Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/936XB4kC0o8uJL23Uf8UmD4507s.roa
File: 936XB4kC0o8uJL23Uf8UmD4507s.roa (raw, json)
Hash identifier: XaJAGSK5TDIkyTNTrrmA/iE6ssVnqg/ekBDx0ZITMfU=
Subject key identifier: F7:7E:97:07:89:02:D2:8F:2E:24:BD:B7:51:FF:14:98:3E:39:D3:BB
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0182E4F443FE4B2277400A5B7EAEA9452DBF
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/936XB4kC0o8uJL23Uf8UmD4507s.roa
Signing time: Sun 28 Aug 2022 14:56:29 +0000
ROA not before: Sun 28 Aug 2022 14:56:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29390
IP address blocks: 94.131.0.0/23 maxlen: 23
2a01:d0:3a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e4:f4:43:fe:4b:22:77:40:0a:5b:7e:ae:a9:45:2d:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Aug 28 14:56:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f77e97078902d28f2e24bdb751ff14983e39d3bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:1e:43:be:b9:e8:04:ab:69:de:9c:46:6e:00:
be:16:e2:2e:76:99:82:a6:88:83:12:6a:3b:f3:7f:
91:b8:ca:0c:60:d8:83:22:34:8a:e5:e0:14:fe:94:
08:7a:15:63:23:df:1f:8a:ec:cc:44:cd:b5:54:59:
4d:99:fa:0f:7e:66:e0:b2:ee:c3:61:d2:bf:3b:57:
8f:b5:53:e8:6e:78:3a:d9:cf:d5:52:3b:4a:26:38:
e9:b0:a3:69:3c:16:7d:2c:ed:0e:91:f6:ef:20:ec:
b8:84:5d:dc:6a:6c:d7:48:c7:f3:b3:df:73:8c:67:
c0:5d:0c:6c:cb:dc:82:66:b7:0f:b5:15:24:90:56:
cb:55:28:33:9e:bf:f4:07:9e:39:b5:27:88:c9:70:
3c:f2:8e:fa:c4:b9:d8:0f:34:3e:df:7c:75:b4:be:
c5:f2:ff:c3:62:bb:08:74:45:a3:29:21:ea:0d:69:
e8:14:6b:f4:2d:f1:f4:f6:bd:78:f6:59:75:cd:89:
16:ef:b7:83:82:45:14:ef:c5:94:53:97:a2:37:02:
50:d1:59:38:39:5f:68:56:86:df:db:1e:1a:58:f5:
75:1a:b6:96:64:b5:a6:ea:0b:ea:7a:8c:4b:a1:6f:
a9:f6:13:4f:cf:62:30:0d:d8:af:5d:60:1e:64:76:
98:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:7E:97:07:89:02:D2:8F:2E:24:BD:B7:51:FF:14:98:3E:39:D3:BB
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/936XB4kC0o8uJL23Uf8UmD4507s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.0.0/23
IPv6:
2a01:d0:3a::/48
Signature Algorithm: sha256WithRSAEncryption
83:23:79:f4:be:fc:5c:f1:dd:4c:03:21:d0:1e:07:47:a7:dc:
c6:dc:58:b1:54:68:a3:f7:6c:59:14:73:1b:6e:eb:be:72:1f:
93:9f:21:0f:5a:71:0a:8a:fe:06:7a:68:8d:63:fb:1c:f4:31:
14:07:62:e4:9f:ad:de:98:a8:8d:61:8b:58:8d:fe:b6:7b:4c:
6d:15:bd:2e:b7:ba:d6:ef:c6:d3:8c:c2:ca:48:81:be:ce:9e:
aa:1c:1f:1d:03:9e:52:31:b1:d7:c8:90:85:69:dd:08:cf:67:
6c:4e:64:2a:2e:2c:fc:a2:dc:6d:46:f6:78:9b:4a:86:ea:68:
62:c4:e2:5c:f4:2c:fe:e9:e7:06:31:78:05:d9:30:8a:98:3d:
ce:d9:05:70:0c:ab:c5:d0:6b:6a:0f:10:d1:64:1a:dc:2b:4f:
af:63:c2:c9:77:58:8b:2e:29:44:30:5f:f3:1a:71:d5:ff:5c:
5e:af:71:10:f1:1d:f8:4f:01:ef:f2:dd:83:34:cc:50:38:d0:
ae:78:30:8d:72:13:09:57:1d:86:ec:b0:08:84:3a:12:92:1a:
2b:b7:36:70:05:4a:89:24:9f:ed:33:b9:18:1a:9f:01:dd:f7:
82:49:e8:5b:f6:3a:00:3d:d5:05:22:ca:91:34:cf:46:06:fa:
41:25:09:fe
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYLk9EP+SyJ3QApbfq6pRS2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIwODI4MTQ1NjI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzdlOTcwNzg5MDJkMjhmMmUyNGJkYjc1MWZmMTQ5ODNlMzlkM2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuB5DvrnoBKtp3pxGbgC+FuIudpmC
poiDEmo783+RuMoMYNiDIjSK5eAU/pQIehVjI98fiuzMRM21VFlNmfoPfmbgsu7D
YdK/O1ePtVPobng62c/VUjtKJjjpsKNpPBZ9LO0OkfbvIOy4hF3camzXSMfzs99z
jGfAXQxsy9yCZrcPtRUkkFbLVSgznr/0B545tSeIyXA88o76xLnYDzQ+33x1tL7F
8v/DYrsIdEWjKSHqDWnoFGv0LfH09r149ll1zYkW77eDgkUU78WUU5eiNwJQ0Vk4
OV9oVobf2x4aWPV1GraWZLWm6gvqeoxLoW+p9hNPz2IwDdivXWAeZHaYIwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPd+lweJAtKPLiS9t1H/FJg+OdO7MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvOTM2WEI0a0Mwbzh1SkwyM1VmOFVtRDQ1MDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBXoMAMA8E
AgACMAkDBwAqAQDQADowDQYJKoZIhvcNAQELBQADggEBAIMjefS+/Fzx3UwDIdAe
B0en3MbcWLFUaKP3bFkUcxtu675yH5OfIQ9acQqK/gZ6aI1j+xz0MRQHYuSfrd6Y
qI1hi1iN/rZ7TG0VvS63utbvxtOMwspIgb7OnqocHx0DnlIxsdfIkIVp3QjPZ2xO
ZCouLPyi3G1G9nibSobqaGLE4lz0LP7p5wYxeAXZMIqYPc7ZBXAMq8XQa2oPENFk
GtwrT69jwsl3WIsuKUQwX/MacdX/XF6vcRDxHfhPAe/y3YM0zFA40K54MI1yEwlX
HYbssAiEOhKSGiu3NnAFSokkn+0zuRganwHd94JJ6Fv2OgA91QUiypE0z0YG+kEl
Cf4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:29:22 2025 by rpki-client