Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/xhPMKK_aWJXMMwl3geGnr7Llx8s.roa
File: xhPMKK_aWJXMMwl3geGnr7Llx8s.roa (raw, json)
Hash identifier: MTOPT0gUfA0yII1HvoiU/5ceEOouwJNO+qjme0oTR8s=
Subject key identifier: C6:13:CC:28:AF:DA:58:95:CC:33:09:77:81:E1:A7:AF:B2:E5:C7:CB
Certificate issuer: /CN=191ee3af820563494647551a5206ef0c45cf95c9
Certificate serial: 1C3291FD
Authority key identifier: 19:1E:E3:AF:82:05:63:49:46:47:55:1A:52:06:EF:0C:45:CF:95:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/xhPMKK_aWJXMMwl3geGnr7Llx8s.roa
Signing time: Sat 01 Jan 2022 05:05:21 +0000
ROA not before: Sat 01 Jan 2022 05:05:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197081
IP address blocks: 95.131.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 473076221 (0x1c3291fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=191ee3af820563494647551a5206ef0c45cf95c9
Validity
Not Before: Jan 1 05:05:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c613cc28afda5895cc33097781e1a7afb2e5c7cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d0:9a:33:2a:b6:db:da:e2:42:af:c3:d4:7a:
29:7a:67:00:22:27:b8:a5:60:44:3a:c5:35:fc:1a:
aa:37:5b:25:6a:3d:80:21:34:e9:30:a4:8d:a1:ef:
ff:9c:1a:71:d1:33:63:71:2a:4e:9c:06:2f:16:a8:
a9:1e:40:f3:79:e0:7e:7f:cd:b6:00:ad:e6:1f:52:
37:8c:f2:87:51:aa:07:87:98:4d:f2:92:ac:61:98:
30:00:74:50:45:79:ed:ce:bb:e1:69:91:5a:41:31:
42:99:a3:db:45:2a:bb:91:2e:be:19:8c:6c:64:3d:
10:d1:f1:b4:f7:c6:5f:7d:81:14:43:1e:48:ac:0b:
64:dd:4e:c0:37:41:6a:95:74:7a:a3:cf:aa:a7:88:
76:dd:37:1a:5b:ae:8e:5a:4f:81:c7:99:17:6e:d9:
cd:6b:99:a3:6b:15:38:d5:d3:dd:47:86:23:82:91:
6e:ec:79:65:51:87:b1:a5:61:9c:08:7d:8f:5a:e1:
a2:15:9c:8a:54:8a:e7:ff:92:cb:45:a2:a3:37:6a:
89:17:6b:0c:95:3b:74:79:c8:33:08:83:3c:5f:38:
18:b9:41:07:5b:13:71:20:4d:5b:9e:2a:ba:9b:95:
89:5f:20:23:c0:c9:62:91:34:2a:4a:68:65:f5:7e:
fd:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:13:CC:28:AF:DA:58:95:CC:33:09:77:81:E1:A7:AF:B2:E5:C7:CB
X509v3 Authority Key Identifier:
keyid:19:1E:E3:AF:82:05:63:49:46:47:55:1A:52:06:EF:0C:45:CF:95:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/xhPMKK_aWJXMMwl3geGnr7Llx8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/GR7jr4IFY0lGR1UaUgbvDEXPlck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.16.0/22
Signature Algorithm: sha256WithRSAEncryption
64:47:49:29:58:cb:e0:8e:d5:e6:a1:ef:43:45:10:1b:b4:fc:
d4:f1:d1:2e:7e:6b:69:ef:da:17:c1:ee:ce:a7:73:d2:7d:31:
