Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/UDW7dYoyNEHUT6NVTciHCktDATU.roa
File: UDW7dYoyNEHUT6NVTciHCktDATU.roa (raw, json)
Hash identifier: zyExvQWCP/VLPWfPs2mA3fdlIpbGjSwRW7fIuFUPxoc=
Subject key identifier: 50:35:BB:75:8A:32:34:41:D4:4F:A3:55:4D:C8:87:0A:4B:43:01:35
Certificate issuer: /CN=36b413e536d99353f0b050ee746ffdd24edb5930
Certificate serial: 35DFBDB2
Authority key identifier: 36:B4:13:E5:36:D9:93:53:F0:B0:50:EE:74:6F:FD:D2:4E:DB:59:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/UDW7dYoyNEHUT6NVTciHCktDATU.roa
Signing time: Sat 01 Jan 2022 03:54:40 +0000
ROA not before: Sat 01 Jan 2022 03:54:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 94.125.226.0/24 maxlen: 24
94.125.224.0/24 maxlen: 24
94.125.225.0/24 maxlen: 24
94.125.227.0/24 maxlen: 24
94.125.228.0/24 maxlen: 24
94.125.229.0/24 maxlen: 24
94.125.230.0/24 maxlen: 24
94.125.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 903855538 (0x35dfbdb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b413e536d99353f0b050ee746ffdd24edb5930
Validity
Not Before: Jan 1 03:54:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5035bb758a323441d44fa3554dc8870a4b430135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:93:1a:1c:d5:fe:43:72:bf:f6:d9:b7:58:81:
60:58:8f:fc:af:2f:b2:9f:a2:46:ad:5b:94:61:f2:
53:31:dc:92:04:35:a1:0e:03:d9:42:46:c5:10:da:
16:bd:84:16:4a:e9:58:06:b4:9a:73:49:e8:5a:3c:
54:13:c7:7b:a8:78:1c:d8:f1:6d:da:2a:96:22:15:
04:93:bf:1f:ff:a9:4f:9b:33:a1:6a:b3:66:36:1a:
26:f6:b0:be:c0:08:1c:82:48:4d:64:13:4e:57:a2:
5b:f6:03:b0:41:a4:9e:c1:c3:e3:ff:95:77:8c:56:
c2:da:11:8e:49:79:74:a2:31:41:21:65:43:56:15:
e6:b0:dc:1a:6f:56:70:6e:e6:51:22:8c:01:70:ec:
56:77:74:6c:3a:aa:b2:55:2d:ea:ee:51:c5:47:34:
d4:76:26:98:84:cd:d2:e7:eb:52:d0:8d:9c:78:2f:
7b:f7:56:25:a5:dc:7e:16:7e:de:36:6f:57:f9:27:
a5:d9:f6:59:33:8f:7e:ac:82:81:11:39:c5:13:d4:
53:38:66:42:cd:59:d1:2b:cb:50:4d:d6:f8:4f:f7:
d7:d4:96:c9:a7:53:4b:fb:7c:50:26:c9:65:1e:8b:
ff:f4:d7:4a:de:6d:b4:67:a2:af:f4:47:ce:13:8c:
19:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:35:BB:75:8A:32:34:41:D4:4F:A3:55:4D:C8:87:0A:4B:43:01:35
X509v3 Authority Key Identifier:
keyid:36:B4:13:E5:36:D9:93:53:F0:B0:50:EE:74:6F:FD:D2:4E:DB:59:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrQT5TbZk1PwsFDudG_90k7bWTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/UDW7dYoyNEHUT6NVTciHCktDATU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/e66296-0479-4c52-9cea-a1f573d069da/1/NrQT5TbZk1PwsFDudG_90k7bWTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.224.0/21
