Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/gDE9_Xm2qLd3rm6yt_xLMvY696g.roa
File: gDE9_Xm2qLd3rm6yt_xLMvY696g.roa (raw, json)
Hash identifier: uMTMHNU1OxjC8mIb537YS2ttDw7qWhmGhdKUIBa+QtM=
Subject key identifier: 80:31:3D:FD:79:B6:A8:B7:77:AE:6E:B2:B7:FC:4B:32:F6:3A:F7:A8
Certificate issuer: /CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Certificate serial: 01856BC119B01155D3B9DBE9640067FCC337
Authority key identifier: DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/gDE9_Xm2qLd3rm6yt_xLMvY696g.roa
Signing time: Sun 01 Jan 2023 05:14:55 +0000
ROA not before: Sun 01 Jan 2023 05:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35444
IP address blocks: 94.154.155.0/24 maxlen: 24
94.154.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c1:19:b0:11:55:d3:b9:db:e9:64:00:67:fc:c3:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Validity
Not Before: Jan 1 05:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80313dfd79b6a8b777ae6eb2b7fc4b32f63af7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e9:c5:1e:0f:d0:82:ab:90:b9:57:43:f9:7f:
df:c0:46:99:05:b2:42:ed:2d:62:36:3f:f8:57:27:
8b:88:0d:eb:4e:ff:02:8d:91:81:31:74:c0:c2:ae:
ef:e8:3f:1d:55:bf:5c:60:cc:63:37:fa:ac:93:68:
ba:2f:ae:c8:cf:54:02:5e:cc:af:84:df:23:13:d5:
62:e4:63:cc:3d:97:45:12:5a:4d:05:2d:fa:6c:a4:
23:7b:14:43:fd:01:fa:bf:f6:67:35:4d:bf:1e:18:
e2:0c:b2:62:82:b2:bc:46:7c:76:f6:ca:95:26:bb:
2c:6e:70:8e:30:97:8e:e0:ad:5f:cf:83:61:52:65:
7f:e3:f5:a5:36:6d:12:57:b4:de:58:a3:d8:b5:88:
44:02:e6:82:b9:07:df:ce:a7:33:3b:a0:23:f6:8d:
53:c6:31:97:a5:c8:fc:43:ba:be:eb:c6:e7:d7:e6:
10:cd:56:b4:71:25:35:9f:6c:b0:81:bb:c8:2b:12:
81:4b:e2:b1:1b:a9:3c:01:21:28:11:87:c6:5d:d3:
5b:86:eb:bb:68:15:ed:fb:59:ff:1f:53:1c:a8:0a:
f9:d8:7c:ef:b6:0d:e6:c0:9c:74:df:9f:02:72:5f:
dc:cb:3e:b2:2f:be:e4:f8:eb:57:80:f7:11:01:2e:
c1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:31:3D:FD:79:B6:A8:B7:77:AE:6E:B2:B7:FC:4B:32:F6:3A:F7:A8
X509v3 Authority Key Identifier:
keyid:DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/gDE9_Xm2qLd3rm6yt_xLMvY696g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.154.0/23
Signature Algorithm: sha256WithRSAEncryption
7c:79:8f:8d:3a:f3:ec:2a:04:85:b0:fb:bc:eb:61:88:a3:54:
55:92:1b:8b:99:9c:9b:88:64:89:f8:72:59:41:a6:a3:25:65:
02:88:b4:9f:81:1a:1c:19:54:b2:42:57:24:ac:f0:60:53:60:
da:38:6a:28:f4:12:d6:2b:f7:0b:f9:9d:7a:6b:20:10:ab:9d:
0f:a6:c3:01:e6:83:e5:68:4a:19:31:d6:ea:04:3f:25:a1:0d:
22:7b:c6:1c:9b:f1:44:cb:85:69:f4:97:52:8f:c0:78:c9:8e:
dd:93:b1:c3:ec:a5:b4:12:dc:cd:7f:41:24:dd:84:c3:4a:f4:
d1:91:8d:43:f4:52:f3:39:7b:2b:d3:03:87:d4:4f:cb:ae:fd:
24:ca:dc:b7:8a:b2:25:6f:d0:2d:0a:e9:82:25:91:0f:b6:87:
49:63:44:a6:5f:11:ed:67:78:fb:40:21:65:53:01:36:74:02:
92:9f:67:be:77:ed:95:78:1b:aa:7e:01:fd:d5:2c:e0:0c:23:
b7:dd:5e:55:a6:3f:d6:f5:f7:99:9b:2f:e0:37:b2:06:b0:8a:
71:36:5d:6d:d0:b6:61:da:31:df:c9:84:a1:47:9e:28:d0:83:
bf:a7:cb:02:18:69:07:6e:ed:0f:ff:20:af:0b:9a:49:93:4e:
e5:37:96:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwRmwEVXTudvpZABn/MM3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMTRlN2E2YmU5N2NlYzZmNWJjMWE2NzhhNzZlYTZkMTYx
OWMzMDYwHhcNMjMwMTAxMDUxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDMxM2RmZDc5YjZhOGI3NzdhZTZlYjJiN2ZjNGIzMmY2M2FmN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+nFHg/QgquQuVdD+X/fwEaZBbJC
7S1iNj/4VyeLiA3rTv8CjZGBMXTAwq7v6D8dVb9cYMxjN/qsk2i6L67Iz1QCXsyv
hN8jE9Vi5GPMPZdFElpNBS36bKQjexRD/QH6v/ZnNU2/HhjiDLJigrK8Rnx29sqV
JrssbnCOMJeO4K1fz4NhUmV/4/WlNm0SV7TeWKPYtYhEAuaCuQffzqczO6Aj9o1T
xjGXpcj8Q7q+68bn1+YQzVa0cSU1n2ywgbvIKxKBS+KxG6k8ASEoEYfGXdNbhuu7
aBXt+1n/H1McqAr52Hzvtg3mwJx0358Ccl/cyz6yL77k+OtXgPcRAS7BSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIAxPf15tqi3d65usrf8SzL2OveoMB8GA1UdIwQY
MBaAFNsU56a+l87G9bwaZ4p26m0WGcMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAt
MTFmOTFkMDczOWM5LzEvZ0RFOV9YbTJxTGQzcm02eXRfeExNdlk2OTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAtMTFmOTFkMDczOWM5
LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXpqaMA0G
CSqGSIb3DQEBCwUAA4IBAQB8eY+NOvPsKgSFsPu862GIo1RVkhuLmZybiGSJ+HJZ
QaajJWUCiLSfgRocGVSyQlckrPBgU2DaOGoo9BLWK/cL+Z16ayAQq50PpsMB5oPl
aEoZMdbqBD8loQ0ie8Ycm/FEy4Vp9JdSj8B4yY7dk7HD7KW0EtzNf0Ek3YTDSvTR
kY1D9FLzOXsr0wOH1E/Lrv0kyty3irIlb9AtCumCJZEPtodJY0SmXxHtZ3j7QCFl
UwE2dAKSn2e+d+2VeBuqfgH91SzgDCO33V5Vpj/W9feZmy/gN7IGsIpxNl1t0LZh
2jHfyYShR54o0IO/p8sCGGkHbu0P/yCvC5pJk07lN5aw
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:33 2025 by rpki-client