Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/U_yRdDyRFmLPH5DaIo2t4j8alxA.roa
File: U_yRdDyRFmLPH5DaIo2t4j8alxA.roa (raw, json)
Hash identifier: F+7dOOxzkaZ9+DV1R8c6jdN/wXlSYO5PQ5dn9MoxxgQ=
Subject key identifier: 53:FC:91:74:3C:91:16:62:CF:1F:90:DA:22:8D:AD:E2:3F:1A:97:10
Certificate issuer: /CN=7a350d024af01f8eaf125717caa03aafad184e1d
Certificate serial: 147399F7
Authority key identifier: 7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/U_yRdDyRFmLPH5DaIo2t4j8alxA.roa
Signing time: Sat 01 Jan 2022 15:57:23 +0000
ROA not before: Sat 01 Jan 2022 15:57:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48191
IP address blocks: 94.230.72.0/22 maxlen: 22
94.198.72.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 343120375 (0x147399f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a350d024af01f8eaf125717caa03aafad184e1d
Validity
Not Before: Jan 1 15:57:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53fc91743c911662cf1f90da228dade23f1a9710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ed:17:2e:13:06:fd:b1:6c:68:ff:72:47:35:
cb:3f:22:ab:3d:96:56:c8:34:3f:f4:6e:da:7a:d4:
24:09:e3:01:87:17:9d:70:14:f0:59:2b:2c:b8:96:
aa:be:64:42:7b:a1:98:45:e2:4e:a9:94:3b:fd:03:
4f:76:3f:b4:4d:25:4a:c8:a4:95:47:4e:5b:fd:1f:
78:83:e4:a0:ad:b6:00:4f:92:6c:7d:44:b1:02:0f:
db:25:19:12:ec:97:90:9d:90:75:a8:95:0b:7f:bf:
0b:9b:10:e2:20:8f:b5:86:a9:60:e8:ca:0f:58:ec:
1d:3a:1b:bc:f6:ff:53:79:44:90:a6:72:24:61:c1:
c7:05:ed:c0:2b:a5:c8:be:85:f1:ce:29:24:29:75:
ef:65:12:6f:43:01:ec:1a:67:13:c9:68:51:e9:c8:
85:03:c2:17:5e:47:5f:e8:75:9e:66:54:f1:50:09:
8f:5b:78:ba:50:a5:4a:ef:51:1b:b7:b6:68:a5:79:
d5:0b:23:0f:fe:76:c3:f0:58:d7:d9:9f:43:0d:73:
33:9e:76:d5:12:42:80:dc:cf:b6:fd:dd:08:82:84:
cc:c0:b8:ae:04:89:59:1c:a2:8c:8c:32:d0:8f:ae:
81:d5:df:e9:18:75:a2:70:1c:7e:51:be:e3:7f:9c:
4d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:FC:91:74:3C:91:16:62:CF:1F:90:DA:22:8D:AD:E2:3F:1A:97:10
X509v3 Authority Key Identifier:
keyid:7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/U_yRdDyRFmLPH5DaIo2t4j8alxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.72.0/21
94.230.72.0/22
Signature Algorithm: sha256WithRSAEncryption
35:46:cb:67:78:f6:55:4b:b3:76:60:59:08:72:c4:86:9d:6f:
8c:a6:6f:b3:fd:46:31:33:2b:d7:97:bb:f6:da:a8:f2:94:36:
ac:c4:03:f7:59:24:14:75:1e:66:cc:bc:41:5d:78:1f:8e:15:
c8:f0:36:82:7a:fe:99:c9:e2:31:35:d7:4c:31:f5:d1:16:dd:
e0:1d:60:3b:d2:97:cf:01:47:56:e7:01:4d:f1:53:fd:c1:66:
4c:e0:fb:c8:4d:36:c1:c5:1a:bb:06:1c:7b:36:bb:cf:5e:52:
7d:ea:2d:df:2d:b5:84:42:d6:42:a4:2b:96:d5:b5:dc:1c:03:
c2:d6:49:3f:13:90:7f:dc:3f:40:f6:33:2b:74:f1:0f:b5:90:
b9:ed:08:fa:20:cd:59:df:fc:1f:b9:37:29:50:b5:6e:f4:e0:
09:4e:ca:2b:25:64:c6:e5:ae:3d:13:2d:b6:d0:a7:44:da:71:
08:e3:ef:4c:80:b8:7a:e4:43:37:9c:26:ba:89:16:6e:24:a5:
c1:ee:1a:3f:bb:e7:dc:5c:bb:45:91:57:16:a2:b8:bf:11:24:
eb:1b:51:1f:fd:c1:51:41:ca:b7:6f:60:b2:6c:85:25:6d:d9:
7a:04:c1:01:0e:56:a7:f9:87:3e:96:7d:da:4d:16:dc:40:62:
24:92:b0:a9
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFHOZ9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YTM1MGQwMjRhZjAxZjhlYWYxMjU3MTdjYWEwM2FhZmFkMTg0ZTFkMB4XDTIyMDEw
MTE1NTcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNmYzkxNzQzYzkx
MTY2MmNmMWY5MGRhMjI4ZGFkZTIzZjFhOTcxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPtFy4TBv2xbGj/ckc1yz8iqz2WVsg0P/Ru2nrUJAnjAYcX
nXAU8FkrLLiWqr5kQnuhmEXiTqmUO/0DT3Y/tE0lSsiklUdOW/0feIPkoK22AE+S
bH1EsQIP2yUZEuyXkJ2QdaiVC3+/C5sQ4iCPtYapYOjKD1jsHTobvPb/U3lEkKZy
JGHBxwXtwCulyL6F8c4pJCl172USb0MB7BpnE8loUenIhQPCF15HX+h1nmZU8VAJ
j1t4ulClSu9RG7e2aKV51QsjD/52w/BY19mfQw1zM5521RJCgNzPtv3dCIKEzMC4
rgSJWRyijIwy0I+ugdXf6Rh1onAcflG+43+cTYECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRT/JF0PJEWYs8fkNoija3iPxqXEDAfBgNVHSMEGDAWgBR6NQ0CSvAfjq8S
VxfKoDqvrRhOHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VqVU5Ba3J3SDQ2dkVsY1h5cUE2cjYwWVRoMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvNzk2NmFlLTljODgtNDNlOS1iODk5LWQwMDNlNTZmZTc1My8x
L1VfeVJkRHlSRm1MUEg1RGFJbzJ0NGo4YWx4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
Nzk2NmFlLTljODgtNDNlOS1iODk5LWQwMDNlNTZmZTc1My8xL2VqVU5Ba3J3SDQ2
dkVsY1h5cUE2cjYwWVRoMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA17GSAMEAl7mSDANBgkqhkiG9w0B
AQsFAAOCAQEANUbLZ3j2VUuzdmBZCHLEhp1vjKZvs/1GMTMr15e79tqo8pQ2rMQD
91kkFHUeZsy8QV14H44VyPA2gnr+mcniMTXXTDH10Rbd4B1gO9KXzwFHVucBTfFT
/cFmTOD7yE02wcUauwYceza7z15Sfeot3y21hELWQqQrltW13BwDwtZJPxOQf9w/
QPYzK3TxD7WQue0I+iDNWd/8H7k3KVC1bvTgCU7KKyVkxuWuPRMtttCnRNpxCOPv
TIC4euRDN5wmuokWbiSlwe4aP7vn3Fy7RZFXFqK4vxEk6xtRH/3BUUHKt29gsmyF
JW3ZegTBAQ5Wp/mHPpZ92k0W3EBiJJKwqQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:07 2025 by rpki-client