Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ibDuD02xSFW52JkrIimv-Cl7yZc.roa
File: ibDuD02xSFW52JkrIimv-Cl7yZc.roa (raw, json)
Hash identifier: bnH/LJxpBmD0HFpgzFv6uYHWNUYQ1YQTotvL9mKxATs=
Subject key identifier: 89:B0:EE:0F:4D:B1:48:55:B9:D8:99:2B:22:29:AF:F8:29:7B:C9:97
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0182458336109DEDA78736F4755BB8B22F74
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ibDuD02xSFW52JkrIimv-Cl7yZc.roa
Signing time: Thu 28 Jul 2022 15:53:23 +0000
ROA not before: Thu 28 Jul 2022 15:53:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 394814
IP address blocks: 95.164.112.0/20 maxlen: 24
95.164.240.0/21 maxlen: 24
95.164.248.0/22 maxlen: 24
95.164.144.0/20 maxlen: 24
94.131.80.0/20 maxlen: 24
95.164.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:45:83:36:10:9d:ed:a7:87:36:f4:75:5b:b8:b2:2f:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jul 28 15:53:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89b0ee0f4db14855b9d8992b2229aff8297bc997
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f9:7b:ae:b9:df:43:94:34:49:a6:0b:bd:8d:
b8:7e:25:32:70:68:2f:7a:8f:2b:a6:57:99:6d:ca:
a7:91:66:b0:16:3d:1b:06:31:86:ea:96:06:9b:a8:
d2:ad:84:13:88:9b:0f:3b:40:5b:5a:47:35:25:fc:
f2:1d:de:8b:9c:ae:4e:95:71:2e:06:3d:5f:e7:14:
16:85:02:e0:07:f9:17:8f:5f:4d:3b:df:63:ac:48:
22:2d:4b:59:c0:57:ac:38:41:51:8a:d0:40:38:79:
8b:21:ee:59:77:b6:9d:ed:10:95:23:3f:84:2b:29:
90:16:8b:62:fb:a3:ac:7f:d9:bd:63:88:fc:ef:d6:
77:11:88:e2:05:bf:a9:58:81:4a:fe:28:96:7c:b1:
58:18:82:ca:b0:8d:50:d5:a4:2b:5c:6a:3e:ce:b8:
ad:77:6a:23:cb:93:85:bf:ca:1e:1f:a1:31:da:9e:
9c:d6:ba:e1:75:fe:a0:97:67:86:81:d6:05:52:2c:
46:24:31:12:79:47:ef:b6:73:13:e5:8c:cb:17:e4:
6a:2a:cf:a7:8c:ca:ee:d9:95:5f:35:65:80:f6:d2:
6d:c0:23:12:c7:64:49:0a:1e:ef:2d:e0:33:c8:f8:
fe:54:af:7d:18:79:80:22:71:4c:05:ca:79:5e:fa:
52:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:B0:EE:0F:4D:B1:48:55:B9:D8:99:2B:22:29:AF:F8:29:7B:C9:97
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ibDuD02xSFW52JkrIimv-Cl7yZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
95.164.60.0/22
95.164.112.0/20
95.164.144.0/20
95.164.240.0-95.164.251.255
Signature Algorithm: sha256WithRSAEncryption
2b:de:26:14:c3:9d:01:f2:62:86:73:ee:6a:0e:9f:ca:6b:89:
8b:59:b4:9a:b6:8b:3d:e4:34:b0:c1:f7:b8:b0:c7:06:9b:9b:
e3:cc:72:4d:7e:82:d4:34:67:56:45:31:ad:d6:27:ca:3b:dc:
c0:f8:03:b6:ad:6f:b0:90:b8:c5:97:e4:74:22:dc:d3:7b:2d:
56:5f:bc:8e:02:94:01:0a:69:ff:bb:50:c5:a4:a9:d2:b7:b4:
ff:44:86:1c:b9:7f:ac:f1:ac:c0:c3:7a:04:23:0f:d7:a4:f2:
44:e6:95:ac:09:48:d6:29:09:8d:1c:56:2b:72:d3:48:db:d9:
38:f0:84:39:fa:f4:70:6a:d0:3b:43:28:2a:ca:e0:b3:21:d6:
f9:b0:f7:d9:1d:ba:50:ef:2f:b5:fd:86:37:48:c1:ab:a3:45:
9c:b1:2d:6c:72:ea:a0:7d:10:9d:22:01:15:89:a8:4f:ec:9b:
a0:9c:f6:2e:00:9d:21:ab:38:e3:6a:c7:b7:81:e7:82:9b:ee:
1e:b3:46:f7:1a:8c:7d:2a:74:b6:86:06:cc:0c:a4:df:83:f8:
99:05:b4:e7:41:f5:4d:75:83:5c:e4:b6:7f:c7:23:db:4e:69:
3e:17:de:76:90:1d:e1:fe:42:f5:ff:37:38:dc:f9:2e:34:c9:
f2:58:37:26
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYJFgzYQne2nhzb0dVu4si90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIwNzI4MTU1MzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWIwZWUwZjRkYjE0ODU1YjlkODk5MmIyMjI5YWZmODI5N2JjOTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPl7rrnfQ5Q0SaYLvY24fiUycGgv
eo8rpleZbcqnkWawFj0bBjGG6pYGm6jSrYQTiJsPO0BbWkc1JfzyHd6LnK5OlXEu
Bj1f5xQWhQLgB/kXj19NO99jrEgiLUtZwFesOEFRitBAOHmLIe5Zd7ad7RCVIz+E
KymQFoti+6Osf9m9Y4j879Z3EYjiBb+pWIFK/iiWfLFYGILKsI1Q1aQrXGo+zrit
d2ojy5OFv8oeH6Ex2p6c1rrhdf6gl2eGgdYFUixGJDESeUfvtnMT5YzLF+RqKs+n
jMru2ZVfNWWA9tJtwCMSx2RJCh7vLeAzyPj+VK99GHmAInFMBcp5XvpSywIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFImw7g9NsUhVudiZKyIpr/gpe8mXMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvaWJEdUQwMnhTRlc1MkprcklpbXYtQ2w3eVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQEXoNQAwQC
X6Q8AwQEX6RwAwQEX6SQMAwDBARfpPADBAJfpPgwDQYJKoZIhvcNAQELBQADggEB
ACveJhTDnQHyYoZz7moOn8priYtZtJq2iz3kNLDB97iwxwabm+PMck1+gtQ0Z1ZF
Ma3WJ8o73MD4A7atb7CQuMWX5HQi3NN7LVZfvI4ClAEKaf+7UMWkqdK3tP9Ehhy5
f6zxrMDDegQjD9ek8kTmlawJSNYpCY0cVity00jb2TjwhDn69HBq0DtDKCrK4LMh
1vmw99kdulDvL7X9hjdIwaujRZyxLWxy6qB9EJ0iARWJqE/sm6Cc9i4AnSGrOONq
x7eB54Kb7h6zRvcajH0qdLaGBswMpN+D+JkFtOdB9U11g1zktn/HI9tOaT4X3naQ
HeH+QvX/Nzjc+S40yfJYNyY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org