQt1cl3S3iKQSu1iyXb3x+ldda/PlJkLkSZAn62Cy0=
Subject key identifier: 44:79:E3:4A:9C:3A:2D:B4:E6:01:49:4F:15:6B:9D:C0:10:AE:43:DB
Certificate issuer: /CN=72098efaae8063cacecc4f1c1a0b64483bb69503
Certificate serial: 0C97F405
Authority key identifier: 72:09:8E:FA:AE:80:63:CA:CE:CC:4F:1C:1A:0B:64:48:3B:B6:95:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgmO-q6AY8rOzE8cGgtkSDu2lQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/RHnjSpw6LbTmAUlPFWudwBCuQ9s.roa
Signing time: Fri 22 Apr 2022 13:11:33 +0000
ROA not before: Fri 22 Apr 2022 13:11:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2593
IP address blocks: 95.140.128.0/21 maxlen: 21
185.213.114.0/24 maxlen: 24
185.213.113.0/24 maxlen: 24
2001:7f8:5f::/48 maxlen: 48
2a09:8d00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211284997 (0xc97f405)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72098efaae8063cacecc4f1c1a0b64483bb69503
Validity
Not Before: Apr 22 13:11:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4479e34a9c3a2db4e601494f156b9dc010ae43db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d6:a1:e5:af:52:d6:d6:59:30:08:48:74:b1:
d9:29:48:2f:cb:01:a4:99:b6:35:ee:ed:06:e2:a9:
3a:c1:56:7d:16:56:aa:ac:44:d4:69:f8:b9:5e:da:
04:46:63:d4:58:fe:b3:57:e9:94:fe:c1:7d:27:d8:
c6:34:d9:1c:53:c4:3d:bb:40:d2:d4:11:f8:e8:5d:
a8:90:4e:5f:e9:d9:4f:78:ba:7d:c2:65:60:c7:9e:
f5:4c:59:f8:c9:53:ba:d7:0f:39:d4:37:76:6a:35:
27:06:c1:e6:65:6e:d0:a8:8c:09:2e:b4:83:9b:cd:
9a:f5:9e:b3:b5:3d:6d:52:da:90:db:c7:50:c2:f7:
71:1b:a1:7e:69:e6:ae:1b:37:ae:e8:90:23:d3:e7:
86:58:0c:2e:5d:f1:41:17:f3:c6:e1:45:5f:22:df:
03:b7:42:d0:3f:5c:a7:94:21:9e:b3:07:4f:12:e6:
75:0f:89:eb:4f:de:32:31:5d:d6:d7:ab:96:6f:43:
9c:5e:84:34:54:f9:65:5d:dd:ce:24:4a:87:14:7b:
a4:c3:4a:1c:bb:d2:6c:ff:86:0a:05:08:e6:90:3d:
e8:9d:9e:7b:85:6a:37:28:94:16:36:a0:1c:80:f2:
87:97:1a:36:27:a1:53:95:7e:67:11:43:26:5b:63:
b8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:79:E3:4A:9C:3A:2D:B4:E6:01:49:4F:15:6B:9D:C0:10:AE:43:DB
X509v3 Authority Key Identifier:
keyid:72:09:8E:FA:AE:80:63:CA:CE:CC:4F:1C:1A:0B:64:48:3B:B6:95:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgmO-q6AY8rOzE8cGgtkSDu2lQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/RHnjSpw6LbTmAUlPFWudwBCuQ9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/cgmO-q6AY8rOzE8cGgtkSDu2lQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.128.0/21
185.213.113.0-185.213.114.255
IPv6:
2001:7f8:5f::/48
2a09:8d00::/29
Signature Algorithm: sha256WithRSAEncryption