Signature Algorithm: sha256WithRSAEncryption
59:3b:83:72:6a:ea:80:25:36:38:74:f2:b0:0a:f1:a2:ef:26:
3c:61:30:d5:7b:00:f7:95:70:b8:71:af:ab:40:4c:9a:02:3d:
da:1d:a1:58:58:f4:ca:2e:8d:c7:2d:7b:f1:dd:a8:90:cf:c4:
94:66:b9:e8:de:5b:bc:16:55:2c:d9:1f:8d:ea:da:7d:ca:26:
8a:e4:0f:8a:d2:d2:53:c6:19:ee:75:b1:51:7d:3d:a9:f3:f7:
c0:82:e0:e3:71:14:57:54:12:0a:db:23:c4:a8:a7:db:30:96:
e5:b5:ea:95:8c:73:15:6f:92:9e:d8:c8:6a:40:ca:be:d6:25:
af:42:d1:15:43:74:d3:40:e0:d0:b9:48:2c:aa:c3:77:dd:d5:
d8:9b:8e:bf:0f:19:7a:05:d4:cb:a0:d1:24:a4:3c:e6:5c:1b:
3a:25:95:47:20:8f:29:b4:d2:51:d1:13:55:d6:c7:fc:54:86:
81:52:07:3d:99:f6:c3:68:f1:45:4b:19:8e:e2:1a:20:a1:82:
09:d6:14:0c:35:55:97:ed:04:22:91:89:ba:23:d6:e1:39:45:
e2:76:28:cc:0d:57:17:5d:d2:0f:04:b6:94:15:21:17:7c:db:
7f:26:c7:56:45:0e:63:f9:7e:6c:ae:46:e5:00:55:e3:ce:0e:
f7:0e:9e:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENd+9sjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmI0MTNlNTM2ZDk5MzUzZjBiMDUwZWU3NDZmZmRkMjRlZGI1OTMwMB4XDTIyMDEw
MTAzNTQ0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTAzNWJiNzU4YTMy
MzQ0MWQ0NGZhMzU1NGRjODg3MGE0YjQzMDEzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSTGhzV/kNyv/bZt1iBYFiP/K8vsp+iRq1blGHyUzHckgQ1
oQ4D2UJGxRDaFr2EFkrpWAa0mnNJ6Fo8VBPHe6h4HNjxbdoqliIVBJO/H/+pT5sz
oWqzZjYaJvawvsAIHIJITWQTTleiW/YDsEGknsHD4/+Vd4xWwtoRjkl5dKIxQSFl
Q1YV5rDcGm9WcG7mUSKMAXDsVnd0bDqqslUt6u5RxUc01HYmmITN0ufrUtCNnHgv
e/dWJaXcfhZ+3jZvV/knpdn2WTOPfqyCgRE5xRPUUzhmQs1Z0SvLUE3W+E/319SW
yadTS/t8UCbJZR6L//TXSt5ttGeir/RHzhOMGdUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRQNbt1ijI0QdRPo1VNyIcKS0MBNTAfBgNVHSMEGDAWgBQ2tBPlNtmTU/Cw
UO50b/3STttZMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05yUVQ1VGJaazFQd3NGRHVkR185MGs3YldUQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvZTY2Mjk2LTA0NzktNGM1Mi05Y2VhLWExZjU3M2QwNjlkYS8x
L1VEVzdkWW95TkVIVVQ2TlZUY2lIQ2t0REFUVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
ZTY2Mjk2LTA0NzktNGM1Mi05Y2VhLWExZjU3M2QwNjlkYS8xL05yUVQ1VGJaazFQ
d3NGRHVkR185MGs3YldUQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1594DANBgkqhkiG9w0BAQsFAAOC
AQEAWTuDcmrqgCU2OHTysArxou8mPGEw1XsA95VwuHGvq0BMmgI92h2hWFj0yi6N
xy178d2okM/ElGa56N5bvBZVLNkfjerafcomiuQPitLSU8YZ7nWxUX09qfP3wILg
43EUV1QSCtsjxKin2zCW5bXqlYxzFW+SntjIakDKvtYlr0LRFUN000Dg0LlILKrD
d93V2JuOvw8ZegXUy6DRJKQ85lwbOiWVRyCPKbTSUdETVdbH/FSGgVIHPZn2w2jx
RUsZjuIaIKGCCdYUDDVVl+0EIpGJuiPW4TlF4nYozA1XF13SDwS2lBUhF3zbfybH
VkUOY/l+bK5G5QBV484O9w6etg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:05 2025 by rpki-client