Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/DUTqlfH5XyJaTWnlDhIo9xW8nZ0.roa
File: DUTqlfH5XyJaTWnlDhIo9xW8nZ0.roa (raw, json)
Hash identifier: A0mcy4CaD8RCQWdOIqSRkBdZxSAUmJzPLXsLMUHNE0Y=
Subject key identifier: 0D:44:EA:95:F1:F9:5F:22:5A:4D:69:E5:0E:12:28:F7:15:BC:9D:9D
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018665F7644874BBA9D694C6A085F79D1764
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/DUTqlfH5XyJaTWnlDhIo9xW8nZ0.roa
Signing time: Sat 18 Feb 2023 19:19:17 +0000
ROA not before: Sat 18 Feb 2023 19:19:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8772
IP address blocks: 94.131.0.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:65:f7:64:48:74:bb:a9:d6:94:c6:a0:85:f7:9d:17:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Feb 18 19:19:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0d44ea95f1f95f225a4d69e50e1228f715bc9d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d2:ad:53:80:1f:37:db:1b:52:05:b2:fe:2b:
a6:bd:f0:ca:cd:14:7a:9e:75:01:0b:ff:2b:50:dc:
e2:3f:69:fc:ef:64:7d:8f:fa:33:47:61:1f:15:7f:
54:4d:15:d3:ce:4d:cc:72:50:ad:47:87:a3:28:be:
c8:00:98:09:23:f6:43:08:04:73:27:21:d9:0e:dc:
5f:f8:33:0d:02:7a:88:7a:19:5c:91:29:96:cf:1d:
62:ba:f7:3e:81:87:99:ec:34:e6:24:04:c9:19:96:
a3:d6:8f:75:ac:52:53:0c:8c:ee:f7:72:7b:18:51:
57:ae:84:2d:9b:e5:41:0e:74:f4:3e:23:ce:6c:2e:
a9:1b:31:37:99:b0:41:84:5e:d6:df:b0:e1:07:0e:
80:84:00:8a:f2:42:e7:17:c5:fe:e4:78:b9:d9:ef:
e6:ea:09:1a:a8:17:c0:64:92:d0:33:83:d4:92:e7:
4e:3b:05:30:bc:9c:22:05:11:53:a1:14:2d:2d:96:
bb:16:76:bb:20:ec:be:79:3f:1e:0b:df:93:5c:8e:
6f:5d:4c:c8:26:a0:67:88:af:06:dc:2d:c9:da:68:
a4:b8:45:82:2c:3b:fc:40:3c:46:99:95:6e:1a:5b:
c2:8a:9d:9e:97:96:b4:47:6a:77:9e:f0:67:92:0e:
51:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:44:EA:95:F1:F9:5F:22:5A:4D:69:E5:0E:12:28:F7:15:BC:9D:9D
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/DUTqlfH5XyJaTWnlDhIo9xW8nZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.0.0/24
94.131.7.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:5d:fb:74:fd:b7:91:b3:03:e3:bc:fc:16:0e:4e:4b:b3:64:
5a:62:34:98:41:9f:32:02:7c:58:94:24:8b:9b:60:92:a0:96:
c9:e7:1d:e4:59:13:c0:25:2a:5c:3b:d0:00:a4:13:de:7e:ec:
7a:8b:03:bb:70:7f:54:9a:ff:c7:34:bb:4c:c1:b7:7f:a1:a3:
1c:e1:02:2d:80:50:84:3a:7e:c2:f5:01:5e:65:31:9b:c3:4f:
06:58:5f:64:b6:1a:cd:c6:2c:ef:0c:32:78:ef:ce:52:f2:f5:
de:d5:d9:2e:c3:4b:bb:e2:ef:31:00:ac:42:9c:f3:4d:58:39:
55:24:0c:8e:2d:5e:ac:3a:17:7e:03:0b:c0:51:53:e9:4b:bf:
17:6c:eb:21:9d:89:cf:99:ee:07:33:79:de:12:a5:43:07:04:
c7:f9:b6:ce:1f:95:88:ac:a6:e7:2b:95:37:05:a4:17:3f:c4:
76:dc:70:bf:bf:bb:97:7d:34:7e:f1:43:62:4e:0a:0f:c7:eb:
c9:38:73:50:db:59:dd:bf:29:8a:76:b6:99:a0:22:52:8a:f2:
ee:00:3d:bf:02:eb:18:fe:52:62:ff:3a:20:4e:93:6f:85:f4:
f2:40:3f:22:9d:56:ca:8b:c7:c9:65:1b:00:5a:bc:e6:13:9d:
3e:f6:45:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYZl92RIdLup1pTGoIX3nRdkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMjE4MTkxOTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQ0ZWE5NWYxZjk1ZjIyNWE0ZDY5ZTUwZTEyMjhmNzE1YmM5ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNKtU4AfN9sbUgWy/iumvfDKzRR6
nnUBC/8rUNziP2n872R9j/ozR2EfFX9UTRXTzk3MclCtR4ejKL7IAJgJI/ZDCARz
JyHZDtxf+DMNAnqIehlckSmWzx1iuvc+gYeZ7DTmJATJGZaj1o91rFJTDIzu93J7
GFFXroQtm+VBDnT0PiPObC6pGzE3mbBBhF7W37DhBw6AhACK8kLnF8X+5Hi52e/m
6gkaqBfAZJLQM4PUkudOOwUwvJwiBRFToRQtLZa7Fna7IOy+eT8eC9+TXI5vXUzI
JqBniK8G3C3J2mikuEWCLDv8QDxGmZVuGlvCip2el5a0R2p3nvBnkg5R2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA1E6pXx+V8iWk1p5Q4SKPcVvJ2dMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvRFVUcWxmSDVYeUphVFdubERoSW85eFc4blowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXoMAAwQA
XoMHMA0GCSqGSIb3DQEBCwUAA4IBAQAPXft0/beRswPjvPwWDk5Ls2RaYjSYQZ8y
AnxYlCSLm2CSoJbJ5x3kWRPAJSpcO9AApBPefux6iwO7cH9Umv/HNLtMwbd/oaMc
4QItgFCEOn7C9QFeZTGbw08GWF9kthrNxizvDDJ4785S8vXe1dkuw0u74u8xAKxC
nPNNWDlVJAyOLV6sOhd+AwvAUVPpS78XbOshnYnPme4HM3neEqVDBwTH+bbOH5WI
rKbnK5U3BaQXP8R23HC/v7uXfTR+8UNiTgoPx+vJOHNQ21ndvymKdraZoCJSivLu
AD2/AusY/lJi/zogTpNvhfTyQD8inVbKi8fJZRsAWrzmE50+9kXI
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:40:35 2025 by rpki-client