Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/6dQ6oVnFRb_RMpT9MtW5SvLJQd8.roa
File: 6dQ6oVnFRb_RMpT9MtW5SvLJQd8.roa (raw, json)
Hash identifier: 9WVZWxef9Db0niNrhDRK09IJ1f/FBohpvAxnyOeQ1wc=
Subject key identifier: E9:D4:3A:A1:59:C5:45:BF:D1:32:94:FD:32:D5:B9:4A:F2:C9:41:DF
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018C1859195209D126B56F62EC5065FADD45
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/6dQ6oVnFRb_RMpT9MtW5SvLJQd8.roa
Signing time: Tue 28 Nov 2023 23:52:21 +0000
ROA not before: Tue 28 Nov 2023 23:52:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200736
IP address blocks: 95.164.176.0/20 maxlen: 24
94.131.151.0/24 maxlen: 24
94.131.150.0/24 maxlen: 24
94.131.149.0/24 maxlen: 24
94.131.148.0/24 maxlen: 24
94.131.152.0/24 maxlen: 24
94.131.147.0/24 maxlen: 24
94.131.146.0/24 maxlen: 24
94.131.157.0/24 maxlen: 24
94.131.156.0/24 maxlen: 24
94.131.155.0/24 maxlen: 24
94.131.159.0/24 maxlen: 24
94.131.158.0/24 maxlen: 24
94.131.154.0/24 maxlen: 24
94.131.153.0/24 maxlen: 24
94.131.170.0/24 maxlen: 24
94.131.172.0/24 maxlen: 24
94.131.128.0/19 maxlen: 24
94.131.130.0/24 maxlen: 24
94.131.132.0/24 maxlen: 24
94.131.131.0/24 maxlen: 24
94.131.133.0/24 maxlen: 24
94.131.137.0/24 maxlen: 24
94.131.136.0/24 maxlen: 24
94.131.135.0/24 maxlen: 24
94.131.134.0/24 maxlen: 24
94.131.139.0/24 maxlen: 24
94.131.138.0/24 maxlen: 24
94.131.144.0/23 maxlen: 23
94.131.144.0/24 maxlen: 24
94.131.143.0/24 maxlen: 24
94.131.142.0/24 maxlen: 24
94.131.141.0/24 maxlen: 24
94.131.145.0/24 maxlen: 24
94.131.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:18:59:19:52:09:d1:26:b5:6f:62:ec:50:65:fa:dd:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 28 23:52:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e9d43aa159c545bfd13294fd32d5b94af2c941df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7e:bd:66:3b:59:ea:a8:2e:cb:76:ff:c0:4d:
40:30:82:35:c9:6b:7c:3a:0e:21:fe:c2:7d:7b:77:
ad:81:53:21:c7:1b:53:61:6a:64:f9:ab:0e:2c:c2:
1e:18:08:23:1f:fa:ee:74:d5:36:09:fd:cf:41:89:
69:9c:fc:e8:59:26:e8:bd:18:8f:b3:89:91:31:b0:
d9:3f:8f:b3:77:af:2c:e6:4e:14:4e:05:f4:be:16:
ee:48:91:2d:87:9f:cb:2f:99:3c:ce:f8:cf:b3:b5:
34:29:71:59:86:37:35:e0:11:c0:ce:56:f1:c5:8a:
19:df:ab:0c:c1:c0:bc:19:23:b1:e9:82:a4:b1:f5:
39:08:34:ce:14:b4:8f:a9:f8:77:49:2c:20:be:45:
4b:01:74:60:07:f2:5b:6c:19:b4:ec:0f:71:83:8b:
48:61:48:8d:9c:16:45:00:94:80:61:d8:75:d0:f9:
c1:31:7d:79:3f:5a:cc:7b:37:f4:b8:95:13:73:08:
f1:e3:1e:55:96:90:76:ba:e5:f4:65:90:c5:5f:ce:
63:c2:c1:31:70:7c:93:24:76:6e:36:04:5b:ff:ae:
