Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/o3QsDVfBk6urJHY7GVqIQtF4pFU.roa
File: o3QsDVfBk6urJHY7GVqIQtF4pFU.roa (raw, json)
Hash identifier: dIc1qBDceL01Kc5NJw7OW8W/Cf5jnUQ3bWeIu4mErQE=
Subject key identifier: A3:74:2C:0D:57:C1:93:AB:AB:24:76:3B:19:5A:88:42:D1:78:A4:55
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018C8465B21F76021805C334168256A2C705
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/o3QsDVfBk6urJHY7GVqIQtF4pFU.roa
Signing time: Tue 19 Dec 2023 23:25:06 +0000
ROA not before: Tue 19 Dec 2023 23:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200736
IP address blocks: 95.164.176.0/20 maxlen: 24
94.131.151.0/24 maxlen: 24
94.131.150.0/24 maxlen: 24
94.131.149.0/24 maxlen: 24
94.131.148.0/24 maxlen: 24
94.131.152.0/24 maxlen: 24
94.131.147.0/24 maxlen: 24
94.131.146.0/24 maxlen: 24
94.131.157.0/24 maxlen: 24
94.131.156.0/24 maxlen: 24
94.131.155.0/24 maxlen: 24
94.131.159.0/24 maxlen: 24
94.131.158.0/24 maxlen: 24
94.131.154.0/24 maxlen: 24
94.131.153.0/24 maxlen: 24
94.131.161.0/24 maxlen: 24
94.131.160.0/24 maxlen: 24
94.131.166.0/24 maxlen: 24
94.131.165.0/24 maxlen: 24
94.131.170.0/24 maxlen: 24
94.131.172.0/24 maxlen: 24
94.131.173.0/24 maxlen: 24
94.131.128.0/19 maxlen: 24
94.131.130.0/24 maxlen: 24
94.131.132.0/24 maxlen: 24
94.131.131.0/24 maxlen: 24
94.131.133.0/24 maxlen: 24
94.131.137.0/24 maxlen: 24
94.131.136.0/24 maxlen: 24
94.131.135.0/24 maxlen: 24
94.131.134.0/24 maxlen: 24
94.131.139.0/24 maxlen: 24
94.131.138.0/24 maxlen: 24
94.131.144.0/23 maxlen: 23
94.131.144.0/24 maxlen: 24
94.131.143.0/24 maxlen: 24
94.131.142.0/24 maxlen: 24
94.131.141.0/24 maxlen: 24
94.131.145.0/24 maxlen: 24
94.131.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:84:65:b2:1f:76:02:18:05:c3:34:16:82:56:a2:c7:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Dec 19 23:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3742c0d57c193abab24763b195a8842d178a455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ab:67:69:d5:64:1f:59:d6:13:1e:3e:37:2c:
a1:d1:cf:c3:79:e4:59:bc:3c:e5:14:3d:2e:e5:d0:
b0:3a:55:01:5f:34:33:f3:48:8d:40:56:3f:33:9d:
4f:f8:ad:5e:f9:71:ae:b4:3f:a6:5d:1a:65:60:04:
4f:28:53:cb:3f:9b:09:6d:64:76:db:3e:3c:84:8b:
05:2f:74:95:9f:9e:4c:89:92:f6:b7:c2:56:7a:08:
92:36:e5:73:e6:16:fa:6e:8c:99:d8:fe:64:1d:fb:
3b:4a:77:28:7b:95:e8:c1:dd:3e:f3:2f:7b:d8:1b:
4e:b5:0b:1a:c3:50:37:bc:33:5b:4f:ad:e1:fa:95:
61:fa:1f:15:26:20:04:e0:dc:33:2c:72:19:a0:37:
2a:10:d9:01:84:5b:18:31:db:bb:eb:4e:55:be:f3:
ef:18:61:13:3b:d4:10:4c:5e:b8:dd:76:f5:52:38:
57:2e:95:6c:cb:ff:6c:08:6f:41:c3:08:86:87:60:
af:31:32:78:1a:80:7d:d7:9a:36:15:8b:4e:ab:ca:
1b:ce:85:3d:9f:0c:ea:7c:19:49:b9:b9:73:a7:b5:
