Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/6WoIkIb6cgUadv0PcvZIyzLbF6w.roa
File: 6WoIkIb6cgUadv0PcvZIyzLbF6w.roa (raw, json)
Hash identifier: lp8h8dD8ANKNf1rvBTDFud9nyQLa+RXihNqDy6t6/eQ=
Subject key identifier: E9:6A:08:90:86:FA:72:05:1A:76:FD:0F:72:F6:48:CB:32:DB:17:AC
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01845E8CEBCDE2C2146C3C2360575021F038
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/6WoIkIb6cgUadv0PcvZIyzLbF6w.roa
Signing time: Wed 09 Nov 2022 22:40:04 +0000
ROA not before: Wed 09 Nov 2022 22:40:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6461
IP address blocks: 95.164.0.0/21 maxlen: 24
95.164.24.0/21 maxlen: 24
94.131.112.0/20 maxlen: 24
95.164.96.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5e:8c:eb:cd:e2:c2:14:6c:3c:23:60:57:50:21:f0:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 9 22:40:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e96a089086fa72051a76fd0f72f648cb32db17ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:67:c7:0b:ab:8d:c8:2f:d4:5a:4d:af:9f:0b:
8b:1d:28:97:a5:45:f7:fb:48:03:fc:09:31:91:97:
95:c1:1f:03:71:2c:e5:1a:8a:8f:02:8e:51:1c:d8:
75:cb:1f:4a:05:50:8b:fa:c1:7c:f8:00:8f:98:41:
15:4c:4f:8f:08:aa:ae:43:e0:7d:80:5c:4f:3a:79:
90:46:3f:be:61:c8:42:ee:36:3e:9e:1b:ba:45:58:
02:9f:ce:00:fe:f2:87:e6:f6:82:d7:09:4d:fd:78:
d6:b8:ae:9f:51:b8:a1:72:a1:16:95:82:e1:8a:37:
12:33:35:57:dc:b9:10:ef:fa:d1:61:d1:2a:cf:f3:
da:92:e2:48:2e:4a:73:37:1c:51:8a:14:ce:fc:0c:
2f:3b:69:fa:70:8f:e1:44:44:cf:97:91:37:bc:eb:
6b:c6:73:0d:66:62:05:9e:6f:52:07:9a:72:85:13:
a4:51:02:b9:f1:17:45:8a:37:4d:86:6e:53:29:f7:
61:88:ec:45:0a:58:e5:d5:8f:5c:76:e8:dc:06:70:
f5:ae:c7:5c:cc:d5:22:32:0f:d5:ca:7a:b1:cf:d4:
40:04:1e:0a:ba:8f:fb:ae:e2:db:77:5b:70:10:84:
98:7e:e6:fa:3c:0e:e7:cd:0b:5d:e5:bc:c3:d4:4d:
b3:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:6A:08:90:86:FA:72:05:1A:76:FD:0F:72:F6:48:CB:32:DB:17:AC
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/6WoIkIb6cgUadv0PcvZIyzLbF6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.112.0/20
95.164.0.0/21
95.164.24.0/21
95.164.96.0/20
Signature Algorithm: sha256WithRSAEncryption
a1:fe:11:09:7c:8c:a7:02:66:0f:df:eb:a0:a7:14:53:85:97:
c5:88:51:b5:c5:04:a0:fa:77:c3:35:19:a4:5c:76:25:5b:01:
71:6a:76:b2:0f:f8:a9:13:8b:68:01:e1:cd:51:03:fb:a5:13:
96:98:f3:c8:f7:1d:9f:da:f1:d0:66:7b:bf:c3:eb:0d:fd:d2:
f1:28:1e:5c:12:3a:08:05:09:4d:ad:27:73:79:b9:9b:38:8c:
64:6b:7f:d3:3b:63:35:f9:98:95:60:4f:c2:1a:a4:5f:9f:fe:
52:ef:74:d0:93:35:f6:6e:f1:c6:35:84:b0:64:ed:3e:a3:28:
f0:3e:94:b8:11:4c:f7:fd:7a:c4:24:92:5b:30:28:5a:73:46:
fc:bf:57:8d:3b:5e:fd:fa:78:84:7f:25:0e:24:8a:65:b9:c0:
58:6f:e4:4e:fb:fd:88:ef:32:f3:c7:4c:ad:9e:04:c5:92:aa:
f5:8f:04:d3:1f:14:33:7b:bc:20:a0:6e:ab:f0:92:40:34:54:
af:73:03:4d:bd:ea:2f:cd:5a:a3:73:f0:95:fb:24:77:48:b6:
1c:0c:62:16:cd:f3:bd:85:c0:07:bd:9c:3f:cd:b4:9b:b5:62:
38:3d:03:8c:e0:58:bf:62:02:e0:06:14:fd:84:ec:78:71:7e:
51:77:fd:5a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYRejOvN4sIUbDwjYFdQIfA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIxMTA5MjI0MDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTZhMDg5MDg2ZmE3MjA1MWE3NmZkMGY3MmY2NDhjYjMyZGIxN2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmfHC6uNyC/UWk2vnwuLHSiXpUX3
+0gD/AkxkZeVwR8DcSzlGoqPAo5RHNh1yx9KBVCL+sF8+ACPmEEVTE+PCKquQ+B9
gFxPOnmQRj++YchC7jY+nhu6RVgCn84A/vKH5vaC1wlN/XjWuK6fUbihcqEWlYLh
ijcSMzVX3LkQ7/rRYdEqz/PakuJILkpzNxxRihTO/AwvO2n6cI/hRETPl5E3vOtr
xnMNZmIFnm9SB5pyhROkUQK58RdFijdNhm5TKfdhiOxFCljl1Y9cdujcBnD1rsdc
zNUiMg/Vynqxz9RABB4Kuo/7ruLbd1twEISYfub6PA7nzQtd5bzD1E2zxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOlqCJCG+nIFGnb9D3L2SMsy2xesMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvNldvSWtJYjZjZ1VhZHYwUGN2Wkl5ekxiRjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEXoNwAwQD
X6QAAwQDX6QYAwQEX6RgMA0GCSqGSIb3DQEBCwUAA4IBAQCh/hEJfIynAmYP3+ug
pxRThZfFiFG1xQSg+nfDNRmkXHYlWwFxanayD/ipE4toAeHNUQP7pROWmPPI9x2f
2vHQZnu/w+sN/dLxKB5cEjoIBQlNrSdzebmbOIxka3/TO2M1+ZiVYE/CGqRfn/5S
73TQkzX2bvHGNYSwZO0+oyjwPpS4EUz3/XrEJJJbMChac0b8v1eNO179+niEfyUO
JIplucBYb+RO+/2I7zLzx0ytngTFkqr1jwTTHxQze7wgoG6r8JJANFSvcwNNveov
zVqjc/CV+yR3SLYcDGIWzfO9hcAHvZw/zbSbtWI4PQOM4Fi/YgLgBhT9hOx4cX5R
d/1a
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org