Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/gO4KhwGJAag_a93t4FMjYCIKLXw.roa
File: gO4KhwGJAag_a93t4FMjYCIKLXw.roa (raw, json)
Hash identifier: n9kbibEWzmgy3y2SuqVdK5QvK1f9MuO1yFdB/olAXcM=
Subject key identifier: 80:EE:0A:87:01:89:01:A8:3F:6B:DD:ED:E0:53:23:60:22:0A:2D:7C
Certificate issuer: /CN=32536254b3e74900675bc6ebd50ae825828b9a76
Certificate serial: 0185715E8FC3474B71315D15E1AD4201221D
Authority key identifier: 32:53:62:54:B3:E7:49:00:67:5B:C6:EB:D5:0A:E8:25:82:8B:9A:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlNiVLPnSQBnW8br1QroJYKLmnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/gO4KhwGJAag_a93t4FMjYCIKLXw.roa
Signing time: Mon 02 Jan 2023 07:25:00 +0000
ROA not before: Mon 02 Jan 2023 07:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35086
IP address blocks: 185.95.141.0/24 maxlen: 24
185.95.140.0/24 maxlen: 24
185.95.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:5e:8f:c3:47:4b:71:31:5d:15:e1:ad:42:01:22:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32536254b3e74900675bc6ebd50ae825828b9a76
Validity
Not Before: Jan 2 07:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80ee0a87018901a83f6bddede0532360220a2d7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:35:97:a9:59:a1:12:d8:b1:30:e5:be:04:42:
35:cd:50:ba:8e:4a:f4:28:2d:ec:a9:18:29:e2:78:
d9:63:14:32:d9:13:cb:b9:51:b2:c5:26:bc:fa:c4:
69:20:d2:0f:00:68:dd:7c:9c:26:49:27:a4:d5:24:
34:31:7a:13:ed:7d:96:2c:35:fe:5c:1c:2b:7a:8d:
47:80:a8:1b:03:8f:29:93:df:d6:6f:ef:dc:1f:89:
f0:47:f6:a5:2c:1b:e5:2b:29:ea:2b:c0:1f:2d:43:
0a:34:1d:4b:cb:87:5d:63:d7:1b:c1:a9:ca:30:c8:
3f:0e:0f:7c:ac:7f:82:4e:ee:2c:32:a9:ba:dd:39:
4c:d1:e6:26:db:82:75:b3:5e:aa:f1:74:5e:31:a5:
8b:63:bd:93:d4:dc:a8:22:2f:a3:11:31:e9:50:c8:
32:32:6c:93:5a:12:a6:ea:c3:2b:db:e6:03:2c:9b:
c5:e6:10:7d:3f:d3:7a:19:b2:84:e5:ee:27:92:e1:
5f:06:c9:cf:18:90:02:de:b7:d0:56:05:4f:fb:a8:
a2:1e:8d:c9:3e:d5:e5:6c:b3:96:11:b9:8d:e1:55:
6a:0d:17:38:6c:4b:78:95:46:53:55:96:3b:81:0f:
2a:57:0c:ae:68:8d:dd:12:56:7f:9d:52:97:1d:15:
a0:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:EE:0A:87:01:89:01:A8:3F:6B:DD:ED:E0:53:23:60:22:0A:2D:7C
X509v3 Authority Key Identifier:
keyid:32:53:62:54:B3:E7:49:00:67:5B:C6:EB:D5:0A:E8:25:82:8B:9A:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlNiVLPnSQBnW8br1QroJYKLmnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/gO4KhwGJAag_a93t4FMjYCIKLXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/96d730-38ef-4b21-b1fe-a57d488744c2/1/MlNiVLPnSQBnW8br1QroJYKLmnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.140.0-185.95.142.255
