Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/343892-780c-432a-882f-1e0d7c42da76/1/tQBokrNj7hAgpDOx9-sAOuka4AU.roa
File: tQBokrNj7hAgpDOx9-sAOuka4AU.roa (raw, json)
Hash identifier: uML7A+u7iYL3koevKhAL44rShC+13h0BWfZLJ9BkROw=
Subject key identifier: B5:00:68:92:B3:63:EE:10:20:A4:33:B1:F7:EB:00:3A:E9:1A:E0:05
Certificate issuer: /CN=4cb932bc60e9fd1186f8fa6bd713c20729ae73ee
Certificate serial: 02B3A9ED
Authority key identifier: 4C:B9:32:BC:60:E9:FD:11:86:F8:FA:6B:D7:13:C2:07:29:AE:73:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TLkyvGDp_RGG-Ppr1xPCBymuc-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/343892-780c-432a-882f-1e0d7c42da76/1/tQBokrNj7hAgpDOx9-sAOuka4AU.roa
Signing time: Sat 01 Jan 2022 09:02:37 +0000
ROA not before: Sat 01 Jan 2022 09:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48966
IP address blocks: 95.130.89.0/24 maxlen: 24
95.130.91.0/24 maxlen: 24
95.130.88.0/24 maxlen: 24
95.130.92.0/24 maxlen: 24
95.130.92.0/23 maxlen: 23
95.130.94.0/24 maxlen: 24
95.130.93.0/24 maxlen: 24
185.88.81.0/24 maxlen: 24
185.88.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45328877 (0x2b3a9ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cb932bc60e9fd1186f8fa6bd713c20729ae73ee
Validity
Not Before: Jan 1 09:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5006892b363ee1020a433b1f7eb003ae91ae005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c8:98:11:9a:87:d8:50:b4:97:6a:9a:77:02:
80:3d:02:0e:7c:79:09:46:e1:69:03:8c:23:0b:84:
79:e3:c4:f1:de:c1:0d:46:5c:dd:8c:7e:88:15:2c:
e2:ac:33:d7:05:84:c4:aa:9d:7d:a9:8f:d3:37:de:
91:03:5d:2a:0f:41:dd:47:df:8d:44:d2:9e:2d:d1:
91:ff:12:f8:95:50:a8:27:e8:f3:47:43:67:32:14:
66:7c:39:a5:df:a8:ab:89:93:89:42:b9:0f:26:02:
44:ca:5e:7c:36:55:87:9a:f0:78:48:e5:6f:a6:48:
d0:ec:72:9c:06:45:bb:fa:91:b6:ed:85:45:a9:22:
cf:d1:39:6f:e7:df:ad:a7:db:3a:c5:29:0c:c6:6f:
3c:d8:e3:39:8d:a2:6f:26:0d:7a:19:02:5a:81:a1:
79:9e:54:6b:ae:72:e6:9f:ca:4b:c7:51:06:9e:17:
af:00:70:03:bc:6a:8c:af:67:38:e4:f1:77:9b:50:
c2:9c:26:13:61:28:49:9f:7c:a9:32:8e:4e:65:bb:
a4:bf:47:c9:f2:01:7c:92:5b:33:4f:87:81:ef:a7:
9f:16:09:79:8d:07:71:f8:c0:3a:4b:57:3d:10:b8:
38:94:d9:86:e6:5e:a9:1b:97:1a:68:ab:f6:3d:f2:
0a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:00:68:92:B3:63:EE:10:20:A4:33:B1:F7:EB:00:3A:E9:1A:E0:05
X509v3 Authority Key Identifier:
keyid:4C:B9:32:BC:60:E9:FD:11:86:F8:FA:6B:D7:13:C2:07:29:AE:73:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TLkyvGDp_RGG-Ppr1xPCBymuc-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/343892-780c-432a-882f-1e0d7c42da76/1/tQBokrNj7hAgpDOx9-sAOuka4AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/343892-780c-432a-882f-1e0d7c42da76/1/TLkyvGDp_RGG-Ppr1xPCBymuc-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.88.0/23
