Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/pDHMlulfsR3qSzTpATvrx_bG4mw.roa
File: pDHMlulfsR3qSzTpATvrx_bG4mw.roa (raw, json)
Hash identifier: Zyr02Y9Bzhq7J9zN+D4Qparp5kLHR/Ynhiu/10ThMFE=
Subject key identifier: A4:31:CC:96:E9:5F:B1:1D:EA:4B:34:E9:01:3B:EB:C7:F6:C6:E2:6C
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0183277ECCACF27887D502A3102F968DADE4
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/pDHMlulfsR3qSzTpATvrx_bG4mw.roa
Signing time: Sat 10 Sep 2022 13:02:44 +0000
ROA not before: Sat 10 Sep 2022 13:02:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 94.131.48.0/20 maxlen: 24
95.164.16.0/22 maxlen: 22
94.131.64.0/20 maxlen: 24
95.164.128.0/20 maxlen: 24
95.164.240.0/21 maxlen: 21
95.164.44.0/22 maxlen: 22
95.164.84.0/22 maxlen: 22
94.131.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:27:7e:cc:ac:f2:78:87:d5:02:a3:10:2f:96:8d:ad:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Sep 10 13:02:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a431cc96e95fb11dea4b34e9013bebc7f6c6e26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:37:85:71:5a:c3:05:47:41:24:10:85:34:c6:
43:b9:b6:80:28:22:c9:0b:a6:80:fd:39:4d:ed:9b:
11:ca:46:7b:5d:db:69:a5:3f:0e:46:c5:15:48:ab:
77:df:a7:c2:1e:4e:94:f3:af:6c:a2:f6:2d:e2:95:
29:b2:b7:ff:e4:73:d3:71:25:37:0e:0a:2e:47:ca:
2a:c4:2f:57:ee:d4:00:f5:60:69:2f:b7:ed:1e:f6:
c2:66:8a:85:52:86:ab:9f:ab:25:ca:9c:84:f9:97:
96:16:55:2f:4c:c1:e3:f7:1e:04:c7:a7:9a:cc:8a:
88:02:25:f9:0d:f1:f5:d2:d9:7b:f4:0b:42:fd:18:
42:40:d5:54:d8:7b:a7:f0:b3:f1:89:00:ea:ae:62:
1e:c7:4f:f2:9f:44:c6:57:49:a6:37:e7:a3:c4:c1:
c1:f9:c4:13:29:d1:77:bb:09:7d:f1:25:88:3e:4a:
d0:39:aa:32:7c:cd:17:bd:40:32:6f:9e:68:f7:fc:
f0:18:e5:c1:d8:c5:64:de:0d:dd:cf:df:77:0b:9b:
c2:90:a6:1a:cc:0c:45:32:73:d1:89:67:16:1d:a0:
fa:5d:14:fe:a2:ec:bb:b5:fb:3c:66:f6:04:fa:9e:
51:f5:65:5d:88:d8:92:32:a9:35:16:7b:e3:fe:d0:
f8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:31:CC:96:E9:5F:B1:1D:EA:4B:34:E9:01:3B:EB:C7:F6:C6:E2:6C
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/pDHMlulfsR3qSzTpATvrx_bG4mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.24.0/22
94.131.48.0-94.131.79.255
95.164.16.0/22
95.164.44.0/22
95.164.84.0/22
95.164.128.0/20
95.164.240.0/21
Signature Algorithm: sha256WithRSAEncryption
2a:7b:a9:99:b9:08:1b:c1:e1:77:7b:ad:24:ed:10:6c:86:f8:
11:48:72:49:80:d1:3b:6a:8f:01:bb:7c:db:d9:d2:3d:65:a6:
84:88:0e:7a:10:e2:6b:91:8b:55:e1:3c:91:e9:f6:fa:16:1c:
a9:23:b7:d8:5d:1e:8f:c6:00:31:e7:23:e1:a2:df:df:e7:fa:
81:e6:29:dc:7b:0d:be:4f:85:17:e7:b3:cb:26:38:0a:b7:45:
ca:6e:e0:f3:35:7e:73:e2:77:b3:76:73:90:1f:db:0e:02:9a:
b1:34:35:10:2b:66:51:cd:bd:fd:9d:44:78:e2:ea:bb:e3:fb:
66:6b:d0:02:cb:bf:bb:79:31:6b:8e:f0:a8:ab:ad:53:df:bd:
5f:92:a4:42:84:e8:98:04:11:cb:5d:e0:d2:e9:25:c4:5a:7b:
44:79:7e:0c:fe:5a:a0:97:2f:48:89:6e:e3:06:46:84:59:4d:
67:e0:8e:cd:6a:8b:c1:40:e1:fc:44:1e:c1:dd:c5:03:dd:ad:
31:e5:3a:eb:27:f9:2d:d6:ff:ca:f9:b0:38:bc:08:55:6c:08:
56:1a:7b:e7:45:cf:ba:25:00:16:8a:43:18:24:24:fd:b0:79:
4a:8f:86:7b:bf:82:d9:9e:9a:8c:2e:da:7a:e3:93:dd:21:ec:
a7:9d:73:c0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYMnfsys8niH1QKjEC+Wja3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIwOTEwMTMwMjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDMxY2M5NmU5NWZiMTFkZWE0YjM0ZTkwMTNiZWJjN2Y2YzZlMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTeFcVrDBUdBJBCFNMZDubaAKCLJ
C6aA/TlN7ZsRykZ7XdtppT8ORsUVSKt336fCHk6U869sovYt4pUpsrf/5HPTcSU3
DgouR8oqxC9X7tQA9WBpL7ftHvbCZoqFUoarn6slypyE+ZeWFlUvTMHj9x4Ex6ea
zIqIAiX5DfH10tl79AtC/RhCQNVU2Hun8LPxiQDqrmIex0/yn0TGV0mmN+ejxMHB
+cQTKdF3uwl98SWIPkrQOaoyfM0XvUAyb55o9/zwGOXB2MVk3g3dz993C5vCkKYa
zAxFMnPRiWcWHaD6XRT+ouy7tfs8ZvYE+p5R9WVdiNiSMqk1Fnvj/tD4dQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKQxzJbpX7Ed6ks06QE768f2xuJsMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvcERITWx1bGZzUjNxU3pUcEFUdnJ4X2JHNG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCXoMYMAwD
BARegzADBAReg0ADBAJfpBADBAJfpCwDBAJfpFQDBARfpIADBANfpPAwDQYJKoZI
hvcNAQELBQADggEBACp7qZm5CBvB4Xd7rSTtEGyG+BFIckmA0TtqjwG7fNvZ0j1l
poSIDnoQ4muRi1XhPJHp9voWHKkjt9hdHo/GADHnI+Gi39/n+oHmKdx7Db5PhRfn
s8smOAq3Rcpu4PM1fnPid7N2c5Af2w4CmrE0NRArZlHNvf2dRHji6rvj+2Zr0ALL
v7t5MWuO8KirrVPfvV+SpEKE6JgEEctd4NLpJcRae0R5fgz+WqCXL0iJbuMGRoRZ
TWfgjs1qi8FA4fxEHsHdxQPdrTHlOusn+S3W/8r5sDi8CFVsCFYae+dFz7olABaK
QxgkJP2weUqPhnu/gtmemowu2nrjk90h7Kedc8A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org