Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/di3Wfc8o4SBeZHZtjHz7VcKyHno.roa
File: di3Wfc8o4SBeZHZtjHz7VcKyHno.roa (raw, json)
Hash identifier: sj+gs/7KlJqy3FZmdbTPYw+RoHilPsSyyj/FXZ3ff3U=
Subject key identifier: 76:2D:D6:7D:CF:28:E1:20:5E:64:76:6D:8C:7C:FB:55:C2:B2:1E:7A
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 085F8752
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/di3Wfc8o4SBeZHZtjHz7VcKyHno.roa
Signing time: Sat 01 Jan 2022 10:54:26 +0000
ROA not before: Sat 01 Jan 2022 10:54:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48823
IP address blocks: 95.129.48.0/21 maxlen: 24
134.0.24.0/21 maxlen: 24
185.11.136.0/22 maxlen: 24
2a03:2900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140478290 (0x85f8752)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 1 10:54:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=762dd67dcf28e1205e64766d8c7cfb55c2b21e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:48:ca:39:01:99:6d:f0:b8:3e:c2:24:f9:cb:
9f:c5:1d:c8:97:3b:26:48:94:1e:09:da:66:7d:0f:
e2:c1:61:e5:d9:c4:17:50:75:6b:bf:85:90:18:9d:
b1:88:a9:bf:c5:2e:c9:f9:bc:35:35:e0:14:a3:69:
a1:a6:51:bf:64:b9:f0:1a:e4:14:40:c7:5a:ac:7f:
72:0c:51:fc:67:8d:05:e7:3f:c8:28:ef:33:ac:09:
ec:48:be:a5:03:c9:97:1b:eb:a8:3e:6b:fd:62:19:
bd:18:68:ef:55:02:54:be:e6:04:ac:36:00:51:23:
95:a8:bd:4e:ee:58:5a:e9:13:97:9b:0c:49:66:1f:
b3:a1:ae:b5:5c:12:1e:17:d4:4a:a0:c6:47:f0:39:
39:07:c4:1a:6a:58:b9:7b:17:8b:d7:7b:d3:fc:85:
74:0d:de:dc:7d:97:1d:74:4a:48:2c:70:91:ea:02:
71:8f:12:fb:08:48:5c:41:ee:c0:c3:58:8d:d4:68:
6f:a1:f2:5b:88:ea:c9:e1:6e:c3:5c:fc:19:95:b1:
cd:be:a7:3e:f0:f9:d9:78:fe:53:1e:4c:83:7d:2f:
3e:af:67:b9:e0:6c:39:36:3f:dc:a5:66:c2:b4:63:
ef:58:8e:19:c5:d9:87:b7:92:79:8e:db:7a:d6:fb:
6e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:2D:D6:7D:CF:28:E1:20:5E:64:76:6D:8C:7C:FB:55:C2:B2:1E:7A
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/di3Wfc8o4SBeZHZtjHz7VcKyHno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.48.0/21
134.0.24.0/21
185.11.136.0/22
IPv6:
2a03:2900::/32
Signature Algorithm: sha256WithRSAEncryption
8c:c0:6d:3e:6f:e5:8e:d2:78:04:4b:3c:50:cd:9a:49:d9:59:
4a:19:53:d2:c5:80:87:58:20:8b:3c:7c:08:a7:b5:5c:79:bb:
37:0b:d9:c2:d8:fe:19:a0:14:c8:cc:48:7c:92:07:d8:c2:70:
4a:29:d6:71:86:b9:4d:36:79:9e:0c:61:18:b1:5a:a7:30:7b:
