Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/dmk6WM93AvjfnBpEXPPbcO_iJbk.roa
File: dmk6WM93AvjfnBpEXPPbcO_iJbk.roa (raw, json)
Hash identifier: gERwgjBLf+kKjZAWacLpNc0ljSBxUiRbkB0Eb4AeVwI=
Subject key identifier: 76:69:3A:58:CF:77:02:F8:DF:9C:1A:44:5C:F3:DB:70:EF:E2:25:B9
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01856F42A84F72DF076A3C1946CA40AE8CAC
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/dmk6WM93AvjfnBpEXPPbcO_iJbk.roa
Signing time: Sun 01 Jan 2023 21:35:17 +0000
ROA not before: Sun 01 Jan 2023 21:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 94.131.98.0/24 maxlen: 24
94.131.102.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.105.0/24 maxlen: 24
94.131.106.0/24 maxlen: 24
94.131.108.0/24 maxlen: 24
94.131.107.0/24 maxlen: 24
94.131.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a8:4f:72:df:07:6a:3c:19:46:ca:40:ae:8c:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 21:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=76693a58cf7702f8df9c1a445cf3db70efe225b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:dc:aa:ea:f5:3e:21:c2:fc:15:43:56:83:8a:
a1:e9:5c:2a:bc:85:62:32:70:99:16:91:0d:55:37:
55:ab:da:bc:bf:b0:3e:cb:24:c6:64:7e:5f:9f:49:
17:e7:3a:f1:56:fe:58:7c:4c:03:e8:0f:22:57:19:
12:d1:3a:2d:8f:f7:33:18:52:9f:52:47:c6:35:66:
81:e3:9b:92:d3:6b:43:bd:c3:43:4b:83:dc:fd:17:
6d:cd:0f:a0:75:36:a7:42:76:d9:4f:28:6b:e7:a6:
09:33:b2:4a:64:e6:9d:85:75:23:58:76:dd:cd:92:
63:14:93:f9:5f:3e:fd:74:82:28:8d:56:94:e8:90:
26:81:bc:4a:56:99:a8:3c:32:b7:07:89:85:00:ae:
f4:73:47:20:a2:50:45:a0:c7:3f:93:aa:28:9e:35:
c5:2a:33:0d:9e:47:6b:c7:1f:1a:ae:45:b4:4a:36:
29:70:e5:0d:d2:50:54:40:da:e8:f1:d3:bd:7b:d9:
66:d4:62:f3:57:62:53:d6:32:6b:26:d5:8b:6b:f8:
fa:87:ae:c6:2a:7a:e1:99:f5:c1:2a:d0:8c:b7:6a:
d1:71:44:47:78:46:cd:f5:db:57:99:f7:4f:59:5b:
a4:4c:27:f8:97:4b:e6:88:60:88:b8:f8:ae:c7:3e:
a6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:69:3A:58:CF:77:02:F8:DF:9C:1A:44:5C:F3:DB:70:EF:E2:25:B9
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/dmk6WM93AvjfnBpEXPPbcO_iJbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.2.0/24
94.131.98.0/24
94.131.100.0/24
94.131.102.0/24
94.131.105.0-94.131.108.255
Signature Algorithm: sha256WithRSAEncryption
4f:5b:5e:ea:2d:a7:2b:57:93:21:96:56:49:cb:24:39:83:3e:
5e:ef:94:e7:03:eb:66:af:b4:cd:42:d3:28:26:ce:6f:b4:a2:
70:13:63:30:4d:9e:24:91:db:17:f6:05:e6:96:4a:60:ed:49:
c5:30:5f:bb:32:02:a5:3f:26:63:03:bd:fa:9b:4e:fd:36:17:
93:0d:ab:93:f1:40:c1:7a:18:6c:8f:28:e4:18:a9:c1:f7:51:
cc:bb:0c:60:0e:40:e5:fb:2d:69:54:50:fd:f6:f8:b1:fe:38:
e8:3e:6a:c1:16:fc:c6:2a:3e:a6:61:79:fb:99:12:39:24:ed:
0d:6b:04:6c:d4:1f:bc:1b:e1:ba:c5:fc:59:af:d0:1c:6f:1b:
76:a6:a1:d3:9a:05:46:0a:dc:22:5f:c2:4a:6b:e2:68:74:75:
64:be:42:59:68:cf:de:c1:ad:8b:41:8a:e0:b1:08:5d:dd:10:
71:6c:07:9c:2a:41:dc:72:17:8e:01:7d:72:3e:b3:e4:0e:20:
cf:a3:15:15:db:1a:35:38:2b:13:bd:45:c5:2f:82:1e:89:1e:
c5:23:2e:3b:82:33:a3:3a:7e:33:e9:43:72:04:c8:11:a4:e4:
fe:91:0a:30:73:3b:65:73:0c:21:2f:01:9e:ea:7b:1d:90:4c:
e8:b5:cc:e2
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVvQqhPct8HajwZRspAroysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTAxMjEzNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjY5M2E1OGNmNzcwMmY4ZGY5YzFhNDQ1Y2YzZGI3MGVmZTIyNWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdyq6vU+IcL8FUNWg4qh6VwqvIVi
MnCZFpENVTdVq9q8v7A+yyTGZH5fn0kX5zrxVv5YfEwD6A8iVxkS0Totj/czGFKf
UkfGNWaB45uS02tDvcNDS4Pc/RdtzQ+gdTanQnbZTyhr56YJM7JKZOadhXUjWHbd
zZJjFJP5Xz79dIIojVaU6JAmgbxKVpmoPDK3B4mFAK70c0cgolBFoMc/k6oonjXF
KjMNnkdrxx8arkW0SjYpcOUN0lBUQNro8dO9e9lm1GLzV2JT1jJrJtWLa/j6h67G
KnrhmfXBKtCMt2rRcURHeEbN9dtXmfdPWVukTCf4l0vmiGCIuPiuxz6m7QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHZpOljPdwL435waRFzz23Dv4iW5MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvZG1rNldNOTNBdmpmbkJwRVhQUGJjT19pSmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAXoMCAwQA
XoNiAwQAXoNkAwQAXoNmMAwDBABeg2kDBABeg2wwDQYJKoZIhvcNAQELBQADggEB
AE9bXuotpytXkyGWVknLJDmDPl7vlOcD62avtM1C0ygmzm+0onATYzBNniSR2xf2
BeaWSmDtScUwX7syAqU/JmMDvfqbTv02F5MNq5PxQMF6GGyPKOQYqcH3Ucy7DGAO
QOX7LWlUUP32+LH+OOg+asEW/MYqPqZhefuZEjkk7Q1rBGzUH7wb4brF/Fmv0Bxv
G3amodOaBUYK3CJfwkpr4mh0dWS+Qlloz97BrYtBiuCxCF3dEHFsB5wqQdxyF44B
fXI+s+QOIM+jFRXbGjU4KxO9RcUvgh6JHsUjLjuCM6M6fjPpQ3IEyBGk5P6RCjBz
O2VzDCEvAZ7qex2QTOi1zOI=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:53:15 2025 by rpki-client