Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/qnD9YGFraTvLhMR0ZRT62HNLyVY.roa
File: qnD9YGFraTvLhMR0ZRT62HNLyVY.roa (raw, json)
Hash identifier: JdKPLA22RETpvaZLi7Te2m+iuE1r42Tu/YMS0twqTUc=
Subject key identifier: AA:70:FD:60:61:6B:69:3B:CB:84:C4:74:65:14:FA:D8:73:4B:C9:56
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0182DC21AAE5C2392C8AC283DA2B717EF2B1
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/qnD9YGFraTvLhMR0ZRT62HNLyVY.roa
Signing time: Fri 26 Aug 2022 21:49:30 +0000
ROA not before: Fri 26 Aug 2022 21:49:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 94.131.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:dc:21:aa:e5:c2:39:2c:8a:c2:83:da:2b:71:7e:f2:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Aug 26 21:49:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa70fd60616b693bcb84c4746514fad8734bc956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ba:dd:55:71:f8:34:ff:ac:43:dc:06:07:8f:
59:ef:ff:ff:45:78:f8:e8:21:8c:11:b1:b9:19:d5:
f4:6e:e3:6b:71:ad:1e:9d:fa:28:a1:98:0f:20:bc:
cb:63:3e:2b:a7:a9:1a:47:4b:18:44:b2:e1:87:ea:
1c:92:ff:e4:33:03:26:67:92:fd:00:d7:a0:fb:25:
df:25:7f:0d:b2:d5:65:e2:66:7a:e1:57:75:c0:2a:
5a:9a:a0:eb:b2:e2:70:28:6a:27:eb:96:37:b9:53:
5d:e7:51:89:45:aa:33:d0:b1:db:ce:1b:15:cd:f0:
0e:53:94:4c:53:ed:fd:27:50:65:ef:7f:57:f2:ea:
45:31:34:a8:f4:98:25:56:56:3c:3c:49:b7:0a:6e:
fd:71:8e:50:25:47:0a:c1:a2:da:dc:78:bd:78:5f:
4f:c5:2b:24:67:c6:74:33:29:6b:74:a2:7a:1c:b2:
68:ce:ac:e7:48:6c:2f:35:fd:72:c3:a5:b0:a5:47:
d3:60:bf:b4:ab:5a:c6:82:1d:57:9b:76:f3:e5:15:
4c:bd:a8:1a:13:71:9f:4d:76:58:74:8a:c0:e9:ae:
5c:d6:fb:c6:af:75:4f:54:9f:3c:7a:5d:15:cc:d2:
26:46:07:cf:03:f0:89:c9:2d:7d:fb:7a:eb:e6:ea:
1c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:70:FD:60:61:6B:69:3B:CB:84:C4:74:65:14:FA:D8:73:4B:C9:56
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/qnD9YGFraTvLhMR0ZRT62HNLyVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.108.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:3e:77:fd:d5:ca:c1:02:e5:c2:fd:5b:29:2e:ec:f5:89:0e:
fb:a0:07:78:b0:6d:b8:85:df:af:09:49:2f:02:36:9a:b4:86:
30:c0:16:ed:90:47:d5:67:31:3f:57:98:c2:6a:45:3a:0f:34:
9a:81:c9:fb:28:8e:8f:80:8f:57:55:1d:e0:11:9d:9f:73:6d:
08:f4:2a:85:a7:af:4c:80:be:bf:13:2e:fb:b4:58:2c:13:28:
24:07:36:e4:02:d2:1d:00:fe:42:69:97:26:69:6f:5f:9b:93:
f2:cf:31:72:43:57:5f:c0:3d:d5:57:93:08:02:85:b5:73:41:
22:46:38:51:73:e1:d0:c5:9d:d8:c7:20:44:c6:17:72:95:42:
dc:c8:f4:9c:d2:9f:dd:d3:5c:06:27:30:7f:67:4b:d1:0f:52:
db:2b:97:49:d6:9a:f9:e0:63:0c:c8:8d:c0:b7:38:6a:2a:20:
c7:dd:4c:3f:b2:91:e2:fd:82:8f:9d:7a:74:d3:4a:3b:0f:1a:
d5:df:6e:97:b1:4a:ad:cc:89:3d:ff:85:e8:0d:2a:c2:27:bc:
33:28:58:78:24:5e:18:1f:c5:41:e0:7c:a1:f9:93:59:9a:45:
0e:d5:a0:32:e6:09:7c:d6:13:68:92:08:f3:c1:c7:63:68:fc:
06:8d:d8:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLcIarlwjksisKD2itxfvKxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjIwODI2MjE0OTMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTcwZmQ2MDYxNmI2OTNiY2I4NGM0NzQ2NTE0ZmFkODczNGJjOTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrrdVXH4NP+sQ9wGB49Z7///RXj4
6CGMEbG5GdX0buNrca0enfoooZgPILzLYz4rp6kaR0sYRLLhh+ockv/kMwMmZ5L9
ANeg+yXfJX8NstVl4mZ64Vd1wCpamqDrsuJwKGon65Y3uVNd51GJRaoz0LHbzhsV
zfAOU5RMU+39J1Bl739X8upFMTSo9JglVlY8PEm3Cm79cY5QJUcKwaLa3Hi9eF9P
xSskZ8Z0MylrdKJ6HLJozqznSGwvNf1yw6WwpUfTYL+0q1rGgh1Xm3bz5RVMvaga
E3GfTXZYdIrA6a5c1vvGr3VPVJ88el0VzNImRgfPA/CJyS19+3rr5uoc5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpw/WBha2k7y4TEdGUU+thzS8lWMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvcW5EOVlHRnJhVHZMaE1SMFpSVDYySE5MeVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXoNsMA0G
CSqGSIb3DQEBCwUAA4IBAQBfPnf91crBAuXC/VspLuz1iQ77oAd4sG24hd+vCUkv
AjaatIYwwBbtkEfVZzE/V5jCakU6DzSagcn7KI6PgI9XVR3gEZ2fc20I9CqFp69M
gL6/Ey77tFgsEygkBzbkAtIdAP5CaZcmaW9fm5PyzzFyQ1dfwD3VV5MIAoW1c0Ei
RjhRc+HQxZ3YxyBExhdylULcyPSc0p/d01wGJzB/Z0vRD1LbK5dJ1pr54GMMyI3A
tzhqKiDH3Uw/spHi/YKPnXp000o7DxrV326XsUqtzIk9/4XoDSrCJ7wzKFh4JF4Y
H8VB4Hyh+ZNZmkUO1aAy5gl81hNokgjzwcdjaPwGjdhy
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:15 2025 by rpki-client