24:ee:06:32:d0:42:d7:38:8d:70:50:14:0d:d4:ab:
4a:e4:f7:31:99:a5:a4:04:9d:97:53:bd:d8:d4:0e:
ac:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:74:2C:0D:57:C1:93:AB:AB:24:76:3B:19:5A:88:42:D1:78:A4:55
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/o3QsDVfBk6urJHY7GVqIQtF4pFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.128.0-94.131.161.255
94.131.165.0-94.131.166.255
94.131.170.0/24
94.131.172.0/23
95.164.176.0/20
Signature Algorithm: sha256WithRSAEncryption
a5:80:d0:2f:de:fb:df:8b:fa:43:70:36:7a:ac:10:dc:e6:1e:
bc:04:d4:76:de:35:b4:2f:4d:dd:36:f8:7d:a2:48:27:15:d4:
8b:d7:00:49:5c:87:ec:6a:72:fb:6a:c2:0f:13:55:12:c0:a8:
52:74:bb:39:30:e1:bb:be:71:aa:d7:b0:70:ef:11:a3:92:f4:
44:16:33:a9:d8:6a:55:55:52:85:80:ae:b5:88:d0:bd:c3:31:
b8:5b:f3:91:24:09:57:f0:b4:3a:48:23:d7:0a:cd:bd:0c:0c:
cf:79:92:48:c4:e3:5d:00:84:66:5b:55:28:d7:97:3f:cf:d1:
3e:22:c3:54:ca:b6:ae:51:87:a0:98:0f:d0:fd:ce:e8:9e:15:
76:8f:aa:78:c4:a8:9e:55:fc:da:2d:ae:73:a5:f0:74:84:9c:
1c:b5:df:3c:e9:5b:aa:07:8d:04:91:78:3d:35:59:c7:83:8b:
85:75:5e:1e:2c:be:a8:0f:8c:c9:e0:dc:f1:ea:8d:29:f2:d7:
74:45:39:db:ee:ce:d6:43:ec:0b:b2:ba:76:7e:1c:36:8a:ea:
b8:f6:c1:19:cd:3b:77:3d:ff:09:d5:4f:be:71:1a:65:65:10:
be:e0:55:64:59:d6:8b:12:b4:1f:76:ac:47:3e:5f:89:b1:ad:
44:b2:88:53
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYyEZbIfdgIYBcM0FoJWoscFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMxMjE5MjMyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc0MmMwZDU3YzE5M2FiYWIyNDc2M2IxOTVhODg0MmQxNzhhNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KtnadVkH1nWEx4+Nyyh0c/DeeRZ
vDzlFD0u5dCwOlUBXzQz80iNQFY/M51P+K1e+XGutD+mXRplYARPKFPLP5sJbWR2
2z48hIsFL3SVn55MiZL2t8JWegiSNuVz5hb6boyZ2P5kHfs7Sncoe5Xowd0+8y97
2BtOtQsaw1A3vDNbT63h+pVh+h8VJiAE4NwzLHIZoDcqENkBhFsYMdu7605VvvPv
GGETO9QQTF643Xb1UjhXLpVsy/9sCG9BwwiGh2CvMTJ4GoB915o2FYtOq8obzoU9
nwzqfBlJublzp7Uk7gYy0ELXOI1wUBQN1KtK5PcxmaWkBJ2XU73Y1A6sFwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKN0LA1XwZOrqyR2OxlaiELReKRVMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvbzNRc0RWZkJrNnVySkhZN0dWcUlRdEY0cEZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAdeg4AD
BAFeg6AwDAMEAF6DpQMEAF6DpgMEAF6DqgMEAV6DrAMEBF+ksDANBgkqhkiG9w0B
AQsFAAOCAQEApYDQL97734v6Q3A2eqwQ3OYevATUdt41tC9N3Tb4faJIJxXUi9cA
SVyH7Gpy+2rCDxNVEsCoUnS7OTDhu75xqtewcO8Ro5L0RBYzqdhqVVVShYCutYjQ
vcMxuFvzkSQJV/C0Okgj1wrNvQwMz3mSSMTjXQCEZltVKNeXP8/RPiLDVMq2rlGH
oJgP0P3O6J4Vdo+qeMSonlX82i2uc6XwdIScHLXfPOlbqgeNBJF4PTVZx4OLhXVe
Hiy+qA+MyeDc8eqNKfLXdEU52+7O1kPsC7K6dn4cNorquPbBGc07dz3/CdVPvnEa
ZWUQvuBVZFnWixK0H3asRz5fibGtRLKIUw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:31:58 2025 by rpki-client