Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/oIVBpEvaiqQFrouz34aDQTCawQ8.roa
File: oIVBpEvaiqQFrouz34aDQTCawQ8.roa (raw, json)
Hash identifier: sAGUfmNJ4NEAGYnEPll7e8aetuBY8g/Vv2ZZ342XA24=
Subject key identifier: A0:85:41:A4:4B:DA:8A:A4:05:AE:8B:B3:DF:86:83:41:30:9A:C1:0F
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0185533CF602CC9D89674AB670502D7FFF81
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/oIVBpEvaiqQFrouz34aDQTCawQ8.roa
Signing time: Tue 27 Dec 2022 10:59:42 +0000
ROA not before: Tue 27 Dec 2022 10:59:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44477
IP address blocks: 94.131.98.0/24 maxlen: 24
94.131.102.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.105.0/24 maxlen: 24
94.131.106.0/24 maxlen: 24
94.131.108.0/24 maxlen: 24
94.131.107.0/24 maxlen: 24
94.131.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:53:3c:f6:02:cc:9d:89:67:4a:b6:70:50:2d:7f:ff:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Dec 27 10:59:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a08541a44bda8aa405ae8bb3df868341309ac10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:44:14:31:b1:5f:0f:4d:cc:02:69:3f:64:50:
6a:7c:e0:75:af:cd:6f:d4:6e:f2:fa:7b:61:26:ad:
a9:63:2e:b9:0b:1c:af:3e:ee:d2:59:16:c1:31:4b:
d7:cc:8d:92:b1:a7:38:b9:85:10:ff:6c:f0:8e:09:
51:23:12:7d:7d:f0:3a:5d:34:95:3d:70:b3:1b:64:
1e:a3:b3:af:42:12:82:46:9e:18:33:2e:10:9d:7a:
59:24:34:d9:95:bf:d2:7c:7b:ef:99:42:72:e1:80:
db:5e:30:a9:26:6d:fd:b7:25:a6:6f:a8:06:56:92:
14:67:95:d9:8a:e9:dc:e8:22:ea:36:08:d3:7d:99:
e3:c4:48:b0:1d:8d:d0:87:3f:75:41:2f:62:82:e2:
38:a0:18:39:ce:33:89:0c:4e:1f:46:e7:ab:f1:69:
c9:73:24:67:67:83:65:43:c4:0b:c9:8a:b0:97:80:
66:7e:c2:e0:e5:c6:99:64:f3:89:67:d0:a2:17:1a:
64:7d:dc:0c:03:78:e3:a0:62:4b:ac:ed:ed:1d:35:
43:be:a1:ac:8f:ef:32:09:07:bb:0b:28:03:2a:00:
4e:c1:75:39:a6:11:4c:eb:83:30:8e:49:fe:ac:64:
da:6e:b5:23:6a:8a:f9:09:fe:96:3c:ed:d6:8d:de:
e8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:85:41:A4:4B:DA:8A:A4:05:AE:8B:B3:DF:86:83:41:30:9A:C1:0F
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/oIVBpEvaiqQFrouz34aDQTCawQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.2.0/24
94.131.98.0/24
94.131.100.0/24
94.131.102.0/24
94.131.105.0-94.131.108.255
Signature Algorithm: sha256WithRSAEncryption
89:e0:0a:c0:7c:78:4e:36:81:c5:ea:43:29:9a:02:97:29:a6:
0b:1e:0b:17:e7:e6:24:e2:74:a5:f1:45:59:db:52:66:15:bc:
e1:aa:62:80:a4:1e:26:01:67:57:c0:32:0c:9b:e6:01:bd:6c:
94:c4:d1:8f:cb:01:39:8b:eb:13:33:29:b2:b7:a5:01:11:c2:
1d:d0:ec:b6:45:65:b8:d1:47:f6:9e:22:6a:78:41:5e:49:28:
a0:b2:fb:fe:63:14:c5:b3:7e:f8:d3:c8:b8:84:4e:00:3d:d6:
18:5a:f9:c2:28:93:85:ee:5c:25:12:01:f8:fb:3c:23:9e:e5:
05:3c:e2:48:2b:f9:d4:f5:c4:34:dd:83:37:27:d6:c5:81:45:
a2:b6:2d:37:7c:80:ee:d1:4e:e7:f7:58:b9:04:bf:60:6d:16:
b6:7a:3f:3a:df:9b:4c:cd:1c:f7:8d:a2:c2:23:b2:df:26:68:
46:8f:a0:d1:59:eb:27:c9:6f:8b:84:f2:e2:56:0d:1a:60:4f:
cd:22:e2:dc:1d:ee:87:8a:8c:97:02:e9:1a:dd:63:e2:13:43:
2b:c7:c6:42:61:7b:46:a2:cb:3d:0d:2d:ff:76:bb:09:79:12:
02:92:24:41:75:5a:3d:53:52:68:98:6b:2b:c2:60:db:1b:7f:
23:a5:0c:33
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVTPPYCzJ2JZ0q2cFAtf/+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIxMjI3MTA1OTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg1NDFhNDRiZGE4YWE0MDVhZThiYjNkZjg2ODM0MTMwOWFjMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUQUMbFfD03MAmk/ZFBqfOB1r81v
1G7y+nthJq2pYy65CxyvPu7SWRbBMUvXzI2Ssac4uYUQ/2zwjglRIxJ9ffA6XTSV
PXCzG2Qeo7OvQhKCRp4YMy4QnXpZJDTZlb/SfHvvmUJy4YDbXjCpJm39tyWmb6gG
VpIUZ5XZiunc6CLqNgjTfZnjxEiwHY3Qhz91QS9iguI4oBg5zjOJDE4fRuer8WnJ
cyRnZ4NlQ8QLyYqwl4BmfsLg5caZZPOJZ9CiFxpkfdwMA3jjoGJLrO3tHTVDvqGs
j+8yCQe7CygDKgBOwXU5phFM64Mwjkn+rGTabrUjaor5Cf6WPO3Wjd7oiwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKCFQaRL2oqkBa6Ls9+Gg0EwmsEPMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvb0lWQnBFdmFpcVFGcm91ejM0YURRVENhd1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAXoMCAwQA
XoNiAwQAXoNkAwQAXoNmMAwDBABeg2kDBABeg2wwDQYJKoZIhvcNAQELBQADggEB
AIngCsB8eE42gcXqQymaApcppgseCxfn5iTidKXxRVnbUmYVvOGqYoCkHiYBZ1fA
Mgyb5gG9bJTE0Y/LATmL6xMzKbK3pQERwh3Q7LZFZbjRR/aeImp4QV5JKKCy+/5j
FMWzfvjTyLiETgA91hha+cIok4XuXCUSAfj7PCOe5QU84kgr+dT1xDTdgzcn1sWB
RaK2LTd8gO7RTuf3WLkEv2BtFrZ6Pzrfm0zNHPeNosIjst8maEaPoNFZ6yfJb4uE
8uJWDRpgT80i4twd7oeKjJcC6RrdY+ITQyvHxkJhe0aiyz0NLf92uwl5EgKSJEF1
Wj1TUmiYayvCYNsbfyOlDDM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:41:56 2025 by rpki-client