05:7c:7c:e5:a2:2d:2f:94:b7:6e:ac:d0:30:17:4a:
b2:15:5c:e2:f1:d8:59:cf:ef:2b:75:e6:5b:b4:45:
60:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:D4:3A:A1:59:C5:45:BF:D1:32:94:FD:32:D5:B9:4A:F2:C9:41:DF
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/6dQ6oVnFRb_RMpT9MtW5SvLJQd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.128.0/19
94.131.170.0/24
94.131.172.0/24
95.164.176.0/20
Signature Algorithm: sha256WithRSAEncryption
4c:82:31:09:20:33:fa:01:9b:1c:32:09:ac:23:f9:cf:0c:cd:
b9:86:36:71:e2:30:96:38:ac:53:8f:75:c0:9d:05:cf:99:4c:
9e:a9:cf:64:9a:77:63:92:02:c1:d7:f9:ae:7d:37:d9:cd:21:
e4:3d:a2:fb:52:fa:88:51:69:4b:a3:b1:84:37:b0:bf:c8:94:
97:a2:6d:df:e3:cf:89:49:2a:45:fb:c9:80:32:c6:57:55:ba:
ff:ef:3e:58:ba:3c:18:fc:f2:91:a7:bc:56:82:b6:d2:44:b4:
ed:84:ba:22:09:e7:79:e6:93:ee:dd:66:7a:ea:21:0a:dd:00:
11:89:a8:15:e1:35:d7:99:0f:ce:26:92:81:a3:e7:f1:bf:8a:
ea:94:8a:79:67:10:c6:33:fd:9a:d6:45:30:d0:a2:e6:18:06:
2b:b6:7d:9d:ad:83:6d:26:9c:4e:19:ae:bb:fb:03:62:c1:11:
2f:eb:03:1e:55:8d:2c:4e:2c:fc:5c:08:32:7d:f7:89:02:4c:
0e:ce:55:83:33:58:0b:57:86:61:db:41:78:44:60:3f:41:10:
b5:d3:eb:5c:a9:62:65:71:92:73:0f:8d:e1:b0:04:f1:c5:e4:
dd:27:38:dd:b9:c4:c2:f6:41:e7:e0:47:14:b3:14:ad:69:0c:
69:53:7a:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYwYWRlSCdEmtW9i7FBl+t1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMxMTI4MjM1MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWQ0M2FhMTU5YzU0NWJmZDEzMjk0ZmQzMmQ1Yjk0YWYyYzk0MWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn369ZjtZ6qguy3b/wE1AMII1yWt8
Og4h/sJ9e3etgVMhxxtTYWpk+asOLMIeGAgjH/rudNU2Cf3PQYlpnPzoWSbovRiP
s4mRMbDZP4+zd68s5k4UTgX0vhbuSJEth5/LL5k8zvjPs7U0KXFZhjc14BHAzlbx
xYoZ36sMwcC8GSOx6YKksfU5CDTOFLSPqfh3SSwgvkVLAXRgB/JbbBm07A9xg4tI
YUiNnBZFAJSAYdh10PnBMX15P1rMezf0uJUTcwjx4x5VlpB2uuX0ZZDFX85jwsEx
cHyTJHZuNgRb/64FfHzloi0vlLdurNAwF0qyFVzi8dhZz+8rdeZbtEVg6QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOnUOqFZxUW/0TKU/TLVuUryyUHfMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvNmRRNm9WbkZSYl9STXBUOU10VzVTdkxKUWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFXoOAAwQA
XoOqAwQAXoOsAwQEX6SwMA0GCSqGSIb3DQEBCwUAA4IBAQBMgjEJIDP6AZscMgms
I/nPDM25hjZx4jCWOKxTj3XAnQXPmUyeqc9kmndjkgLB1/mufTfZzSHkPaL7UvqI
UWlLo7GEN7C/yJSXom3f48+JSSpF+8mAMsZXVbr/7z5YujwY/PKRp7xWgrbSRLTt
hLoiCed55pPu3WZ66iEK3QARiagV4TXXmQ/OJpKBo+fxv4rqlIp5ZxDGM/2a1kUw
0KLmGAYrtn2drYNtJpxOGa67+wNiwREv6wMeVY0sTiz8XAgyffeJAkwOzlWDM1gL
V4Zh20F4RGA/QRC10+tcqWJlcZJzD43hsATxxeTdJzjducTC9kHn4EcUsxStaQxp
U3qa
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:19:26 2025 by rpki-client