Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/hRFK01ZUvw960Iy7HD_QxivQb9s.roa
File: hRFK01ZUvw960Iy7HD_QxivQb9s.roa (raw, json)
Hash identifier: AgHU/jfdkW5uI2iEleYg50y55CWe0nvyptCRD+ucS48=
Subject key identifier: 85:11:4A:D3:56:54:BF:0F:7A:D0:8C:BB:1C:3F:D0:C6:2B:D0:6F:DB
Certificate issuer: /CN=b55800300fa4017f970c95d767d812fd10d0dcbc
Certificate serial: 0184BDCE8C21E65A81BDBF1659834BC8DAAD
Authority key identifier: B5:58:00:30:0F:A4:01:7F:97:0C:95:D7:67:D8:12:FD:10:D0:DC:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/hRFK01ZUvw960Iy7HD_QxivQb9s.roa
Signing time: Mon 28 Nov 2022 10:35:40 +0000
ROA not before: Mon 28 Nov 2022 10:35:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203
IP address blocks: 195.93.197.0/24 maxlen: 24
195.93.196.0/24 maxlen: 24
95.130.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:ce:8c:21:e6:5a:81:bd:bf:16:59:83:4b:c8:da:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b55800300fa4017f970c95d767d812fd10d0dcbc
Validity
Not Before: Nov 28 10:35:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85114ad35654bf0f7ad08cbb1c3fd0c62bd06fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:2c:7a:bd:60:ec:4d:75:f0:7b:1b:2c:b2:d7:
69:6a:23:85:8a:15:72:4c:e3:d0:5c:3e:42:83:36:
84:41:66:71:79:96:9d:bb:95:82:ca:0f:0a:36:10:
5b:1b:25:b3:4d:1c:e8:73:66:c1:c9:43:02:d5:c3:
75:13:72:84:9a:37:0a:9f:0c:7b:5e:59:95:df:85:
a3:98:e5:2f:59:ad:89:64:88:8d:aa:1e:c0:4e:cc:
69:ea:1f:ee:a3:b5:09:70:05:33:39:ca:37:99:0f:
d6:82:3f:89:5c:1f:86:7e:af:29:35:50:26:9b:ca:
f7:45:97:56:ee:bf:e7:97:99:a0:05:e3:78:48:c9:
c7:81:21:bb:81:58:82:1c:76:51:bb:f5:65:7a:c8:
76:0b:1e:e1:23:fc:30:70:c5:6f:56:bf:fd:87:f5:
72:92:2e:ab:fd:c4:5f:a2:f5:46:d1:26:cb:37:ce:
34:da:df:d8:e0:76:77:02:e4:9e:aa:5c:60:f3:e6:
19:c1:41:71:84:31:91:93:91:35:5c:eb:8b:74:c8:
f3:83:01:36:03:31:2b:38:b4:3b:8f:45:2e:24:53:
1e:b7:48:c8:c3:12:68:f9:ad:4d:d8:97:cd:dc:8b:
14:ee:bb:3a:86:c1:db:a5:3e:75:c6:96:28:e8:b2:
11:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:11:4A:D3:56:54:BF:0F:7A:D0:8C:BB:1C:3F:D0:C6:2B:D0:6F:DB
X509v3 Authority Key Identifier:
keyid:B5:58:00:30:0F:A4:01:7F:97:0C:95:D7:67:D8:12:FD:10:D0:DC:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/hRFK01ZUvw960Iy7HD_QxivQb9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/8a8487-931a-42fb-b664-c52df4aa521d/1/tVgAMA-kAX-XDJXXZ9gS_RDQ3Lw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.110.0/24
195.93.196.0/23
Signature Algorithm: sha256WithRSAEncryption