95.130.91.0-95.130.94.255
185.88.80.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:3c:a3:b9:b7:cf:62:82:68:0e:f3:45:be:6e:66:1c:9a:ef:
70:bd:52:de:b1:53:40:7a:4e:b9:1e:78:6d:65:98:c6:ec:4b:
55:0f:e0:cd:55:d9:6f:92:b4:4b:94:43:ae:5c:b7:4a:21:e8:
bc:67:31:6c:ec:b9:09:46:00:b7:a4:ba:15:69:a2:f2:24:f8:
d6:b2:02:b0:20:02:fe:bb:ec:dd:10:65:95:8f:22:a8:de:20:
e1:06:ed:d3:ee:e1:51:a7:68:7d:cf:a9:85:f9:d3:a5:38:9b:
0b:02:c1:d6:80:40:c6:21:6b:cc:af:7b:3c:f1:50:0b:7b:5d:
90:ec:9b:12:64:5e:2b:07:fe:5c:1c:55:25:ac:20:0f:bb:16:
f2:3b:3d:2b:6c:56:3a:62:80:ed:af:66:0a:ca:b3:f7:fe:b4:
94:8d:00:26:9d:c6:4b:ac:23:26:d2:47:7a:29:07:6b:b6:cf:
58:b8:de:7c:60:e3:35:e9:96:14:a1:2f:64:de:09:27:69:36:
47:7f:67:23:ae:9b:74:fe:cc:3c:c3:bb:8d:e8:41:ac:b7:58:
25:b0:9a:fa:c5:7c:90:0e:07:9c:fc:7c:75:be:9e:b8:17:44:
ad:88:81:90:ec:1a:6f:18:08:2a:64:e4:21:a2:3f:53:0b:8e:
07:84:3a:1f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEArOp7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Y2I5MzJiYzYwZTlmZDExODZmOGZhNmJkNzEzYzIwNzI5YWU3M2VlMB4XDTIyMDEw
MTA5MDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjUwMDY4OTJiMzYz
ZWUxMDIwYTQzM2IxZjdlYjAwM2FlOTFhZTAwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3ImBGah9hQtJdqmncCgD0CDnx5CUbhaQOMIwuEeePE8d7B
DUZc3Yx+iBUs4qwz1wWExKqdfamP0zfekQNdKg9B3UffjUTSni3Rkf8S+JVQqCfo
80dDZzIUZnw5pd+oq4mTiUK5DyYCRMpefDZVh5rweEjlb6ZI0OxynAZFu/qRtu2F
Rakiz9E5b+ffrafbOsUpDMZvPNjjOY2ibyYNehkCWoGheZ5Ua65y5p/KS8dRBp4X
rwBwA7xqjK9nOOTxd5tQwpwmE2EoSZ98qTKOTmW7pL9HyfIBfJJbM0+Hge+nnxYJ
eY0HcfjAOktXPRC4OJTZhuZeqRuXGmir9j3yCu8CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBS1AGiSs2PuECCkM7H36wA66RrgBTAfBgNVHSMEGDAWgBRMuTK8YOn9EYb4
+mvXE8IHKa5z7jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RMa3l2R0RwX1JHRy1QcHIxeFBDQnltdWMtNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvMzQzODkyLTc4MGMtNDMyYS04ODJmLTFlMGQ3YzQyZGE3Ni8x
L3RRQm9rck5qN2hBZ3BET3g5LXNBT3VrYTRBVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
MzQzODkyLTc4MGMtNDMyYS04ODJmLTFlMGQ3YzQyZGE3Ni8xL1RMa3l2R0RwX1JH
Ry1QcHIxeFBDQnltdWMtNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAV+CWDAMAwQAX4JbAwQAX4JeAwQB
uVhQMA0GCSqGSIb3DQEBCwUAA4IBAQBePKO5t89igmgO80W+bmYcmu9wvVLesVNA
ek65HnhtZZjG7EtVD+DNVdlvkrRLlEOuXLdKIei8ZzFs7LkJRgC3pLoVaaLyJPjW
sgKwIAL+u+zdEGWVjyKo3iDhBu3T7uFRp2h9z6mF+dOlOJsLAsHWgEDGIWvMr3s8
8VALe12Q7JsSZF4rB/5cHFUlrCAPuxbyOz0rbFY6YoDtr2YKyrP3/rSUjQAmncZL
rCMm0kd6KQdrts9YuN58YOM16ZYUoS9k3gknaTZHf2cjrpt0/sw8w7uN6EGst1gl
sJr6xXyQDgec/Hx1vp64F0StiIGQ7BpvGAgqZOQhoj9TC44HhDof
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:07 2024 by rpki-client on console-fra.rpki-client.org