dc:8d:4f:1c:33:60:38:77:c2:8c:fa:60:a6:6f:47:90:f7:9d:
61:ea:e6:b7:4d:71:0a:32:a3:85:e9:82:9d:29:12:f1:80:fa:
67:2f:82:62:c3:01:9b:fe:c3:4a:bc:ec:43:b7:48:27:8e:ba:
b8:c0:be:b6:c7:50:94:88:08:9c:ab:47:39:85:aa:7a:25:a1:
83:8b:7b:9b:c0:8e:aa:3c:cf:a9:91:bb:d2:d6:99:c8:f1:a9:
6a:a4:98:6f:5d:80:2b:0f:dd:68:40:e6:da:00:b5:2e:af:47:
18:01:d8:6c:52:5d:19:c2:ee:3a:a7:1e:80:09:56:3d:08:43:
64:f8:84:e7:33:58:eb:7d:09:31:f5:fa:0b:be:84:38:36:17:
0c:4c:ce:d6:25:17:20:cb:ef:f9:6f:02:1c:60:73:57:4b:e1:
1f:4b:35:c4:1d:46:95:bc:e0:58:c3:98:40:0f:e3:c0:37:77:
46:6f:bd:21:ef:d6:49:ba:8a:24:9f:fa:2f:f2:d5:47:8e:eb:
41:27:4b:b2:0c:d2:5a:a9:65:ca:a1:f9:59:60:81:00:03:33:
f6:9b:e0:a4:db:03:41:1f:28:46:91:38:93:4f:b7:6f:c6:9d:
11:48:0c:ea:de:8d:c3:b4:da:92:d4:cf:5c:4b:94:fd:b8:7a:
d5:f1:e5:ca
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEDJf0BTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjA5OGVmYWFlODA2M2NhY2VjYzRmMWMxYTBiNjQ0ODNiYjY5NTAzMB4XDTIyMDQy
MjEzMTEzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ3OWUzNGE5YzNh
MmRiNGU2MDE0OTRmMTU2YjlkYzAxMGFlNDNkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJnWoeWvUtbWWTAISHSx2SlIL8sBpJm2Ne7tBuKpOsFWfRZW
qqxE1Gn4uV7aBEZj1Fj+s1fplP7BfSfYxjTZHFPEPbtA0tQR+OhdqJBOX+nZT3i6
fcJlYMee9UxZ+MlTutcPOdQ3dmo1JwbB5mVu0KiMCS60g5vNmvWes7U9bVLakNvH
UML3cRuhfmnmrhs3ruiQI9PnhlgMLl3xQRfzxuFFXyLfA7dC0D9cp5QhnrMHTxLm
dQ+J60/eMjFd1terlm9DnF6ENFT5ZV3dziRKhxR7pMNKHLvSbP+GCgUI5pA96J2e
e4VqNyiUFjagHIDyh5caNiehU5V+ZxFDJltjuK8CAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBREeeNKnDottOYBSU8Va53AEK5D2zAfBgNVHSMEGDAWgBRyCY76roBjys7M
TxwaC2RIO7aVAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NnbU8tcTZBWThyT3pFOGNHZ3RrU0R1MmxRTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvYjRkYWY2LTQ0OGQtNGYzZS05NDRhLTU3M2NhNWE2MDljMC8x
L1JIbmpTcHc2TGJUbUFVbFBGV3Vkd0JDdVE5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
YjRkYWY2LTQ0OGQtNGYzZS05NDRhLTU3M2NhNWE2MDljMC8xL2NnbU8tcTZBWThy
T3pFOGNHZ3RrU0R1MmxRTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGgQCAAEwFAMEA1+MgDAMAwQAudVxAwQAudVyMBYE
AgACMBADBwAgAQf4AF8DBQMqCY0AMA0GCSqGSIb3DQEBCwUAA4IBAQDcjU8cM2A4
d8KM+mCmb0eQ951h6ua3TXEKMqOF6YKdKRLxgPpnL4JiwwGb/sNKvOxDt0gnjrq4
wL62x1CUiAicq0c5hap6JaGDi3ubwI6qPM+pkbvS1pnI8alqpJhvXYArD91oQOba
ALUur0cYAdhsUl0Zwu46px6ACVY9CENk+ITnM1jrfQkx9foLvoQ4NhcMTM7WJRcg
y+/5bwIcYHNXS+EfSzXEHUaVvOBYw5hAD+PAN3dGb70h79ZJuookn/ov8tVHjutB
J0uyDNJaqWXKoflZYIEAAzP2m+Ck2wNBHyhGkTiTT7dvxp0RSAzq3o3DtNqS1M9c
S5T9uHrV8eXK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:19 2025 by rpki-client