bc:e7:60:ad:b1:30:a7:48:0f:74:e5:d1:72:c6:f4:33:70:86:
db:1c:61:bf:0c:3a:de:e5:d5:02:66:78:d3:04:d2:7b:1f:3c:
d8:d5:62:45:22:5f:7a:6d:7c:8b:b1:d0:00:da:9d:27:b1:4b:
f7:84:96:ba:85:6a:8d:ec:b8:bd:67:77:dc:d0:89:d4:a2:d7:
4b:24:c9:7b:4a:93:20:9f:6c:68:e8:ef:f6:fd:83:ee:9d:f4:
98:56:81:be:8f:4d:4c:75:ac:17:f2:c0:9a:4a:9d:3f:b1:e0:
75:fe:c2:59:a4:91:5b:c4:17:0b:cd:30:d9:d7:eb:b3:c7:98:
53:e8:6d:a7:f5:b3:3f:ce:7a:28:19:8d:f5:95:40:64:72:9e:
de:7d:e1:74:00:81:a5:d8:2d:37:52:34:16:e8:3f:4b:75:d1:
1a:7a:f7:3f:52:3e:fe:72:97:16:28:19:b4:64:1e:2b:f7:65:
bc:70:88:0a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECF+HUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MDVmZjljYzg5YzY2YThhM2E1ZDczNGEwZDY1YzYxZmRjODUxOGJlMB4XDTIyMDEw
MTEwNTQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzYyZGQ2N2RjZjI4
ZTEyMDVlNjQ3NjZkOGM3Y2ZiNTVjMmIyMWU3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhIyjkBmW3wuD7CJPnLn8UdyJc7JkiUHgnaZn0P4sFh5dnE
F1B1a7+FkBidsYipv8Uuyfm8NTXgFKNpoaZRv2S58BrkFEDHWqx/cgxR/GeNBec/
yCjvM6wJ7Ei+pQPJlxvrqD5r/WIZvRho71UCVL7mBKw2AFEjlai9Tu5YWukTl5sM
SWYfs6GutVwSHhfUSqDGR/A5OQfEGmpYuXsXi9d70/yFdA3e3H2XHXRKSCxwkeoC
cY8S+whIXEHuwMNYjdRob6HyW4jqyeFuw1z8GZWxzb6nPvD52Xj+Ux5Mg30vPq9n
ueBsOTY/3KVmwrRj71iOGcXZh7eSeY7betb7bpECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBR2LdZ9zyjhIF5kdm2MfPtVwrIeejAfBgNVHSMEGDAWgBQAX/nMicZqijpd
c0oNZcYf3IUYvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FGXzV6SW5HYW9vNlhYTktEV1hHSDl5RkdMNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvZDUzYzc4LTBkNWItNDIzNy05OTk5LTBlMmQ2OTdiMjdlMy8x
L2RpM1dmYzhvNFNCZVpIWnRqSHo3VmNLeUhuby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
ZDUzYzc4LTBkNWItNDIzNy05OTk5LTBlMmQ2OTdiMjdlMy8xL0FGXzV6SW5HYW9v
NlhYTktEV1hHSDl5RkdMNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1+BMAMEA4YAGAMEArkLiDANBAIA
AjAHAwUAKgMpADANBgkqhkiG9w0BAQsFAAOCAQEAjMBtPm/ljtJ4BEs8UM2aSdlZ
ShlT0sWAh1ggizx8CKe1XHm7NwvZwtj+GaAUyMxIfJIH2MJwSinWcYa5TTZ5ngxh
GLFapzB7vOdgrbEwp0gPdOXRcsb0M3CG2xxhvww63uXVAmZ40wTSex882NViRSJf
em18i7HQANqdJ7FL94SWuoVqjey4vWd33NCJ1KLXSyTJe0qTIJ9saOjv9v2D7p30
mFaBvo9NTHWsF/LAmkqdP7Hgdf7CWaSRW8QXC80w2dfrs8eYU+htp/WzP856KBmN
9ZVAZHKe3n3hdACBpdgtN1I0Fug/S3XRGnr3P1I+/nKXFigZtGQeK/dlvHCICg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:32 2023 by rpki-client on console-ams.rpki-client.org