Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/cdTm6CYOs4h-qh9Hv4_9xkXPgeE.roa
File: cdTm6CYOs4h-qh9Hv4_9xkXPgeE.roa (raw, json)
Hash identifier: xC98oZsjXlPdYpxdxkOaLQwWhMXYs2vn+B5XKrEGJjw=
Subject key identifier: 71:D4:E6:E8:26:0E:B3:88:7E:AA:1F:47:BF:8F:FD:C6:45:CF:81:E1
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 01825E0551C31BC17DD09E7CADD39526B6BF
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/cdTm6CYOs4h-qh9Hv4_9xkXPgeE.roa
Signing time: Tue 02 Aug 2022 10:06:23 +0000
ROA not before: Tue 02 Aug 2022 10:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 265515
IP address blocks: 95.210.95.0/24 maxlen: 24
176.227.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:05:51:c3:1b:c1:7d:d0:9e:7c:ad:d3:95:26:b6:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Aug 2 10:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71d4e6e8260eb3887eaa1f47bf8ffdc645cf81e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:38:99:65:83:a3:df:50:22:a8:d1:d8:8e:57:
01:70:73:f6:36:ff:55:39:0f:77:c9:d0:5f:a0:41:
ad:80:2f:3b:e8:45:80:f7:88:c4:92:3d:e9:13:8b:
4f:21:c8:0f:8c:47:34:23:58:26:00:29:ad:18:a4:
e2:a6:36:8f:58:8d:01:6d:6e:a3:d5:71:02:7c:29:
d6:f8:9b:3d:3f:ac:f2:bd:8b:74:53:24:f1:4d:43:
eb:d3:e5:ac:1c:a4:1f:f9:34:31:42:a8:04:c7:1c:
f2:a8:ec:ac:ca:f8:e4:ce:40:c1:58:b0:f3:2e:55:
3c:9f:29:68:2c:71:96:b7:f1:a5:10:9d:7b:2c:e6:
51:16:96:60:f6:0d:81:df:e8:07:d5:89:9c:37:20:
4a:58:52:0f:43:93:a9:40:dc:86:a3:50:95:c5:9c:
77:57:50:5e:3b:54:44:5f:ba:ac:c9:01:54:3e:6c:
83:59:a8:b1:75:f6:a9:41:eb:c4:03:62:9c:21:12:
e7:7b:b8:f3:55:7e:06:00:0e:76:c4:29:23:e1:42:
ed:00:53:9b:8e:66:11:68:19:1a:6b:3c:cb:14:bb:
29:5b:48:fb:2f:d3:59:55:b6:c1:ee:52:bd:e8:2b:
41:da:6b:cb:ee:ba:c6:9a:4e:66:d1:e3:2b:36:33:
f4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D4:E6:E8:26:0E:B3:88:7E:AA:1F:47:BF:8F:FD:C6:45:CF:81:E1
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/cdTm6CYOs4h-qh9Hv4_9xkXPgeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.210.95.0/24
176.227.129.0/24
Signature Algorithm: sha256WithRSAEncryption
10:a7:6b:12:cc:6f:08:95:75:ca:94:ab:12:cd:f0:01:13:92:
d7:18:e2:cb:1e:e5:ad:f9:e7:e7:5e:29:99:94:57:bb:ad:3f:
0d:77:96:46:1f:b5:29:4b:da:cc:c8:3e:7a:01:4c:d3:9a:5e:
59:ad:75:70:11:17:e7:bd:0b:ae:9e:48:51:81:89:a9:09:e3:
d1:7b:f8:33:78:2b:12:20:79:23:7c:02:4f:32:20:bf:40:51:
5d:9f:1f:b6:0e:18:34:71:43:0e:75:a2:90:b5:71:a5:4b:d5:
89:c2:28:80:1a:ae:f6:6f:4d:47:c3:19:74:60:ee:b7:60:ad:
3d:0e:a8:88:74:64:09:27:82:81:39:51:1e:81:4b:48:bc:12:
32:c9:ab:f7:c3:ef:77:75:38:c8:fc:eb:25:f7:4d:f9:51:fb:
31:72:5e:dd:0a:1e:7a:6d:90:00:a9:00:17:a8:ae:b0:c1:df:
7e:23:1f:15:6b:85:ea:86:a7:bf:16:dc:a4:b1:bd:1d:a4:8c:
20:6c:fd:da:ef:6e:f5:8d:5c:f1:18:88:9f:1b:8f:74:d0:e4:
e3:f9:f5:5a:81:47:f0:71:1a:ef:1b:7a:e9:b4:d0:0c:3e:ec:
ce:43:d3:6c:26:62:8a:66:fb:b0:ce:03:e3:dd:c0:54:3e:15:
1e:e0:21:d2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJeBVHDG8F90J58rdOVJra/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjIwODAyMTAwNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWQ0ZTZlODI2MGViMzg4N2VhYTFmNDdiZjhmZmRjNjQ1Y2Y4MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjiZZYOj31AiqNHYjlcBcHP2Nv9V
OQ93ydBfoEGtgC876EWA94jEkj3pE4tPIcgPjEc0I1gmACmtGKTipjaPWI0BbW6j
1XECfCnW+Js9P6zyvYt0UyTxTUPr0+WsHKQf+TQxQqgExxzyqOysyvjkzkDBWLDz
LlU8nyloLHGWt/GlEJ17LOZRFpZg9g2B3+gH1YmcNyBKWFIPQ5OpQNyGo1CVxZx3
V1BeO1REX7qsyQFUPmyDWaixdfapQevEA2KcIRLne7jzVX4GAA52xCkj4ULtAFOb
jmYRaBkaazzLFLspW0j7L9NZVbbB7lK96CtB2mvL7rrGmk5m0eMrNjP07QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHHU5ugmDrOIfqofR7+P/cZFz4HhMB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvY2RUbTZDWU9zNGgtcWg5SHY0Xzl4a1hQZ2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9JfAwQA
sOOBMA0GCSqGSIb3DQEBCwUAA4IBAQAQp2sSzG8IlXXKlKsSzfABE5LXGOLLHuWt
+efnXimZlFe7rT8Nd5ZGH7UpS9rMyD56AUzTml5ZrXVwERfnvQuunkhRgYmpCePR
e/gzeCsSIHkjfAJPMiC/QFFdnx+2Dhg0cUMOdaKQtXGlS9WJwiiAGq72b01Hwxl0
YO63YK09DqiIdGQJJ4KBOVEegUtIvBIyyav3w+93dTjI/Osl9035Ufsxcl7dCh56
bZAAqQAXqK6wwd9+Ix8Va4Xqhqe/Ftyksb0dpIwgbP3a7271jVzxGIifG4900OTj
+fVagUfwcRrvG3rptNAMPuzOQ9NsJmKKZvuwzgPj3cBUPhUe4CHS
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:39 2025 by rpki-client