a6:b4:bc:88:5b:ff:4f:e8:fb:30:92:96:f5:cf:47:24:62:4a:
b3:cd:b9:57:39:6a:3b:48:45:4c:5d:e9:02:66:d3:7e:46:e9:
a5:15:ce:9b:e6:8a:64:0b:7c:9c:3c:3d:b6:18:d3:50:01:d5:
e3:1e:c4:48:00:2d:85:66:ed:c5:99:59:eb:1a:f7:e2:9c:88:
9b:e5:69:a6:c8:e9:a8:3f:d2:a1:9a:d0:b3:f2:1d:58:94:83:
62:88:4e:10:ee:c5:70:ca:17:11:eb:8d:ae:6c:e5:43:d8:4e:
9d:5a:7c:9e:0b:71:d6:27:ad:30:9f:84:fb:5e:8d:b3:fa:e7:
e0:6d:e3:8f:fc:09:dc:a7:de:21:ef:85:a5:9c:82:69:6e:f6:
97:99:b4:29:e9:5b:a1:7d:72:9d:3b:68:e1:e4:c1:ff:47:e5:
8d:7d:01:65:49:b7:3d:7d:cd:ad:7a:94:3c:4e:9b:a9:29:f1:
31:c4:80:0e:fd:d3:c9:8f:69:88:ae:84:04:a5:97:3d:c7:99:
90:97:5a:59:f8:d5:de:0c:3d:a7:9a:ad:f1:84:59:aa:ee:74:
c3:0f:23:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHDKR/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OTFlZTNhZjgyMDU2MzQ5NDY0NzU1MWE1MjA2ZWYwYzQ1Y2Y5NWM5MB4XDTIyMDEw
MTA1MDUyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYxM2NjMjhhZmRh
NTg5NWNjMzMwOTc3ODFlMWE3YWZiMmU1YzdjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnQmjMqttva4kKvw9R6KXpnACInuKVgRDrFNfwaqjdbJWo9
gCE06TCkjaHv/5wacdEzY3EqTpwGLxaoqR5A83ngfn/NtgCt5h9SN4zyh1GqB4eY
TfKSrGGYMAB0UEV57c674WmRWkExQpmj20Uqu5EuvhmMbGQ9ENHxtPfGX32BFEMe
SKwLZN1OwDdBapV0eqPPqqeIdt03GluujlpPgceZF27ZzWuZo2sVONXT3UeGI4KR
bux5ZVGHsaVhnAh9j1rhohWcilSK5/+Sy0WiozdqiRdrDJU7dHnIMwiDPF84GLlB
B1sTcSBNW54qupuViV8gI8DJYpE0KkpoZfV+/fMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTGE8wor9pYlcwzCXeB4aevsuXHyzAfBgNVHSMEGDAWgBQZHuOvggVjSUZH
VRpSBu8MRc+VyTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dSN2pyNElGWTBsR1IxVWFVZ2J2REVYUGxjay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvYTNkZjgxLTIwOTYtNDkzZC1iMTA2LTQ2ZDZjZWEyMDM0Mi8x
L3hoUE1LS19hV0pYTU13bDNnZUducjdMbHg4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
YTNkZjgxLTIwOTYtNDkzZC1iMTA2LTQ2ZDZjZWEyMDM0Mi8xL0dSN2pyNElGWTBs
R1IxVWFVZ2J2REVYUGxjay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl+DEDANBgkqhkiG9w0BAQsFAAOC
AQEAZEdJKVjL4I7V5qHvQ0UQG7T81PHRLn5rae/aF8Huzqdz0n0xprS8iFv/T+j7
MJKW9c9HJGJKs825VzlqO0hFTF3pAmbTfkbppRXOm+aKZAt8nDw9thjTUAHV4x7E
SAAthWbtxZlZ6xr34pyIm+VppsjpqD/SoZrQs/IdWJSDYohOEO7FcMoXEeuNrmzl
Q9hOnVp8ngtx1ietMJ+E+16Ns/rn4G3jj/wJ3KfeIe+FpZyCaW72l5m0KelboX1y
nTto4eTB/0fljX0BZUm3PX3NrXqUPE6bqSnxMcSADv3TyY9piK6EBKWXPceZkJda
WfjV3gw9p5qt8YRZqu50ww8j+g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:59 2023 by rpki-client on console-ams.rpki-client.org