85:44:01:d6:79:c3:a0:10:49:f8:15:55:3a:5e:ad:27:57:f2:
92:ac:0b:df:cd:39:4a:d6:95:74:9b:30:01:e1:36:97:73:f5:
95:cf:e7:38:ee:44:f4:e8:55:01:e2:14:ce:02:7d:80:f7:0b:
bd:27:f6:0e:39:71:88:7a:97:25:ee:38:c3:14:aa:bc:a4:90:
b0:c2:ca:53:c6:70:0b:4b:ca:a8:ba:f7:58:33:fd:6c:ad:8f:
3a:c5:69:aa:95:67:15:27:41:51:bf:6e:0a:30:77:10:95:22:
f9:1e:a2:a1:7a:1c:56:88:32:16:80:d0:20:f7:21:ae:2d:77:
3d:bf:8f:af:2a:e7:db:cd:95:81:c1:5c:30:1f:a0:c6:d0:b1:
1d:ba:53:7e:51:10:06:d0:87:c1:b1:52:06:b7:30:b9:a6:46:
1e:56:71:fc:97:d4:d6:0f:e3:dd:61:5b:41:f3:a2:e3:12:27:
50:04:d3:4f:54:fb:1a:90:ad:3b:9b:69:bd:47:a2:0a:a2:01:
9a:ac:ce:f6:f0:f9:d4:0e:8a:f2:62:db:0d:24:f0:6e:fa:e3:
5d:f8:6f:18:cf:aa:ea:24:3c:d2:83:1b:e7:46:2c:e1:7f:93:
e0:fe:75:50:57:e1:cf:40:09:27:5f:aa:2e:49:bf:2e:9b:fa:
d2:f2:9e:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYS9zowh5lqBvb8WWYNLyNqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTgwMDMwMGZhNDAxN2Y5NzBjOTVkNzY3ZDgxMmZkMTBk
MGRjYmMwHhcNMjIxMTI4MTAzNTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTExNGFkMzU2NTRiZjBmN2FkMDhjYmIxYzNmZDBjNjJiZDA2ZmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ix6vWDsTXXwexssstdpaiOFihVy
TOPQXD5CgzaEQWZxeZadu5WCyg8KNhBbGyWzTRzoc2bByUMC1cN1E3KEmjcKnwx7
XlmV34WjmOUvWa2JZIiNqh7ATsxp6h/uo7UJcAUzOco3mQ/Wgj+JXB+Gfq8pNVAm
m8r3RZdW7r/nl5mgBeN4SMnHgSG7gViCHHZRu/Vlesh2Cx7hI/wwcMVvVr/9h/Vy
ki6r/cRfovVG0SbLN8402t/Y4HZ3AuSeqlxg8+YZwUFxhDGRk5E1XOuLdMjzgwE2
AzErOLQ7j0UuJFMet0jIwxJo+a1N2JfN3IsU7rs6hsHbpT51xpYo6LIRnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIURStNWVL8PetCMuxw/0MYr0G/bMB8GA1UdIwQY
MBaAFLVYADAPpAF/lwyV12fYEv0Q0Ny8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZnQU1BLWtBWC1YREpYWFo5Z1NfUkRRM0x3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC84YTg0ODctOTMxYS00MmZiLWI2NjQt
YzUyZGY0YWE1MjFkLzEvaFJGSzAxWlV2dzk2MEl5N0hEX1F4aXZRYjlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC84YTg0ODctOTMxYS00MmZiLWI2NjQtYzUyZGY0YWE1MjFk
LzEvdFZnQU1BLWtBWC1YREpYWFo5Z1NfUkRRM0x3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX4JuAwQB
w13EMA0GCSqGSIb3DQEBCwUAA4IBAQCFRAHWecOgEEn4FVU6Xq0nV/KSrAvfzTlK
1pV0mzAB4TaXc/WVz+c47kT06FUB4hTOAn2A9wu9J/YOOXGIepcl7jjDFKq8pJCw
wspTxnALS8qouvdYM/1srY86xWmqlWcVJ0FRv24KMHcQlSL5HqKhehxWiDIWgNAg
9yGuLXc9v4+vKufbzZWBwVwwH6DG0LEdulN+URAG0IfBsVIGtzC5pkYeVnH8l9TW
D+PdYVtB86LjEidQBNNPVPsakK07m2m9R6IKogGarM728PnUDoryYtsNJPBu+uNd
+G8Yz6rqJDzSgxvnRizhf5Pg/nVQV+HPQAknX6ouSb8um/rS8p7x
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:48 2023 by rpki-client on console.sobornost.net