Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/1-m3UxlC_pmPaNOSQdIQMPkheuAA.roa
File: 1-m3UxlC_pmPaNOSQdIQMPkheuAA.roa (raw, json)
Hash identifier: gVEnVZWoque3UD3vLpg4/Q8I000mJidPcX0su4O7O9k=
Subject key identifier: FA:6D:D4:C6:50:BF:A6:63:DA:34:E4:90:74:84:0C:3E:48:5E:B8:00
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 018BF582F29CBAB0A422F4406900EDBA3067
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/1-m3UxlC_pmPaNOSQdIQMPkheuAA.roa
Signing time: Wed 22 Nov 2023 05:31:21 +0000
ROA not before: Wed 22 Nov 2023 05:31:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 95.38.240.0/21 maxlen: 21
95.38.248.0/22 maxlen: 22
95.38.200.0/22 maxlen: 22
95.38.208.0/22 maxlen: 22
95.38.240.0/24 maxlen: 24
95.38.136.0/22 maxlen: 22
95.38.140.0/22 maxlen: 22
95.38.152.0/21 maxlen: 21
95.38.152.0/24 maxlen: 24
95.38.153.0/24 maxlen: 24
95.38.168.0/22 maxlen: 22
95.38.174.0/24 maxlen: 24
95.38.97.0/24 maxlen: 24
95.38.96.0/21 maxlen: 21
95.38.98.0/24 maxlen: 24
95.38.96.0/24 maxlen: 24
95.38.104.0/22 maxlen: 22
95.38.130.0/23 maxlen: 23
95.38.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f5:82:f2:9c:ba:b0:a4:22:f4:40:69:00:ed:ba:30:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Nov 22 05:31:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa6dd4c650bfa663da34e49074840c3e485eb800
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:95:35:52:2c:0d:12:64:20:f0:32:f0:ed:1b:
a3:d4:2e:cc:d3:d3:6f:6e:6e:f3:ee:81:ce:2a:3b:
84:51:3c:83:06:01:f3:01:d4:a8:de:be:84:59:90:
11:2b:2d:02:9d:a5:17:e0:e2:d5:e3:e5:ed:db:64:
86:67:ce:ec:2c:aa:4b:47:38:5c:13:71:4f:d9:ce:
4b:66:8b:a6:2b:9a:91:69:13:1c:78:cd:ac:17:da:
f3:d2:a1:3e:78:ab:9b:4d:a1:12:55:97:75:3a:93:
71:bc:97:68:d2:fe:fe:37:dc:8f:13:11:f6:16:80:
0e:1f:e8:b2:f6:d4:a6:ac:1a:d2:3d:56:0c:ee:18:
83:fd:69:a3:78:2c:a9:f6:4d:80:56:5c:fd:5c:05:
a2:77:23:9c:4d:6c:58:88:df:f4:0a:a8:15:a1:1d:
07:c4:2f:d4:de:69:54:0e:f8:fe:7b:87:23:95:bf:
f4:f6:15:55:8e:45:97:4f:3c:19:f9:bb:82:1e:79:
06:d4:b2:76:f2:15:52:a5:e7:c9:cd:ed:f7:ae:e3:
88:c6:15:c4:7b:4d:2a:69:37:28:d7:9d:7e:7c:33:
42:2e:5f:66:73:f4:db:6b:e5:6e:6d:74:aa:3e:a2:
e3:0e:02:4d:d5:26:5a:4e:f6:ea:6e:c2:77:03:1d:
40:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6D:D4:C6:50:BF:A6:63:DA:34:E4:90:74:84:0C:3E:48:5E:B8:00
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/1-m3UxlC_pmPaNOSQdIQMPkheuAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.96.0-95.38.107.255
95.38.130.0-95.38.143.255
95.38.152.0/21
95.38.168.0/22
