Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/43uAuFNaK9ZT7fcLhVEwJaWFza4.roa
File: 43uAuFNaK9ZT7fcLhVEwJaWFza4.roa (raw, json)
Hash identifier: reKQEBWVY3jL6Rni/vHU7Ugg+mDP+4rNQw7eqLJGh34=
Subject key identifier: E3:7B:80:B8:53:5A:2B:D6:53:ED:F7:0B:85:51:30:25:A5:85:CD:AE
Certificate issuer: /CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Certificate serial: 370A52F5
Authority key identifier: 8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/43uAuFNaK9ZT7fcLhVEwJaWFza4.roa
Signing time: Mon 28 Feb 2022 10:00:48 +0000
ROA not before: Mon 28 Feb 2022 10:00:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29600
IP address blocks: 95.131.112.0/21 maxlen: 21
2a01:a880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 923423477 (0x370a52f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Validity
Not Before: Feb 28 10:00:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e37b80b8535a2bd653edf70b85513025a585cdae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:ef:90:27:f4:55:6f:52:ef:f0:39:19:04:a0:
f7:39:c1:a7:a4:01:67:f7:5b:ff:f7:ea:b7:61:21:
6d:15:2d:7f:1a:15:1d:f6:ea:18:23:a7:44:af:78:
4c:55:f9:1a:80:16:39:38:27:b9:85:08:80:d5:b2:
4e:1d:ca:26:2f:a6:ec:38:91:2c:5d:93:cd:7f:dc:
1e:81:d0:bd:40:f7:58:d9:f2:88:e7:3e:56:1f:4d:
34:8f:25:e4:07:f0:49:42:f9:d1:a1:66:33:98:87:
8d:29:89:3c:52:50:3c:cb:60:79:d4:57:d9:f6:aa:
c0:03:09:b9:b3:73:97:c8:09:3e:08:d4:31:45:64:
ef:7b:25:d2:ad:dd:94:0a:b5:7f:74:43:8c:ed:70:
1c:2f:88:44:2f:5c:2f:20:d2:30:90:ad:0b:46:b7:
a6:37:35:55:df:ca:7d:a3:30:f8:7e:bf:01:1d:79:
be:d0:f3:20:78:6b:08:62:11:cf:67:42:cf:21:b1:
03:f5:c5:01:3d:3f:4a:a8:44:b7:47:d6:c6:d7:57:
1b:32:d7:a2:e3:5c:76:78:26:5e:b6:c6:c5:d0:a6:
ec:4b:9e:45:f5:2f:1a:40:f4:47:f6:8b:8c:0d:c3:
d9:f2:25:47:13:89:21:2e:a8:2f:99:46:1d:3d:9e:
ae:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:7B:80:B8:53:5A:2B:D6:53:ED:F7:0B:85:51:30:25:A5:85:CD:AE
X509v3 Authority Key Identifier:
keyid:8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/43uAuFNaK9ZT7fcLhVEwJaWFza4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/jxdSJfOGzpgBGfaYhPm-fGorOzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.112.0/21
IPv6:
2a01:a880::/29
Signature Algorithm: sha256WithRSAEncryption
70:79:cb:1d:01:e8:33:1e:8f:8f:02:7d:ba:f3:08:be:db:b5:
7a:8f:17:bb:1a:34:22:3b:ee:4e:86:da:8b:d3:01:1a:7a:98:
f9:5f:0b:1a:66:90:f3:f1:73:5c:4b:99:fa:8a:bf:f2:b1:a9:
48:f7:f2:c4:d7:53:1e:91:da:91:18:29:a6:60:b0:2c:e3:78:
df:13:5b:20:c9:28:93:de:95:9f:60:3e:17:96:1f:9b:6e:8f:
2b:7f:77:65:5a:b1:02:f6:b3:ab:7c:7a:bb:2b:0e:de:dd:ad:
d3:b6:77:fc:e8:c2:69:29:37:e2:af:23:dd:d7:64:4b:59:35:
87:2a:4c:3e:66:ec:03:64:99:bd:fd:87:0f:ee:a4:2b:45:f3:
7e:fc:03:da:a9:79:e2:20:6c:17:a6:2e:97:cc:b7:c7:70:f5:
d7:7e:9d:fa:e0:7f:fd:72:11:64:36:3a:e5:15:54:17:08:d4:
b2:8d:e8:95:4c:5c:c8:ae:25:f2:91:b3:46:db:cc:67:7b:55:
e5:d4:2a:3f:96:e3:50:62:61:92:e2:bc:69:aa:9a:94:80:2f:
72:c9:4a:1c:09:cb:20:db:29:ea:68:44:1b:cd:1d:ca:96:0f:
70:50:27:7d:7d:29:88:2d:bf:78:53:5c:e6:d8:0c:37:45:ff:
cb:39:a3:30
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENwpS9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjE3NTIyNWYzODZjZTk4MDExOWY2OTg4NGY5YmU3YzZhMmIzYjMzMB4XDTIyMDIy
ODEwMDA0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM3YjgwYjg1MzVh
MmJkNjUzZWRmNzBiODU1MTMwMjVhNTg1Y2RhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOrvkCf0VW9S7/A5GQSg9znBp6QBZ/db//fqt2EhbRUtfxoV
HfbqGCOnRK94TFX5GoAWOTgnuYUIgNWyTh3KJi+m7DiRLF2TzX/cHoHQvUD3WNny
iOc+Vh9NNI8l5AfwSUL50aFmM5iHjSmJPFJQPMtgedRX2faqwAMJubNzl8gJPgjU
MUVk73sl0q3dlAq1f3RDjO1wHC+IRC9cLyDSMJCtC0a3pjc1Vd/KfaMw+H6/AR15
vtDzIHhrCGIRz2dCzyGxA/XFAT0/SqhEt0fWxtdXGzLXouNcdngmXrbGxdCm7Eue
RfUvGkD0R/aLjA3D2fIlRxOJIS6oL5lGHT2erm0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTje4C4U1or1lPt9wuFUTAlpYXNrjAfBgNVHSMEGDAWgBSPF1Il84bOmAEZ
9piE+b58ais7MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2p4ZFNKZk9HenBnQkdmYVloUG0tZkdvck96TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNWVjN2NhLWE0MDItNGM1ZC1hMWI3LTYxYjc3MmQ3NTFlYy8x
LzQzdUF1Rk5hSzlaVDdmY0xoVkV3SmFXRnphNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NWVjN2NhLWE0MDItNGM1ZC1hMWI3LTYxYjc3MmQ3NTFlYy8xL2p4ZFNKZk9HenBn
QkdmYVloUG0tZkdvck96TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA1+DcDANBAIAAjAHAwUDKgGogDAN
BgkqhkiG9w0BAQsFAAOCAQEAcHnLHQHoMx6PjwJ9uvMIvtu1eo8Xuxo0IjvuToba
i9MBGnqY+V8LGmaQ8/FzXEuZ+oq/8rGpSPfyxNdTHpHakRgppmCwLON43xNbIMko
k96Vn2A+F5Yfm26PK393ZVqxAvazq3x6uysO3t2t07Z3/OjCaSk34q8j3ddkS1k1
hypMPmbsA2SZvf2HD+6kK0XzfvwD2ql54iBsF6Yul8y3x3D1136d+uB//XIRZDY6
5RVUFwjUso3olUxcyK4l8pGzRtvMZ3tV5dQqP5bjUGJhkuK8aaqalIAvcslKHAnL
INsp6mhEG80dypYPcFAnfX0piC2/eFNc5tgMN0X/yzmjMA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:27 2025 by rpki-client