Signature Algorithm: sha256WithRSAEncryption
44:72:03:81:ef:7c:7a:5e:7a:2e:b7:c3:fc:5e:38:9c:d9:86:
a5:69:a6:b9:9e:eb:c6:5b:a3:ba:a2:fd:74:68:18:9c:39:40:
a5:e3:95:4e:6a:15:4b:26:39:46:11:85:8f:4b:e7:30:90:09:
dc:51:ec:d4:62:93:84:e2:1f:f3:92:58:f6:de:5a:e9:6c:8e:
bc:c4:25:4d:cb:82:c9:71:f8:b9:b4:7b:b2:27:fc:35:89:a0:
2a:30:48:e9:11:a8:f9:45:bb:26:ae:08:bf:b9:f1:0d:5f:f6:
fd:5d:04:e6:87:48:77:79:1a:e2:ee:5d:39:89:9d:ac:a3:9b:
56:75:64:33:c9:02:77:e9:01:92:21:f4:8e:da:7c:bb:c1:7f:
75:4b:e0:c8:e4:2f:5a:1f:33:ba:ac:9b:c4:ac:ae:b8:42:5a:
85:a9:c3:53:40:fb:2a:2f:29:9f:56:94:f1:63:8c:45:99:e6:
db:59:da:58:a1:33:30:1f:f4:df:b8:06:b8:09:ad:91:68:96:
b7:ba:be:e8:5c:44:5f:af:41:17:c1:e7:36:2d:c1:c6:08:9b:
7f:dd:16:aa:19:d3:54:8c:e0:75:8a:73:ae:28:f3:c3:db:2b:
d2:06:d0:53:b6:bc:e1:96:06:a3:e4:e7:24:42:eb:4b:f5:f4:
41:b4:86:b6
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxXo/DR0txMV0V4a1CASIdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTM2MjU0YjNlNzQ5MDA2NzViYzZlYmQ1MGFlODI1ODI4
YjlhNzYwHhcNMjMwMTAyMDcyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGVlMGE4NzAxODkwMWE4M2Y2YmRkZWRlMDUzMjM2MDIyMGEyZDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjWXqVmhEtixMOW+BEI1zVC6jkr0
KC3sqRgp4njZYxQy2RPLuVGyxSa8+sRpINIPAGjdfJwmSSek1SQ0MXoT7X2WLDX+
XBwreo1HgKgbA48pk9/Wb+/cH4nwR/alLBvlKynqK8AfLUMKNB1Ly4ddY9cbwanK
MMg/Dg98rH+CTu4sMqm63TlM0eYm24J1s16q8XReMaWLY72T1NyoIi+jETHpUMgy
MmyTWhKm6sMr2+YDLJvF5hB9P9N6GbKE5e4nkuFfBsnPGJAC3rfQVgVP+6iiHo3J
PtXlbLOWEbmN4VVqDRc4bEt4lUZTVZY7gQ8qVwyuaI3dElZ/nVKXHRWg/QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIDuCocBiQGoP2vd7eBTI2AiCi18MB8GA1UdIwQY
MBaAFDJTYlSz50kAZ1vG69UK6CWCi5p2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxOaVZMUG5TUUJuVzhicjFRcm9KWUtMbW5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy85NmQ3MzAtMzhlZi00YjIxLWIxZmUt
YTU3ZDQ4ODc0NGMyLzEvZ080S2h3R0pBYWdfYTkzdDRGTWpZQ0lLTFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy85NmQ3MzAtMzhlZi00YjIxLWIxZmUtYTU3ZDQ4ODc0NGMy
LzEvTWxOaVZMUG5TUUJuVzhicjFRcm9KWUtMbW5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAK5X4wD
BAC5X44wDQYJKoZIhvcNAQELBQADggEBAERyA4HvfHpeei63w/xeOJzZhqVpprme
68Zbo7qi/XRoGJw5QKXjlU5qFUsmOUYRhY9L5zCQCdxR7NRik4TiH/OSWPbeWuls
jrzEJU3Lgslx+Lm0e7In/DWJoCowSOkRqPlFuyauCL+58Q1f9v1dBOaHSHd5GuLu
XTmJnayjm1Z1ZDPJAnfpAZIh9I7afLvBf3VL4MjkL1ofM7qsm8SsrrhCWoWpw1NA
+yovKZ9WlPFjjEWZ5ttZ2lihMzAf9N+4BrgJrZFolre6vuhcRF+vQRfB5zYtwcYI
m3/dFqoZ01SM4HWKc64o88PbK9IG0FO2vOGWBqPk5yRC60v19EG0hrY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:37 2025 by rpki-client