Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/YmlR9FHVpeQy1hxfnB15qEQtQLM.roa
File: YmlR9FHVpeQy1hxfnB15qEQtQLM.roa (raw, json)
Hash identifier: NQlA4IyuHoNCOrRCMAip5MVOeNbEcD0qOHB3OMy1HOk=
Subject key identifier: 62:69:51:F4:51:D5:A5:E4:32:D6:1C:5F:9C:1D:79:A8:44:2D:40:B3
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0184AE74A8041F27F8EA4CEAECCC56016967
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/YmlR9FHVpeQy1hxfnB15qEQtQLM.roa
Signing time: Fri 25 Nov 2022 11:03:11 +0000
ROA not before: Fri 25 Nov 2022 11:03:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 94.131.98.0/24 maxlen: 24
94.131.102.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.105.0/24 maxlen: 24
94.131.106.0/24 maxlen: 24
94.131.107.0/24 maxlen: 24
94.131.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:74:a8:04:1f:27:f8:ea:4c:ea:ec:cc:56:01:69:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 25 11:03:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=626951f451d5a5e432d61c5f9c1d79a8442d40b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ea:96:54:14:49:ff:c3:dc:4b:d7:c3:e3:db:
23:3b:92:b1:44:85:a7:3a:45:5d:4e:ea:5d:e1:89:
1c:89:01:8e:de:bf:ff:1b:54:ca:bc:a5:bf:af:6a:
6f:dd:44:b6:5b:bf:9e:1b:89:c5:59:06:f2:e0:9f:
4d:72:75:50:13:a9:db:76:59:fb:cd:74:66:0f:b9:
e5:65:3e:06:fb:bb:21:01:eb:64:b1:16:99:2c:c8:
ac:05:de:76:61:03:3b:8f:67:d9:3a:9e:b5:17:b3:
ba:ce:da:aa:c8:b3:d9:0c:5b:ca:67:1a:79:f5:9e:
0a:77:3c:69:9c:a8:82:89:1d:41:06:cd:9c:34:13:
a2:c2:a6:3d:51:24:14:da:6d:d9:57:40:7f:af:05:
ce:99:54:f6:79:fc:49:c7:d7:b1:be:5d:65:60:3d:
8f:61:cf:57:8b:2a:59:11:1e:c5:2a:84:8c:60:24:
f8:36:50:5c:b2:cc:ec:d3:92:aa:7d:bc:c7:86:67:
14:fb:7e:0a:91:7e:37:e8:35:7e:b0:9c:d7:32:bb:
5e:fa:c2:ed:da:3d:68:d7:13:35:68:d4:61:a7:37:
ab:8d:70:e4:81:75:3c:ad:98:4a:fe:7a:0d:ca:53:
14:d8:d1:05:01:7e:35:9a:7d:b4:17:48:a1:54:a5:
2f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:69:51:F4:51:D5:A5:E4:32:D6:1C:5F:9C:1D:79:A8:44:2D:40:B3
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/YmlR9FHVpeQy1hxfnB15qEQtQLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.2.0/24
94.131.98.0/24
94.131.100.0/24
94.131.102.0/24
94.131.105.0-94.131.107.255
Signature Algorithm: sha256WithRSAEncryption
49:fe:63:7f:0e:a6:62:e5:1e:69:33:04:b0:2d:cc:c7:df:08:
0d:ee:b8:06:e7:e6:6d:0c:18:01:1f:de:24:f0:a3:0c:3b:ad:
a9:ef:bf:7b:46:55:f5:d1:53:dc:0b:86:d5:5c:69:20:bc:b1:
3f:78:ed:85:ea:51:67:50:82:ff:82:83:e4:d7:71:ea:cd:e6:
65:b4:b1:aa:9c:66:d3:ba:78:b9:8a:bf:3e:87:91:34:9f:7c:
22:cd:89:ec:1b:f0:72:4d:64:80:83:35:e2:cd:45:f6:53:1b:
9d:e5:28:a0:9a:c1:b7:a3:94:60:fa:f2:bf:98:6c:ba:17:4a:
37:52:e5:fd:ff:6d:8e:97:f0:74:19:05:69:11:a2:6a:cb:ca:
5f:ef:fd:65:2c:ab:6c:aa:99:db:77:41:03:5c:11:6e:08:08:
ab:e9:b9:7c:6a:6b:03:d5:f2:59:52:dd:8d:7d:31:f8:43:e9:
74:43:ae:80:95:ee:d1:26:e8:2d:63:1d:c3:db:ec:99:a8:03:
21:8e:1d:b2:cd:bf:b3:9e:d8:01:53:54:ae:4e:e4:29:3c:fd:
6f:87:1d:13:85:e1:e6:fc:8c:bd:fe:c9:83:70:1b:1f:0c:89:
81:be:0c:6c:68:1c:dd:bb:70:51:b1:05:d0:49:df:75:ba:16:
42:70:4f:ef
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYSudKgEHyf46kzq7MxWAWlnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIxMTI1MTEwMzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjY5NTFmNDUxZDVhNWU0MzJkNjFjNWY5YzFkNzlhODQ0MmQ0MGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuqWVBRJ/8PcS9fD49sjO5KxRIWn
OkVdTupd4YkciQGO3r//G1TKvKW/r2pv3US2W7+eG4nFWQby4J9NcnVQE6nbdln7
zXRmD7nlZT4G+7shAetksRaZLMisBd52YQM7j2fZOp61F7O6ztqqyLPZDFvKZxp5
9Z4KdzxpnKiCiR1BBs2cNBOiwqY9USQU2m3ZV0B/rwXOmVT2efxJx9exvl1lYD2P
Yc9XiypZER7FKoSMYCT4NlBcsszs05KqfbzHhmcU+34KkX436DV+sJzXMrte+sLt
2j1o1xM1aNRhpzerjXDkgXU8rZhK/noNylMU2NEFAX41mn20F0ihVKUvswIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGJpUfRR1aXkMtYcX5wdeahELUCzMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvWW1sUjlGSFZwZVF5MWh4Zm5CMTVxRVF0UUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAXoMCAwQA
XoNiAwQAXoNkAwQAXoNmMAwDBABeg2kDBAJeg2gwDQYJKoZIhvcNAQELBQADggEB
AEn+Y38OpmLlHmkzBLAtzMffCA3uuAbn5m0MGAEf3iTwoww7ranvv3tGVfXRU9wL
htVcaSC8sT947YXqUWdQgv+Cg+TXcerN5mW0saqcZtO6eLmKvz6HkTSffCLNiewb
8HJNZICDNeLNRfZTG53lKKCawbejlGD68r+YbLoXSjdS5f3/bY6X8HQZBWkRomrL
yl/v/WUsq2yqmdt3QQNcEW4ICKvpuXxqawPV8llS3Y19MfhD6XRDroCV7tEm6C1j
HcPb7JmoAyGOHbLNv7Oe2AFTVK5O5Ck8/W+HHROF4eb8jL3+yYNwGx8MiYG+DGxo
HN27cFGxBdBJ33W6FkJwT+8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:03:31 2025 by rpki-client