Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Z5AXoc7qdeHETu8EYcno2ulLEZM.roa
File: Z5AXoc7qdeHETu8EYcno2ulLEZM.roa (raw, json)
Hash identifier: 7iuLj6dxBzEGkjoee4CSK6hPmys2Y2buvAMiculXGCY=
Subject key identifier: 67:90:17:A1:CE:EA:75:E1:C4:4E:EF:04:61:C9:E8:DA:E9:4B:11:93
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01856F42B1E14B5FAE22F1657C62DFD88237
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Z5AXoc7qdeHETu8EYcno2ulLEZM.roa
Signing time: Sun 01 Jan 2023 21:35:19 +0000
ROA not before: Sun 01 Jan 2023 21:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 394814
IP address blocks: 95.164.112.0/20 maxlen: 24
95.164.144.0/20 maxlen: 24
94.131.80.0/20 maxlen: 24
95.164.176.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:b1:e1:4b:5f:ae:22:f1:65:7c:62:df:d8:82:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 21:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=679017a1ceea75e1c44eef0461c9e8dae94b1193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:cb:ab:d9:a5:e1:cd:9b:c7:7f:f4:89:16:1d:
1d:59:73:31:55:ef:f2:27:55:90:cc:68:cc:d4:c0:
3a:28:58:75:9e:6c:a5:13:35:af:67:92:e4:e9:1f:
ce:53:b5:27:93:61:ba:61:66:ab:1f:40:c5:1c:ae:
8c:69:2f:78:54:a1:ad:db:1d:e9:a4:8d:dc:05:2e:
f1:61:d3:da:c5:20:96:ef:ea:a9:da:5a:4d:11:84:
20:1b:06:a4:34:fc:ae:f8:c9:f9:93:30:17:ac:70:
bf:1d:85:71:53:bb:1f:35:34:c0:4d:c6:1b:6d:34:
c6:32:ee:95:a4:cd:86:7a:84:7b:8a:9b:11:6b:a6:
30:9f:10:8d:51:11:19:45:e9:aa:3b:42:e0:b7:64:
ca:9e:61:43:d4:94:8b:9f:cb:ce:fd:12:77:31:66:
05:71:83:4f:0f:72:d6:04:ba:81:16:5b:94:51:fc:
00:52:2e:8b:bd:7b:23:66:a3:67:66:f4:cc:07:3b:
16:5b:38:7f:55:9e:1b:cc:2f:bc:d9:92:5d:21:58:
8d:80:5d:e7:50:7c:21:83:c8:b5:7e:79:af:0c:e4:
c7:de:d2:c8:78:14:e7:e9:6c:af:df:b1:57:7f:45:
e7:e8:53:bb:c1:c3:af:11:2d:17:44:78:5c:a2:be:
de:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:90:17:A1:CE:EA:75:E1:C4:4E:EF:04:61:C9:E8:DA:E9:4B:11:93
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/Z5AXoc7qdeHETu8EYcno2ulLEZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
95.164.112.0/20
95.164.144.0/20
95.164.176.0/20
Signature Algorithm: sha256WithRSAEncryption
9d:a5:c8:15:b8:9b:07:95:f6:b6:d1:b5:a3:5a:c5:45:6b:5a:
07:5d:ac:fd:e6:00:3a:03:eb:3e:10:99:6e:a2:96:e6:53:47:
fe:56:a5:ad:05:23:48:ca:0f:ed:3b:92:d0:cc:3c:de:35:51:
60:ff:0f:94:42:cb:80:80:39:8f:de:a7:92:cc:89:2d:49:38:
89:9e:57:49:66:93:23:8a:a5:2f:0e:a2:45:73:68:ff:ce:6b:
c8:24:a2:d0:63:93:7f:d4:ed:15:bc:d5:f1:bf:34:0b:fa:6e:
dd:55:ab:55:a2:c0:13:e2:44:8b:ef:84:0b:48:de:45:b6:9c:
00:cd:3c:ee:cf:13:19:5a:f4:38:7b:7a:a4:68:a2:39:95:d3:
9c:6d:78:ad:fe:59:61:9d:6d:65:07:36:56:0d:74:71:5f:7d:
98:b0:2c:87:8f:bb:70:65:c9:30:11:10:7f:6d:64:35:76:6a:
ac:13:a5:83:24:5e:08:ef:ae:ce:e1:c6:29:f5:c7:04:3c:33:
f4:29:10:3a:69:34:6b:89:06:15:90:f7:24:af:61:3d:45:e6:
6a:fc:0f:24:02:48:5f:26:c4:1c:e5:93:a5:d4:0a:f5:cc:a4:
a2:9b:10:1d:42:11:15:31:5a:3d:dc:c0:2f:52:f0:38:64:53:
dd:04:e9:5b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvQrHhS1+uIvFlfGLf2II3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTAxMjEzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzkwMTdhMWNlZWE3NWUxYzQ0ZWVmMDQ2MWM5ZThkYWU5NGIxMTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicur2aXhzZvHf/SJFh0dWXMxVe/y
J1WQzGjM1MA6KFh1nmylEzWvZ5Lk6R/OU7Unk2G6YWarH0DFHK6MaS94VKGt2x3p
pI3cBS7xYdPaxSCW7+qp2lpNEYQgGwakNPyu+Mn5kzAXrHC/HYVxU7sfNTTATcYb
bTTGMu6VpM2GeoR7ipsRa6YwnxCNUREZRemqO0Lgt2TKnmFD1JSLn8vO/RJ3MWYF
cYNPD3LWBLqBFluUUfwAUi6LvXsjZqNnZvTMBzsWWzh/VZ4bzC+82ZJdIViNgF3n
UHwhg8i1fnmvDOTH3tLIeBTn6Wyv37FXf0Xn6FO7wcOvES0XRHhcor7eBQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGeQF6HO6nXhxE7vBGHJ6NrpSxGTMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvWjVBWG9jN3FkZUhFVHU4RVljbm8ydWxMRVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQEXoNQAwQE
X6RwAwQEX6SQAwQEX6SwMA0GCSqGSIb3DQEBCwUAA4IBAQCdpcgVuJsHlfa20bWj
WsVFa1oHXaz95gA6A+s+EJluopbmU0f+VqWtBSNIyg/tO5LQzDzeNVFg/w+UQsuA
gDmP3qeSzIktSTiJnldJZpMjiqUvDqJFc2j/zmvIJKLQY5N/1O0VvNXxvzQL+m7d
VatVosAT4kSL74QLSN5FtpwAzTzuzxMZWvQ4e3qkaKI5ldOcbXit/llhnW1lBzZW
DXRxX32YsCyHj7twZckwERB/bWQ1dmqsE6WDJF4I767O4cYp9ccEPDP0KRA6aTRr
iQYVkPckr2E9ReZq/A8kAkhfJsQc5ZOl1Ar1zKSimxAdQhEVMVo93MAvUvA4ZFPd
BOlb
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:32:50 2025 by rpki-client