Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/cf1484-f961-4037-bdbf-66a715ad3783/1/1-duwh7K1X_UxUEtbPxhT0xRHtzM.roa
File: 1-duwh7K1X_UxUEtbPxhT0xRHtzM.roa (raw, json)
Hash identifier: IjJVjXL8K2ASAm3km7e1zFDGy42JikHwOlXogTYn8WM=
Subject key identifier: F9:DB:B0:87:B2:B5:5F:F5:31:50:4B:5B:3F:18:53:D3:14:47:B7:33
Certificate issuer: /CN=107e96f9449defc470bcc5a91f9217c6281ac1b2
Certificate serial: 01856F54A1BF700343F8CF40A96F9A39AE91
Authority key identifier: 10:7E:96:F9:44:9D:EF:C4:70:BC:C5:A9:1F:92:17:C6:28:1A:C1:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EH6W-USd78RwvMWpH5IXxigawbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/cf1484-f961-4037-bdbf-66a715ad3783/1/1-duwh7K1X_UxUEtbPxhT0xRHtzM.roa
Signing time: Sun 01 Jan 2023 21:54:55 +0000
ROA not before: Sun 01 Jan 2023 21:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35709
IP address blocks: 95.214.16.0/24 maxlen: 24
95.214.17.0/24 maxlen: 24
95.214.19.0/24 maxlen: 24
95.214.18.0/24 maxlen: 24
2a09:d380::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a1:bf:70:03:43:f8:cf:40:a9:6f:9a:39:ae:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=107e96f9449defc470bcc5a91f9217c6281ac1b2
Validity
Not Before: Jan 1 21:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9dbb087b2b55ff531504b5b3f1853d31447b733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:04:73:5d:93:fc:1f:2e:db:d8:01:3f:e8:6d:
51:90:a7:65:da:3d:f5:0c:c9:1f:fb:99:03:a0:25:
5d:dd:4e:5f:44:7a:b2:97:d2:16:cc:b6:38:d0:0c:
1f:0f:26:52:87:f0:46:ed:53:c2:1d:48:de:57:6f:
ca:e2:66:63:97:8b:a9:ba:a3:a7:9f:9c:5a:5a:3b:
fd:5b:9d:42:d7:57:f9:51:4e:fb:f2:bb:ee:ca:65:
05:f5:63:00:87:6b:6e:94:b4:ee:df:d6:0d:ec:b3:
c2:0c:15:34:22:0b:68:f9:7d:22:dc:e0:d7:f9:36:
a7:5f:3b:14:38:c4:ca:6f:de:7c:fb:ad:1c:49:8b:
96:b1:7a:00:8b:d4:9e:1a:e1:10:45:8c:00:de:49:
e4:d0:5d:6b:3b:85:c5:40:9a:d6:39:b9:e3:ae:ca:
2d:91:3f:8c:fe:cc:01:c0:32:49:80:56:8d:38:2f:
ec:df:53:a9:3a:05:38:69:b1:7d:33:d9:dc:8d:5b:
8f:8b:1b:9b:f1:bd:28:24:8a:62:ce:fb:cf:82:64:
f6:7c:d8:66:9f:31:47:43:ba:a8:87:50:78:47:e5:
47:47:7c:e6:95:54:2d:1d:82:04:05:14:da:07:aa:
5e:83:41:bf:61:60:a2:d2:03:6c:02:80:32:8f:fa:
4f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:DB:B0:87:B2:B5:5F:F5:31:50:4B:5B:3F:18:53:D3:14:47:B7:33
X509v3 Authority Key Identifier:
keyid:10:7E:96:F9:44:9D:EF:C4:70:BC:C5:A9:1F:92:17:C6:28:1A:C1:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EH6W-USd78RwvMWpH5IXxigawbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/cf1484-f961-4037-bdbf-66a715ad3783/1/1-duwh7K1X_UxUEtbPxhT0xRHtzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/cf1484-f961-4037-bdbf-66a715ad3783/1/EH6W-USd78RwvMWpH5IXxigawbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.16.0/22
