Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/gyMt_xzUtIJ83YopFeRbQbzG-Dg.roa
File: gyMt_xzUtIJ83YopFeRbQbzG-Dg.roa (raw, json)
Hash identifier: yRoew1p8QaMCEG+3AUPe9TWQSQBMofTzRQitQ3Bzkgw=
Subject key identifier: 83:23:2D:FF:1C:D4:B4:82:7C:DD:8A:29:15:E4:5B:41:BC:C6:F8:38
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018755949CF390D80EC1C798F92ECFD65742
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/gyMt_xzUtIJ83YopFeRbQbzG-Dg.roa
Signing time: Thu 06 Apr 2023 08:00:15 +0000
ROA not before: Thu 06 Apr 2023 08:00:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 94.131.48.0/20 maxlen: 24
94.131.64.0/20 maxlen: 24
95.164.128.0/20 maxlen: 24
95.164.240.0/21 maxlen: 21
95.164.44.0/22 maxlen: 22
94.131.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:94:9c:f3:90:d8:0e:c1:c7:98:f9:2e:cf:d6:57:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Apr 6 08:00:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83232dff1cd4b4827cdd8a2915e45b41bcc6f838
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b8:08:6a:47:1c:71:37:73:2c:7e:10:2a:92:
80:6f:de:aa:92:f3:10:79:6b:8c:b9:b6:f0:b1:0e:
38:26:bc:81:27:d8:51:9e:d9:80:59:72:2a:d6:6c:
49:82:04:64:8e:0c:e4:04:09:93:d8:cc:c5:55:5a:
96:da:96:8c:46:9f:b2:55:cc:34:ef:32:d4:a7:8f:
0f:2a:5e:ee:36:90:3e:c5:85:ab:c8:ab:97:fb:bc:
65:f4:f3:d4:72:e1:89:be:d5:93:74:bb:20:6e:e7:
fb:1b:c8:dc:88:ed:fc:42:71:30:8c:77:0d:d2:8f:
d2:f3:11:5c:35:83:1f:15:2c:d6:be:16:cd:0a:e5:
a7:51:47:cb:70:9b:8d:bb:f8:94:2c:69:4b:28:cd:
23:b9:67:5b:cc:63:59:f7:56:1a:e3:4a:35:ab:df:
6e:22:fe:da:9a:8d:8d:30:67:0b:4a:dc:41:eb:c2:
a0:80:2b:2c:b1:8e:19:71:46:00:fd:d5:85:27:82:
d4:f2:a9:74:2c:f2:43:7b:2f:42:30:88:ad:07:4b:
c4:49:29:2a:21:47:4c:b9:22:14:3f:f0:dd:97:ef:
ce:55:9b:de:be:f1:6c:e1:41:cc:2a:fa:8d:61:3d:
19:47:c7:b0:2d:8d:e3:90:a1:bd:31:d7:a1:d4:52:
20:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:23:2D:FF:1C:D4:B4:82:7C:DD:8A:29:15:E4:5B:41:BC:C6:F8:38
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/gyMt_xzUtIJ83YopFeRbQbzG-Dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.24.0/22
94.131.48.0-94.131.79.255
95.164.44.0/22
95.164.128.0/20
95.164.240.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:e7:50:2d:f0:3f:51:e8:6c:7e:c5:2e:51:9c:cf:45:db:4f:
65:e8:eb:a5:44:3f:52:c3:a4:08:d3:a9:ce:4b:19:01:a4:d4:
b8:4d:45:35:8a:18:da:aa:1b:1d:e2:6c:3d:69:59:0b:1f:f2:
93:7c:35:f7:80:bf:b9:3f:2a:7b:38:b3:4e:2a:87:d5:f9:0a:
b5:0f:f8:77:9f:6c:d9:ff:26:9b:c2:b7:0f:24:c1:1d:a5:e6:
44:99:1f:fa:c2:51:26:7e:5c:d0:cf:41:a6:18:da:ef:57:2b:
bc:ee:25:59:86:f9:db:a7:e8:8a:9a:b7:d8:e6:58:c9:f7:10:
ab:75:36:35:b1:37:12:22:2e:27:3d:8b:58:af:85:bc:cf:56:
47:8d:cd:05:8a:a2:48:46:60:e5:39:15:cc:e9:74:e0:a1:77:
73:1d:e4:c7:12:71:83:44:d4:a0:82:8c:7c:b7:4c:ad:05:2e:
0f:cc:5b:ed:dd:43:c4:44:e4:2b:80:4e:b1:07:21:1f:7e:53:
2b:cb:f8:22:14:6a:4b:7a:5b:fd:fc:20:1a:c8:1d:45:2f:0c:
fe:ed:d4:2a:d8:d1:a0:fa:09:82:77:f9:74:2d:d3:86:76:40:
9b:83:97:c4:03:03:80:4c:a8:2f:18:0b:28:42:eb:d0:b7:1b:
70:0f:11:0b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYdVlJzzkNgOwceY+S7P1ldCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwNDA2MDgwMDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzIzMmRmZjFjZDRiNDgyN2NkZDhhMjkxNWU0NWI0MWJjYzZmODM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrgIakcccTdzLH4QKpKAb96qkvMQ
eWuMubbwsQ44JryBJ9hRntmAWXIq1mxJggRkjgzkBAmT2MzFVVqW2paMRp+yVcw0
7zLUp48PKl7uNpA+xYWryKuX+7xl9PPUcuGJvtWTdLsgbuf7G8jciO38QnEwjHcN
0o/S8xFcNYMfFSzWvhbNCuWnUUfLcJuNu/iULGlLKM0juWdbzGNZ91Ya40o1q99u
Iv7amo2NMGcLStxB68KggCsssY4ZcUYA/dWFJ4LU8ql0LPJDey9CMIitB0vESSkq
IUdMuSIUP/Ddl+/OVZvevvFs4UHMKvqNYT0ZR8ewLY3jkKG9Mdeh1FIgtwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIMjLf8c1LSCfN2KKRXkW0G8xvg4MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvZ3lNdF94elV0SUo4M1lvcEZlUmJRYnpHLURnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCXoMYMAwD
BARegzADBAReg0ADBAJfpCwDBARfpIADBANfpPAwDQYJKoZIhvcNAQELBQADggEB
AKPnUC3wP1HobH7FLlGcz0XbT2Xo66VEP1LDpAjTqc5LGQGk1LhNRTWKGNqqGx3i
bD1pWQsf8pN8NfeAv7k/Kns4s04qh9X5CrUP+HefbNn/JpvCtw8kwR2l5kSZH/rC
USZ+XNDPQaYY2u9XK7zuJVmG+dun6Iqat9jmWMn3EKt1NjWxNxIiLic9i1ivhbzP
VkeNzQWKokhGYOU5FczpdOChd3Md5McScYNE1KCCjHy3TK0FLg/MW+3dQ8RE5CuA
TrEHIR9+UyvL+CIUakt6W/38IBrIHUUvDP7t1CrY0aD6CYJ3+XQt04Z2QJuDl8QD
A4BMqC8YCyhC69C3G3APEQs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:09 2025 by rpki-client