Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/lhjIJlx7E62Nq8E0F_3KwGxkQHY.roa
File: lhjIJlx7E62Nq8E0F_3KwGxkQHY.roa (raw, json)
Hash identifier: 7FVyuqxcBknkqenNrNzaXTZOQbiuh8BaRNXScWslHpw=
Subject key identifier: 96:18:C8:26:5C:7B:13:AD:8D:AB:C1:34:17:FD:CA:C0:6C:64:40:76
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018434254A6474F05475898E7B652A2768B0
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/lhjIJlx7E62Nq8E0F_3KwGxkQHY.roa
Signing time: Tue 01 Nov 2022 17:02:49 +0000
ROA not before: Tue 01 Nov 2022 17:02:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 94.131.98.0/24 maxlen: 24
94.131.102.0/24 maxlen: 24
94.131.105.0/24 maxlen: 24
94.131.106.0/24 maxlen: 24
94.131.107.0/24 maxlen: 24
94.131.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:34:25:4a:64:74:f0:54:75:89:8e:7b:65:2a:27:68:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 1 17:02:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9618c8265c7b13ad8dabc13417fdcac06c644076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ed:6e:4b:54:28:89:2c:91:08:eb:87:3a:71:
81:dd:eb:af:99:98:34:6c:c1:9a:a7:3a:c4:b2:3c:
db:49:d4:8d:4b:92:ca:4f:af:fa:fc:28:37:79:86:
3f:f6:5e:41:71:ff:5e:7c:b9:21:1b:04:37:c9:e3:
c2:64:20:dc:37:68:bc:48:84:63:26:fa:5a:aa:9a:
6e:e2:06:d5:1a:cb:22:52:c5:de:8d:63:0f:3e:9d:
88:13:ce:83:f6:46:31:ef:70:33:ce:19:78:d9:84:
39:33:33:14:97:20:da:4f:bb:04:28:ca:4e:63:b2:
d8:b8:ce:fb:8f:65:ac:a0:26:da:a7:b4:08:5f:ce:
92:16:ee:b3:f6:52:41:0b:93:1a:c7:46:b6:55:5d:
45:b2:3b:86:44:26:87:ec:4f:05:6d:63:8a:bc:98:
38:53:80:64:b7:0f:de:f7:17:da:27:84:bd:ff:d1:
18:f9:16:f5:7f:82:10:0d:2b:23:74:54:50:4d:85:
eb:56:c6:8b:e6:a7:86:62:12:c0:31:b9:ed:88:01:
dd:b0:27:48:0d:e8:8a:ab:99:9f:3a:91:e3:a5:5f:
af:d4:a7:23:8d:8f:ed:92:bc:e4:7a:c0:1c:70:ba:
02:72:82:f1:2d:a5:e2:f7:68:16:42:cd:57:de:39:
e9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:18:C8:26:5C:7B:13:AD:8D:AB:C1:34:17:FD:CA:C0:6C:64:40:76
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/lhjIJlx7E62Nq8E0F_3KwGxkQHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.2.0/24
94.131.98.0/24
94.131.102.0/24
94.131.105.0-94.131.107.255
Signature Algorithm: sha256WithRSAEncryption
1d:75:bb:20:a1:a6:e0:69:0c:fc:de:6e:99:a2:82:bd:11:91:
ad:ef:a3:fe:f3:b1:64:fc:87:36:23:e0:8f:66:5d:ba:9f:87:
56:19:91:a3:99:17:f9:af:2b:a1:b5:3a:d5:79:09:b4:e7:9f:
41:c4:09:dd:15:39:93:b8:ca:87:74:74:37:d6:3e:dc:55:a4:
00:5c:8c:fb:70:3b:32:3b:c4:b1:e4:ec:e4:38:34:41:7a:b6:
5d:43:29:63:83:d9:1c:99:9d:df:1f:26:d1:e5:be:55:dc:bc:
82:27:23:0f:56:96:da:89:22:5f:69:52:3a:b9:dd:a2:a9:86:
d0:69:0a:14:d3:62:af:b6:19:ff:82:c0:2e:b5:a2:23:a7:72:
eb:03:9a:e4:50:6e:50:6c:6f:75:5f:9a:6d:d2:4c:a9:af:c1:
12:fd:6a:38:cd:db:31:44:47:b4:01:04:8f:74:89:d5:79:a9:
b7:21:e1:a1:f5:2f:d0:e7:27:87:57:a8:7d:d9:5e:4a:f4:9c:
75:e8:7d:21:04:82:40:c8:43:63:bf:d3:9d:b6:b9:0c:83:32:
1b:c4:47:36:ee:49:2b:b5:31:53:f4:89:43:6d:fa:35:e1:54:
4d:cf:14:29:60:db:7b:3b:a1:66:50:4e:6d:84:47:94:ed:1e:
05:94:85:67
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYQ0JUpkdPBUdYmOe2UqJ2iwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIxMTAxMTcwMjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjE4YzgyNjVjN2IxM2FkOGRhYmMxMzQxN2ZkY2FjMDZjNjQ0MDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO1uS1QoiSyRCOuHOnGB3euvmZg0
bMGapzrEsjzbSdSNS5LKT6/6/Cg3eYY/9l5Bcf9efLkhGwQ3yePCZCDcN2i8SIRj
Jvpaqppu4gbVGssiUsXejWMPPp2IE86D9kYx73Azzhl42YQ5MzMUlyDaT7sEKMpO
Y7LYuM77j2WsoCbap7QIX86SFu6z9lJBC5Max0a2VV1FsjuGRCaH7E8FbWOKvJg4
U4Bktw/e9xfaJ4S9/9EY+Rb1f4IQDSsjdFRQTYXrVsaL5qeGYhLAMbntiAHdsCdI
DeiKq5mfOpHjpV+v1KcjjY/tkrzkesAccLoCcoLxLaXi92gWQs1X3jnpVwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJYYyCZcexOtjavBNBf9ysBsZEB2MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvbGhqSUpseDdFNjJOcThFMEZfM0t3R3hrUUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAXoMCAwQA
XoNiAwQAXoNmMAwDBABeg2kDBAJeg2gwDQYJKoZIhvcNAQELBQADggEBAB11uyCh
puBpDPzebpmigr0Rka3vo/7zsWT8hzYj4I9mXbqfh1YZkaOZF/mvK6G1OtV5CbTn
n0HECd0VOZO4yod0dDfWPtxVpABcjPtwOzI7xLHk7OQ4NEF6tl1DKWOD2RyZnd8f
JtHlvlXcvIInIw9WltqJIl9pUjq53aKphtBpChTTYq+2Gf+CwC61oiOncusDmuRQ
blBsb3Vfmm3STKmvwRL9ajjN2zFER7QBBI90idV5qbch4aH1L9DnJ4dXqH3ZXkr0
nHXofSEEgkDIQ2O/0522uQyDMhvERzbuSSu1MVP0iUNt+jXhVE3PFClg23s7oWZQ
Tm2ER5TtHgWUhWc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:07:03 2025 by rpki-client