Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/2WCQTDgUjKGyQdBR1uDzAilsGt8.roa
File: 2WCQTDgUjKGyQdBR1uDzAilsGt8.roa (raw, json)
Hash identifier: JRdNUiXxb3fnN8HDyFGoXMRrSd/tYgne1td79kUjED0=
Subject key identifier: D9:60:90:4C:38:14:8C:A1:B2:41:D0:51:D6:E0:F3:02:29:6C:1A:DF
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0183CCE6BADCA1668A87FF4B9FC1DC05892C
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/2WCQTDgUjKGyQdBR1uDzAilsGt8.roa
Signing time: Wed 12 Oct 2022 15:53:36 +0000
ROA not before: Wed 12 Oct 2022 15:53:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 394814
IP address blocks: 95.164.112.0/20 maxlen: 24
95.164.144.0/20 maxlen: 24
94.131.80.0/20 maxlen: 24
95.164.176.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cc:e6:ba:dc:a1:66:8a:87:ff:4b:9f:c1:dc:05:89:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Oct 12 15:53:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d960904c38148ca1b241d051d6e0f302296c1adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a1:7e:53:db:95:fd:db:ce:b9:0f:2f:50:71:
ee:aa:b1:03:d5:47:58:62:b8:58:f3:04:1b:97:9d:
66:09:9d:70:92:1c:0b:e9:35:df:b3:f9:55:d4:ab:
f5:e8:5b:26:44:1e:f9:ad:ba:7a:2f:58:6a:16:25:
5f:0d:bf:26:cf:e2:3f:2e:1e:30:c4:e3:02:bc:25:
87:e5:5a:bf:c7:1d:06:07:cf:26:28:ad:e3:1c:3a:
2c:70:bc:6a:d0:6a:d5:76:06:6f:94:47:0b:df:4c:
5e:7c:25:e1:bf:22:a7:0f:d8:9b:4e:bf:79:d2:21:
32:02:b4:c1:31:19:10:29:13:2b:64:78:86:5c:4f:
1f:9e:56:e9:90:06:53:37:75:3d:75:71:c1:a5:69:
cd:3e:f2:1e:dc:7d:75:e6:1a:99:4f:38:79:ad:1f:
b3:c0:c7:fe:9c:4e:c6:05:4a:64:c4:ea:81:02:bd:
a1:38:15:ce:86:2d:17:19:b7:d1:a2:e0:74:b0:62:
81:8c:18:cc:b3:75:91:c4:ec:b3:f9:46:3e:44:08:
e1:4b:58:b8:d7:46:14:1b:0a:fe:0d:2c:32:0f:b8:
85:ae:2d:aa:85:b1:ed:d0:a6:0b:c8:c5:e2:c4:fd:
b2:e3:c7:e4:0f:dd:af:35:2b:14:2a:0d:8b:df:ac:
7e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:60:90:4C:38:14:8C:A1:B2:41:D0:51:D6:E0:F3:02:29:6C:1A:DF
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/2WCQTDgUjKGyQdBR1uDzAilsGt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
95.164.112.0/20
95.164.144.0/20
95.164.176.0/20
Signature Algorithm: sha256WithRSAEncryption
64:fb:ad:32:f2:dc:33:d0:d5:90:b9:1e:c5:0a:2f:a3:90:4a:
8f:41:6e:38:2d:db:2f:01:40:92:3f:93:5c:a8:82:77:57:37:
1b:d7:fa:f9:c7:2d:98:f1:b2:82:dc:1b:6c:95:ff:0d:97:0c:
11:bd:48:f9:bc:a5:8c:b2:28:ee:ae:64:b5:cd:5b:16:b0:e1:
ad:ab:47:88:34:2d:5b:c2:e3:6a:4a:2f:b2:1b:b7:bd:84:88:
4f:99:02:d5:1c:6b:3d:86:f6:42:42:1e:10:f7:48:41:9f:f6:
a6:bb:74:c4:19:c4:b3:0c:7a:30:39:e6:18:99:31:a1:4d:89:
fa:a8:e2:4f:97:59:8c:85:d9:ff:bd:1d:e2:7e:b9:02:f1:2f:
e0:b1:94:e1:dc:a0:d6:9c:25:80:b5:26:0e:95:55:ff:c2:a8:
a5:2f:6b:3f:0b:7f:7b:e2:b4:4e:3d:b3:2f:4c:90:90:4e:da:
01:d4:cd:ab:96:c2:68:5c:c8:ea:ff:c4:cc:1b:dd:58:b2:63:
37:ca:a3:b7:bc:f3:24:dd:8d:74:32:76:73:50:99:02:66:d3:
08:0c:a2:9a:95:4d:6d:2b:5f:f5:54:a8:39:43:06:a9:d1:e5:
b8:e2:70:f1:7f:40:0b:0d:bf:47:77:36:51:ff:8f:a8:27:f1:
70:c1:c1:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPM5rrcoWaKh/9Ln8HcBYksMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIxMDEyMTU1MzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTYwOTA0YzM4MTQ4Y2ExYjI0MWQwNTFkNmUwZjMwMjI5NmMxYWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaF+U9uV/dvOuQ8vUHHuqrED1UdY
YrhY8wQbl51mCZ1wkhwL6TXfs/lV1Kv16FsmRB75rbp6L1hqFiVfDb8mz+I/Lh4w
xOMCvCWH5Vq/xx0GB88mKK3jHDoscLxq0GrVdgZvlEcL30xefCXhvyKnD9ibTr95
0iEyArTBMRkQKRMrZHiGXE8fnlbpkAZTN3U9dXHBpWnNPvIe3H115hqZTzh5rR+z
wMf+nE7GBUpkxOqBAr2hOBXOhi0XGbfRouB0sGKBjBjMs3WRxOyz+UY+RAjhS1i4
10YUGwr+DSwyD7iFri2qhbHt0KYLyMXixP2y48fkD92vNSsUKg2L36x+UQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNlgkEw4FIyhskHQUdbg8wIpbBrfMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvMldDUVREZ1VqS0d5UWRCUjF1RHpBaWxzR3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEXoNQAwQE
X6RwAwQEX6SQAwQEX6SwMA0GCSqGSIb3DQEBCwUAA4IBAQBk+60y8twz0NWQuR7F
Ci+jkEqPQW44LdsvAUCSP5NcqIJ3Vzcb1/r5xy2Y8bKC3Btslf8NlwwRvUj5vKWM
sijurmS1zVsWsOGtq0eINC1bwuNqSi+yG7e9hIhPmQLVHGs9hvZCQh4Q90hBn/am
u3TEGcSzDHowOeYYmTGhTYn6qOJPl1mMhdn/vR3ifrkC8S/gsZTh3KDWnCWAtSYO
lVX/wqilL2s/C3974rROPbMvTJCQTtoB1M2rlsJoXMjq/8TMG91YsmM3yqO3vPMk
3Y10MnZzUJkCZtMIDKKalU1tK1/1VKg5Qwap0eW44nDxf0ALDb9HdzZR/4+oJ/Fw
wcHa
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:23:46 2025 by rpki-client