Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/VhDPtzF_GMTzK2ca_xm7f3MqrQs.roa
File: VhDPtzF_GMTzK2ca_xm7f3MqrQs.roa (raw, json)
Hash identifier: 42fugM8FMHJH3nzoWUmMZzjuARFfVxLwqR/fl6eB85o=
Subject key identifier: 56:10:CF:B7:31:7F:18:C4:F3:2B:67:1A:FF:19:BB:7F:73:2A:AD:0B
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 058B1463
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/VhDPtzF_GMTzK2ca_xm7f3MqrQs.roa
Signing time: Sat 01 Jan 2022 00:51:53 +0000
ROA not before: Sat 01 Jan 2022 00:51:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 95.38.246.0/23 maxlen: 23
95.38.244.0/23 maxlen: 23
95.38.248.0/22 maxlen: 22
95.38.240.0/22 maxlen: 22
95.38.138.0/23 maxlen: 23
95.38.136.0/23 maxlen: 23
95.38.134.0/23 maxlen: 23
95.38.142.0/23 maxlen: 23
95.38.140.0/23 maxlen: 23
95.38.152.0/23 maxlen: 23
95.38.158.0/23 maxlen: 23
95.38.156.0/23 maxlen: 23
95.38.154.0/23 maxlen: 23
95.38.104.0/22 maxlen: 22
95.38.132.0/22 maxlen: 22
95.38.132.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93000803 (0x58b1463)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Jan 1 00:51:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5610cfb7317f18c4f32b671aff19bb7f732aad0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e2:e9:cb:0c:ca:a9:b8:a9:69:e3:69:6e:7a:
f8:d8:19:d9:38:31:f1:7d:ce:01:9f:6e:98:84:f6:
ba:62:88:da:88:9b:60:eb:b4:0b:16:c0:27:e8:96:
4a:ae:ee:16:a0:67:bb:8a:03:ba:46:95:b4:72:e8:
77:3e:6c:ef:aa:c1:45:b2:2c:1a:89:8f:1c:57:76:
ce:71:94:00:ec:81:e8:bc:8e:8f:2d:c9:09:4f:e4:
ba:02:4f:e9:41:5b:d8:34:79:53:65:1f:6b:6c:90:
91:8f:45:02:bf:10:7f:41:60:56:f5:1f:77:88:66:
fc:f9:1b:b7:ee:9d:37:fc:1b:1c:8d:c4:5b:c9:2b:
3b:1e:97:86:ce:98:7a:b5:b3:6d:c2:00:ab:7e:63:
59:cb:70:d3:eb:ae:26:78:64:c4:be:7f:eb:01:3a:
5b:23:fc:51:11:b7:32:b3:1d:c3:9c:3c:4e:cf:63:
ed:2f:7e:26:25:4c:33:41:f3:00:36:53:f8:03:22:
37:5d:be:a8:0f:98:db:72:da:4e:4b:4c:c4:91:6f:
4b:0a:26:63:8b:7e:01:f6:c5:e7:db:33:41:eb:fd:
50:d8:f7:6d:67:a1:10:b2:24:66:69:b1:ac:a5:91:
6e:d7:f8:55:cf:9c:79:62:f4:e1:7a:89:0f:00:dc:
8c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:10:CF:B7:31:7F:18:C4:F3:2B:67:1A:FF:19:BB:7F:73:2A:AD:0B
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/VhDPtzF_GMTzK2ca_xm7f3MqrQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.104.0/22
95.38.132.0-95.38.143.255
95.38.152.0/21
95.38.240.0-95.38.251.255
Signature Algorithm: sha256WithRSAEncryption
5e:87:4a:31:02:73:1c:9c:52:7a:ec:f9:96:a1:c7:e3:13:cb:
