Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ujApZiEmb2Qu3qUqEg1eMoFRPeA.roa
File: ujApZiEmb2Qu3qUqEg1eMoFRPeA.roa (raw, json)
Hash identifier: VnMxuYspq9FBld8jT/3nWqj/G8IGbxN9QIEIHiG+rK0=
Subject key identifier: BA:30:29:66:21:26:6F:64:2E:DE:A5:2A:12:0D:5E:32:81:51:3D:E0
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 01856F42A4B9DD232A8D06183415DB5E40DD
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ujApZiEmb2Qu3qUqEg1eMoFRPeA.roa
Signing time: Sun 01 Jan 2023 21:35:16 +0000
ROA not before: Sun 01 Jan 2023 21:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3257
IP address blocks: 94.131.48.0/20 maxlen: 24
95.164.16.0/22 maxlen: 22
94.131.64.0/20 maxlen: 24
95.164.128.0/20 maxlen: 24
95.164.240.0/21 maxlen: 21
95.164.44.0/22 maxlen: 22
94.131.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:a4:b9:dd:23:2a:8d:06:18:34:15:db:5e:40:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 1 21:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ba30296621266f642edea52a120d5e3281513de0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:bc:49:c3:dc:f2:ad:3a:07:c4:7b:42:5b:90:
5e:48:c9:1a:df:58:e7:bf:9c:aa:d5:2e:4c:8a:8d:
aa:50:be:67:e7:6c:f1:56:ef:9a:dd:9f:a5:4f:68:
17:2c:96:ed:c9:32:16:cc:bd:69:66:de:7a:ba:57:
8b:8e:99:62:2c:8e:8b:da:dc:1d:0b:9f:dc:d7:56:
7d:78:97:45:58:a5:66:d2:6d:c0:f1:6f:dd:9e:bd:
74:b8:63:9e:d6:a4:69:e3:a7:96:4a:26:b5:0d:a8:
26:d5:c6:55:dd:f5:02:d0:7b:ab:bb:19:26:25:6e:
49:9a:d8:bf:a4:1a:25:92:fa:05:17:36:a4:cf:24:
e4:7d:fd:f7:9d:d2:f4:d9:1f:19:3c:04:3f:1e:61:
4e:6d:52:f2:50:46:7b:2c:36:64:b6:c2:bb:69:63:
ea:47:9c:80:47:dd:4b:80:e8:d8:f2:6b:bc:cc:20:
46:a2:8c:c5:09:58:38:99:d3:50:d6:f8:2f:e2:03:
ad:88:86:dd:f6:64:a8:6b:cf:ee:59:e0:a9:44:db:
d5:2b:d4:86:4b:8e:aa:37:41:13:b5:c0:7a:bb:43:
91:44:27:b9:7e:ce:a6:e0:90:48:2a:c5:e5:4f:45:
d7:a2:61:e7:52:35:7c:60:d1:2f:31:43:9d:bb:9b:
b3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:30:29:66:21:26:6F:64:2E:DE:A5:2A:12:0D:5E:32:81:51:3D:E0
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ujApZiEmb2Qu3qUqEg1eMoFRPeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.24.0/22
94.131.48.0-94.131.79.255
95.164.16.0/22
95.164.44.0/22
95.164.128.0/20
95.164.240.0/21
Signature Algorithm: sha256WithRSAEncryption
13:e0:04:90:63:ef:8a:ef:01:47:02:df:3c:6a:e2:ce:d6:d1:
af:33:b1:d8:0a:c8:8c:c3:94:47:cd:a6:80:75:24:41:15:67:
af:77:f0:e9:6c:db:5a:07:88:27:7b:54:49:82:43:98:f5:8c:
c2:12:8c:88:04:26:83:37:b0:34:ec:ef:89:ef:8b:7b:77:5d:
08:8c:08:13:15:a0:8b:4f:de:df:4d:70:88:b3:8e:df:ad:81:
8a:57:5e:21:f2:ab:39:17:33:7c:0d:b6:61:31:09:19:dc:ec:
f7:da:33:ba:da:a7:6d:32:0b:d0:ec:22:40:57:76:e6:72:19:
9a:4f:af:73:8e:4a:6b:73:70:12:71:b0:ce:4c:d9:8c:af:cd:
0c:98:4f:4f:2b:55:0e:c8:7a:f3:38:31:78:b3:c7:30:25:81:
fd:b0:ef:68:6a:19:84:51:45:7c:85:2e:df:c8:bf:5e:86:3a:
a4:aa:eb:d3:33:82:4d:1d:f7:ce:0f:5c:6c:69:8f:db:63:d5:
17:3c:ad:f7:f3:76:db:42:b5:4a:08:2f:1d:be:e2:91:88:2a:
5f:3f:7f:13:08:80:1b:a7:56:b2:ce:a2:ce:97:9f:5a:34:a8:
3a:fd:ca:76:34:2a:3e:66:66:25:00:84:1e:e7:9e:f0:c4:02:
e5:d7:e6:22
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYVvQqS53SMqjQYYNBXbXkDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjMwMTAxMjEzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTMwMjk2NjIxMjY2ZjY0MmVkZWE1MmExMjBkNWUzMjgxNTEzZGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bxJw9zyrToHxHtCW5BeSMka31jn
v5yq1S5Mio2qUL5n52zxVu+a3Z+lT2gXLJbtyTIWzL1pZt56uleLjpliLI6L2twd
C5/c11Z9eJdFWKVm0m3A8W/dnr10uGOe1qRp46eWSia1Dagm1cZV3fUC0Huruxkm
JW5Jmti/pBolkvoFFzakzyTkff33ndL02R8ZPAQ/HmFObVLyUEZ7LDZktsK7aWPq
R5yAR91LgOjY8mu8zCBGoozFCVg4mdNQ1vgv4gOtiIbd9mSoa8/uWeCpRNvVK9SG
S46qN0ETtcB6u0ORRCe5fs6m4JBIKsXlT0XXomHnUjV8YNEvMUOdu5uzPQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLowKWYhJm9kLt6lKhINXjKBUT3gMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvdWpBcFppRW1iMlF1M3FVcUVnMWVNb0ZSUGVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCXoMYMAwD
BARegzADBAReg0ADBAJfpBADBAJfpCwDBARfpIADBANfpPAwDQYJKoZIhvcNAQEL
BQADggEBABPgBJBj74rvAUcC3zxq4s7W0a8zsdgKyIzDlEfNpoB1JEEVZ6938Ols
21oHiCd7VEmCQ5j1jMISjIgEJoM3sDTs74nvi3t3XQiMCBMVoItP3t9NcIizjt+t
gYpXXiHyqzkXM3wNtmExCRnc7PfaM7rap20yC9DsIkBXduZyGZpPr3OOSmtzcBJx
sM5M2YyvzQyYT08rVQ7IevM4MXizxzAlgf2w72hqGYRRRXyFLt/Iv16GOqSq69Mz
gk0d984PXGxpj9tj1Rc8rffzdttCtUoILx2+4pGIKl8/fxMIgBunVrLOos6Xn1o0
qDr9ynY0Kj5mZiUAhB7nnvDEAuXX5iI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:22:35 2025 by rpki-client