IPv6:
2a09:d380::/30
Signature Algorithm: sha256WithRSAEncryption
8a:79:a5:94:f2:6b:02:7b:ac:da:18:e4:d2:8a:7b:25:63:7c:
75:22:a1:e0:e7:d2:cb:20:8f:5c:7a:12:a3:da:35:f1:1b:90:
f6:3e:bf:09:f2:3e:86:94:18:85:ab:28:dc:28:86:4f:c7:83:
a0:2f:7f:89:64:38:62:3a:88:c6:23:90:de:72:91:cf:2f:02:
44:79:74:61:b2:ff:b3:97:fc:89:20:19:31:6c:55:a9:70:b3:
87:e9:3e:a4:70:47:44:f7:c1:99:7e:6d:2f:d5:4e:62:25:a6:
44:9f:7f:2d:3c:0b:da:08:b6:f2:14:9c:2b:9d:08:82:29:f6:
bd:a0:6f:95:2a:37:a9:e6:b2:49:59:ae:31:60:ba:ac:13:b2:
70:b9:fd:f1:b8:ac:e3:5e:4a:29:b9:ba:14:6d:90:32:ee:99:
11:12:2b:f6:74:3c:dc:62:11:da:20:a3:f5:74:4c:a8:c5:f5:
65:13:c7:aa:6c:cd:f0:2c:d2:ca:fe:07:f9:1c:77:63:2d:e2:
aa:ff:ef:33:7b:5d:0f:64:5f:c7:3a:ac:b1:30:74:02:d1:3c:
80:05:f1:cf:ac:bd:f4:e7:4f:ec:bf:43:1e:f0:17:46:c5:e6:
3a:9a:75:dd:d9:c7:42:30:5f:59:ba:8d:a0:fa:f8:4a:2f:d5:
ef:99:9c:c0
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYVvVKG/cAND+M9AqW+aOa6RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwN2U5NmY5NDQ5ZGVmYzQ3MGJjYzVhOTFmOTIxN2M2Mjgx
YWMxYjIwHhcNMjMwMTAxMjE1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWRiYjA4N2IyYjU1ZmY1MzE1MDRiNWIzZjE4NTNkMzE0NDdiNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQRzXZP8Hy7b2AE/6G1RkKdl2j31
DMkf+5kDoCVd3U5fRHqyl9IWzLY40AwfDyZSh/BG7VPCHUjeV2/K4mZjl4upuqOn
n5xaWjv9W51C11f5UU778rvuymUF9WMAh2tulLTu39YN7LPCDBU0Igto+X0i3ODX
+TanXzsUOMTKb958+60cSYuWsXoAi9SeGuEQRYwA3knk0F1rO4XFQJrWObnjrsot
kT+M/swBwDJJgFaNOC/s31OpOgU4abF9M9ncjVuPixub8b0oJIpizvvPgmT2fNhm
nzFHQ7qoh1B4R+VHR3zmlVQtHYIEBRTaB6peg0G/YWCi0gNsAoAyj/pPgwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFPnbsIeytV/1MVBLWz8YU9MUR7czMB8GA1UdIwQY
MBaAFBB+lvlEne/EcLzFqR+SF8YoGsGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUg2Vy1VU2Q3OFJ3dk1XcEg1SVh4aWdhd2JJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jZjE0ODQtZjk2MS00MDM3LWJkYmYt
NjZhNzE1YWQzNzgzLzEvMS1kdXdoN0sxWF9VeFVFdGJQeGhUMHhSSHR6TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZmMvY2YxNDg0LWY5NjEtNDAzNy1iZGJmLTY2YTcxNWFkMzc4
My8xL0VINlctVVNkNzhSd3ZNV3BINUlYeGlnYXdiSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAl/WEDAN
BAIAAjAHAwUCKgnTgDANBgkqhkiG9w0BAQsFAAOCAQEAinmllPJrAnus2hjk0op7
JWN8dSKh4OfSyyCPXHoSo9o18RuQ9j6/CfI+hpQYhaso3CiGT8eDoC9/iWQ4YjqI
xiOQ3nKRzy8CRHl0YbL/s5f8iSAZMWxVqXCzh+k+pHBHRPfBmX5tL9VOYiWmRJ9/
LTwL2gi28hScK50Igin2vaBvlSo3qeaySVmuMWC6rBOycLn98bis415KKbm6FG2Q
Mu6ZERIr9nQ83GIR2iCj9XRMqMX1ZRPHqmzN8CzSyv4H+Rx3Yy3iqv/vM3tdD2Rf
xzqssTB0AtE8gAXxz6y99OdP7L9DHvAXRsXmOpp13dnHQjBfWbqNoPr4Si/V75mc
wA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:40 2025 by rpki-client