95.38.174.0/24
95.38.200.0/22
95.38.208.0/22
95.38.240.0-95.38.251.255
Signature Algorithm: sha256WithRSAEncryption
03:7b:d4:21:d0:4e:cd:90:ff:89:07:bc:7f:aa:97:bb:29:26:
81:84:e3:78:d0:dd:80:0a:32:92:d9:0e:e7:f2:33:70:b6:05:
e4:88:7a:9f:8c:3d:93:75:7b:ff:fd:c5:45:2e:09:89:ff:27:
06:b1:a6:83:7e:24:cb:bd:3c:6b:cf:d4:f2:cd:08:89:6c:2f:
45:6c:b9:7b:3a:d4:43:84:df:6e:73:65:ee:50:11:0c:4e:5b:
bf:a1:e0:fe:e8:14:a4:b7:e5:64:32:53:84:3d:db:80:83:8d:
90:69:b0:c4:ac:6c:96:a0:af:59:f1:16:02:d8:0a:0b:94:38:
9c:0f:c2:a5:63:0a:a7:32:48:ed:d0:0d:02:7e:21:64:ef:ff:
7e:93:a2:f1:60:76:f0:4a:4e:2c:67:0a:21:95:05:f1:7e:ea:
43:2a:13:7e:29:b5:0d:74:4a:58:f6:79:2f:82:19:04:b3:da:
1d:47:42:75:46:3b:01:48:cc:bb:54:cf:ec:47:2e:83:cb:0f:
b0:09:50:0d:b6:a6:40:2e:a6:f0:03:0f:9c:35:ec:a7:b2:3d:
90:cd:fd:06:fe:97:63:6e:ab:bf:86:cc:d3:36:d6:af:7b:c8:
68:ea:de:d7:32:31:9e:b5:7d:67:3d:39:4b:6d:b3:05:a6:34:
2f:d5:51:ed
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYv1gvKcurCkIvRAaQDtujBnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjMxMTIyMDUzMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTZkZDRjNjUwYmZhNjYzZGEzNGU0OTA3NDg0MGMzZTQ4NWViODAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpU1UiwNEmQg8DLw7Ruj1C7M09Nv
bm7z7oHOKjuEUTyDBgHzAdSo3r6EWZARKy0CnaUX4OLV4+Xt22SGZ87sLKpLRzhc
E3FP2c5LZoumK5qRaRMceM2sF9rz0qE+eKubTaESVZd1OpNxvJdo0v7+N9yPExH2
FoAOH+iy9tSmrBrSPVYM7hiD/WmjeCyp9k2AVlz9XAWidyOcTWxYiN/0CqgVoR0H
xC/U3mlUDvj+e4cjlb/09hVVjkWXTzwZ+buCHnkG1LJ28hVSpefJze33ruOIxhXE
e00qaTco151+fDNCLl9mc/Tba+VubXSqPqLjDgJN1SZaTvbqbsJ3Ax1ARwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFPpt1MZQv6Zj2jTkkHSEDD5IXrgAMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvMS1tM1V4bENfcG1QYU5PU1FkSVFNUGtoZXVBQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDEvNzg5Y2FmLWM4ZDItNDE5ZS1hZTA0LTY5MTQyMjMxMTcy
OS8xLzhNRUVCQmFSM0RoUE94cU0zNVhKWmlqcWJhOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSDAMAwQFXyZg
AwQCXyZoMAwDBAFfJoIDBARfJoADBANfJpgDBAJfJqgDBABfJq4DBAJfJsgDBAJf
JtAwDAMEBF8m8AMEAl8m+DANBgkqhkiG9w0BAQsFAAOCAQEAA3vUIdBOzZD/iQe8
f6qXuykmgYTjeNDdgAoyktkO5/IzcLYF5Ih6n4w9k3V7//3FRS4Jif8nBrGmg34k
y708a8/U8s0IiWwvRWy5ezrUQ4TfbnNl7lARDE5bv6Hg/ugUpLflZDJThD3bgION
kGmwxKxslqCvWfEWAtgKC5Q4nA/CpWMKpzJI7dANAn4hZO//fpOi8WB28EpOLGcK
IZUF8X7qQyoTfim1DXRKWPZ5L4IZBLPaHUdCdUY7AUjMu1TP7Ecug8sPsAlQDbam
QC6m8AMPnDXsp7I9kM39Bv6XY26rv4bM0zbWr3vIaOre1zIxnrV9Zz05S22zBaY0
L9VR7Q==
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:06:13 2025 by rpki-client