Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ojHejmJ1lJ6vv4HiU-hdWEZLtx0.roa
File: ojHejmJ1lJ6vv4HiU-hdWEZLtx0.roa (raw, json)
Hash identifier: qWjBGIKEA0HMCG5MWtcP7jAYfBWCAwJXWDi7vBYahRY=
Subject key identifier: A2:31:DE:8E:62:75:94:9E:AF:BF:81:E2:53:E8:5D:58:46:4B:B7:1D
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01856F42AA54E0E76050497460B211D11A4B
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ojHejmJ1lJ6vv4HiU-hdWEZLtx0.roa
Signing time: Sun 01 Jan 2023 21:35:18 +0000
ROA not before: Sun 01 Jan 2023 21:35:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 53856
IP address blocks: 94.131.120.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:aa:54:e0:e7:60:50:49:74:60:b2:11:d1:1a:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 21:35:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a231de8e6275949eafbf81e253e85d58464bb71d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:23:30:a2:b1:00:a7:3f:31:aa:44:a7:2c:a7:
74:f8:b9:f8:61:b5:bf:3e:fa:45:ff:d4:51:3d:15:
71:70:55:6c:ff:c3:e1:a8:96:bb:85:7c:fa:0d:b7:
d4:8e:d5:80:ac:8c:8a:99:30:13:ae:e6:f8:6f:18:
f0:7c:4d:7e:0f:8b:4d:bd:78:67:6f:7d:39:15:e3:
69:48:f3:dc:01:7b:1b:76:2d:0f:14:a0:d9:7b:22:
f0:69:1c:d4:16:70:8b:6c:a9:25:91:9a:62:8c:58:
28:67:a0:ad:44:a4:db:d8:75:28:27:02:75:ef:ad:
56:06:3a:c7:18:12:ec:12:55:11:40:f9:82:73:49:
bc:d4:d7:3a:98:ec:6c:11:67:32:a3:2e:f6:3a:ac:
0f:c6:2f:ec:9d:88:f8:a3:1c:a3:7c:09:5b:1a:88:
70:ae:2c:5a:ec:bb:30:f8:ea:57:8d:39:48:1b:de:
73:45:9f:33:f1:b1:f2:50:6d:8e:93:7c:bf:d2:4f:
a0:e9:ca:b9:44:04:09:b0:86:d9:87:30:26:59:4f:
5d:5c:d9:69:13:32:6c:87:e6:e5:a1:17:37:2b:86:
9c:6f:a7:a0:76:7a:34:3b:37:f3:db:c4:30:1e:6e:
ef:2e:f6:7e:84:6c:50:e8:28:a4:06:58:06:2b:83:
c8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:31:DE:8E:62:75:94:9E:AF:BF:81:E2:53:E8:5D:58:46:4B:B7:1D
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ojHejmJ1lJ6vv4HiU-hdWEZLtx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.120.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:8f:73:84:71:3c:cf:8e:57:a2:f8:55:0f:be:46:55:95:ce:
9a:f3:07:3c:e7:a0:56:90:5a:8c:3f:f7:d6:34:11:3e:55:dc:
2e:fd:fc:5c:69:75:67:39:e0:39:1b:34:22:07:8a:0b:8f:e5:
62:4a:a3:ad:f2:23:05:fa:0b:1d:b0:4b:ad:88:86:99:c5:c5:
a6:a2:56:22:29:2e:f8:5a:c4:1a:97:69:a0:c7:2e:0d:19:f1:
81:15:c1:93:df:8f:a7:a2:53:88:7e:67:b2:a8:fc:dd:ed:8c:
da:96:9c:9a:f2:e4:70:f2:35:f6:e6:23:d1:8d:1f:7a:41:c5:
50:32:02:d0:15:aa:a4:7b:cd:a9:ab:27:60:ff:96:ed:ab:ad:
44:7a:b5:86:2a:15:31:01:5e:8f:04:c3:71:1e:c5:77:c7:63:
03:98:c6:61:a5:c4:2d:65:4b:2a:bb:e1:6c:20:02:f9:04:3d:
db:4a:2d:45:51:54:60:69:7a:39:b8:07:db:37:fd:23:85:0b:
f0:e7:75:2d:6b:57:9d:66:e9:9a:2a:49:a8:5b:fe:0f:7e:ca:
09:b6:00:59:78:21:2a:a8:94:01:aa:be:b9:af:65:2c:cb:1f:
cb:27:6d:f6:c0:b1:73:83:76:39:5e:18:45:e8:ce:bd:25:71:
da:7c:99:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvQqpU4OdgUEl0YLIR0RpLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTAxMjEzNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjMxZGU4ZTYyNzU5NDllYWZiZjgxZTI1M2U4NWQ1ODQ2NGJiNzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCMworEApz8xqkSnLKd0+Ln4YbW/
PvpF/9RRPRVxcFVs/8PhqJa7hXz6DbfUjtWArIyKmTATrub4bxjwfE1+D4tNvXhn
b305FeNpSPPcAXsbdi0PFKDZeyLwaRzUFnCLbKklkZpijFgoZ6CtRKTb2HUoJwJ1
761WBjrHGBLsElURQPmCc0m81Nc6mOxsEWcyoy72OqwPxi/snYj4oxyjfAlbGohw
rixa7Lsw+OpXjTlIG95zRZ8z8bHyUG2Ok3y/0k+g6cq5RAQJsIbZhzAmWU9dXNlp
EzJsh+bloRc3K4acb6egdno0Ozfz28QwHm7vLvZ+hGxQ6CikBlgGK4PIIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKIx3o5idZSer7+B4lPoXVhGS7cdMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvb2pIZWptSjFsSjZ2djRIaVUtaGRXRVpMdHgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXoN4MA0G
CSqGSIb3DQEBCwUAA4IBAQAfj3OEcTzPjlei+FUPvkZVlc6a8wc856BWkFqMP/fW
NBE+Vdwu/fxcaXVnOeA5GzQiB4oLj+ViSqOt8iMF+gsdsEutiIaZxcWmolYiKS74
WsQal2mgxy4NGfGBFcGT34+nolOIfmeyqPzd7Yzalpya8uRw8jX25iPRjR96QcVQ
MgLQFaqke82pqydg/5btq61EerWGKhUxAV6PBMNxHsV3x2MDmMZhpcQtZUsqu+Fs
IAL5BD3bSi1FUVRgaXo5uAfbN/0jhQvw53Uta1edZumaKkmoW/4PfsoJtgBZeCEq
qJQBqr65r2Usyx/LJ232wLFzg3Y5XhhF6M69JXHafJmg
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:06:25 2025 by rpki-client