04:f3:2c:71:a3:fa:ef:76:fc:9a:0a:f2:ef:21:c8:b1:0e:2d:
b9:1f:0f:2f:f3:42:a0:3c:c1:36:a6:28:56:27:e8:7a:20:0a:
09:9d:c9:a9:08:97:6c:45:53:d8:b5:48:76:6d:c9:27:36:36:
24:af:5a:ac:34:6d:b9:b8:e4:50:c6:24:ef:13:fd:76:b3:14:
28:b5:91:c3:24:83:fa:ac:b2:fc:a4:d7:8a:7f:8d:6e:91:a3:
37:a4:3f:a6:e2:b5:4c:54:73:c6:11:f1:35:f0:85:91:2f:83:
df:b0:78:e9:04:9f:47:4d:4a:ef:f0:6f:3a:43:d6:a9:3a:04:
08:c8:d2:bb:f8:0a:0c:77:ac:4c:96:a8:62:fe:02:5c:d2:5f:
a0:34:6b:0a:c2:e9:3c:e9:37:25:bb:06:ed:a6:f3:ed:e8:b2:
71:45:83:8f:4b:b1:4b:ce:bd:1a:16:14:97:ba:fd:66:ad:12:
b4:a3:43:4c:7c:8e:19:46:2d:5f:83:bb:ce:aa:3a:68:6c:d1:
61:b1:07:81:77:e2:87:ed:cb:35:e7:91:a3:dc:31:6e:da:68:
b8:6a:5d:c8:b4:3e:bc:d8:ea:25:bd:fb:33:75:e4:c5:7e:2e:
c5:06:cd:05
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBYsUYzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MGMxMDQwNDE2OTFkYzM4NGYzYjFhOGNkZjk1Yzk2NjI4ZWE2ZGFmMB4XDTIyMDEw
MTAwNTE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTYxMGNmYjczMTdm
MThjNGYzMmI2NzFhZmYxOWJiN2Y3MzJhYWQwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKji6csMyqm4qWnjaW56+NgZ2Tgx8X3OAZ9umIT2umKI2oib
YOu0CxbAJ+iWSq7uFqBnu4oDukaVtHLodz5s76rBRbIsGomPHFd2znGUAOyB6LyO
jy3JCU/kugJP6UFb2DR5U2Ufa2yQkY9FAr8Qf0FgVvUfd4hm/Pkbt+6dN/wbHI3E
W8krOx6Xhs6YerWzbcIAq35jWctw0+uuJnhkxL5/6wE6WyP8URG3MrMdw5w8Ts9j
7S9+JiVMM0HzADZT+AMiN12+qA+Y23LaTktMxJFvSwomY4t+AfbF59szQev9UNj3
bWehELIkZmmxrKWRbtf4Vc+ceWL04XqJDwDcjFcCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRWEM+3MX8YxPMrZxr/Gbt/cyqtCzAfBgNVHSMEGDAWgBTwwQQEFpHcOE87
GozflclmKOptrzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhNRUVCQmFSM0RoUE94cU0zNVhKWmlqcWJhOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDEvNzg5Y2FmLWM4ZDItNDE5ZS1hZTA0LTY5MTQyMjMxMTcyOS8x
L1ZoRFB0ekZfR01UeksyY2FfeG03ZjNNcXJRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDEv
Nzg5Y2FmLWM4ZDItNDE5ZS1hZTA0LTY5MTQyMjMxMTcyOS8xLzhNRUVCQmFSM0Ro
UE94cU0zNVhKWmlqcWJhOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKAMEAl8maDAMAwQCXyaEAwQEXyaAAwQD
XyaYMAwDBARfJvADBAJfJvgwDQYJKoZIhvcNAQELBQADggEBAF6HSjECcxycUnrs
+Zahx+MTywTzLHGj+u92/JoK8u8hyLEOLbkfDy/zQqA8wTamKFYn6HogCgmdyakI
l2xFU9i1SHZtySc2NiSvWqw0bbm45FDGJO8T/XazFCi1kcMkg/qssvyk14p/jW6R
ozekP6bitUxUc8YR8TXwhZEvg9+weOkEn0dNSu/wbzpD1qk6BAjI0rv4Cgx3rEyW
qGL+AlzSX6A0awrC6TzpNyW7Bu2m8+3osnFFg49LsUvOvRoWFJe6/WatErSjQ0x8
jhlGLV+Du86qOmhs0WGxB4F34oftyzXnkaPcMW7aaLhqXci0PrzY6iW9+zN15MV+
LsUGzQU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:45 2024 by rpki-client on console-ams.rpki-client.org