Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/3taMir_2HCd45LVO_mFo91fmKGY.roa
File: 3taMir_2HCd45LVO_mFo91fmKGY.roa (raw, json)
Hash identifier: qPYiNoRFju08sJvunox7Ewc3lRGc04SJ/KkAhGiMjqs=
Subject key identifier: DE:D6:8C:8A:BF:F6:1C:27:78:E4:B5:4E:FE:61:68:F7:57:E6:28:66
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 01856F0241DADFEE5103C53FC6D43ED91453
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/3taMir_2HCd45LVO_mFo91fmKGY.roa
Signing time: Sun 01 Jan 2023 20:24:56 +0000
ROA not before: Sun 01 Jan 2023 20:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57888
IP address blocks: 94.250.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:41:da:df:ee:51:03:c5:3f:c6:d4:3e:d9:14:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 20:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ded68c8abff61c2778e4b54efe6168f757e62866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7b:13:a7:03:49:41:89:bf:83:14:45:e8:fd:
fd:5b:77:51:8a:03:fd:4c:f1:a6:a7:da:a1:ba:0e:
c2:eb:9c:b0:d8:9c:37:ff:ff:6c:ea:dd:11:43:e5:
b7:fa:dd:53:55:61:cb:64:6d:a6:30:3a:a4:d3:f1:
61:bc:09:82:c2:72:8e:8e:89:9c:8d:4e:bc:0a:13:
6b:3f:fe:5a:10:f8:e7:df:3e:ff:41:7d:14:5a:86:
58:af:b6:33:e0:76:88:34:71:25:cf:da:a9:f0:df:
43:7a:91:e6:64:64:9b:76:fb:6b:95:25:cc:12:bf:
62:9f:e5:58:08:d8:6f:3d:bd:e2:ec:52:93:e6:70:
44:c9:53:85:70:47:c7:cd:8f:fa:b7:fc:b5:8c:2c:
f0:5d:b9:db:56:a7:ce:21:e4:e6:27:9a:ee:34:d8:
13:5b:fc:79:58:0e:e7:8a:d3:c1:fa:65:56:f8:a8:
46:9f:4e:5b:ff:de:18:6c:e4:5f:27:a4:33:12:9e:
56:1a:37:85:57:20:c2:dd:19:71:ae:0a:00:c2:0a:
13:6b:23:4f:a3:73:3b:35:d1:18:ad:13:5e:dc:f3:
e3:7f:22:9c:48:21:a7:9d:2d:a1:ca:7e:2f:73:d9:
6c:43:7e:17:36:9c:f1:af:42:4c:4e:0b:6d:9c:52:
47:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:D6:8C:8A:BF:F6:1C:27:78:E4:B5:4E:FE:61:68:F7:57:E6:28:66
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/3taMir_2HCd45LVO_mFo91fmKGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.116.0/22
Signature Algorithm: sha256WithRSAEncryption
96:14:79:5b:39:aa:2c:71:52:4c:bf:ba:18:2c:76:90:9b:e7:
84:56:24:96:cf:17:48:7d:6a:19:a2:af:21:1e:5d:bf:29:f2:
0d:c6:a3:1b:61:cc:de:65:3d:7b:30:60:70:94:0f:1a:a7:22:
fe:9d:4b:ad:90:ad:e5:89:72:51:74:af:d9:db:7e:51:10:ba:
a4:32:14:47:66:92:5d:b6:52:0f:6f:a6:88:79:d3:e2:6c:b7:
3d:d9:85:32:8a:21:e7:9e:c6:13:bb:74:8d:e7:2e:aa:5b:6a:
8d:9d:6a:70:83:1e:fe:db:85:e0:42:aa:26:64:76:7a:f9:4a:
21:5d:42:8c:6e:aa:89:62:b7:6e:0e:8b:1d:21:91:00:f1:62:
b6:4e:34:39:a2:29:43:fc:82:38:fb:1c:36:9b:d7:4f:15:e9:
f0:e6:a4:35:33:c4:5f:cb:93:b5:ec:cb:41:7a:6e:7c:e1:a7:
0f:a4:c4:bb:ba:2e:47:3a:6c:3e:e9:a4:fb:3e:0c:79:5e:90:
3b:c0:1a:3a:9b:1c:39:35:d0:c0:f2:c4:e5:65:1c:ad:4d:9b:
a2:c7:c8:a2:99:fd:41:8f:f1:c3:fb:60:62:d9:2d:91:f2:a5:
9d:c9:28:09:48:97:15:9a:89:ba:95:a2:5e:28:fc:16:1a:dd:
f0:34:c1:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkHa3+5RA8U/xtQ+2RRTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjMwMTAxMjAyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWQ2OGM4YWJmZjYxYzI3NzhlNGI1NGVmZTYxNjhmNzU3ZTYyODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnsTpwNJQYm/gxRF6P39W3dRigP9
TPGmp9qhug7C65yw2Jw3//9s6t0RQ+W3+t1TVWHLZG2mMDqk0/FhvAmCwnKOjomc
jU68ChNrP/5aEPjn3z7/QX0UWoZYr7Yz4HaINHElz9qp8N9DepHmZGSbdvtrlSXM
Er9in+VYCNhvPb3i7FKT5nBEyVOFcEfHzY/6t/y1jCzwXbnbVqfOIeTmJ5ruNNgT
W/x5WA7nitPB+mVW+KhGn05b/94YbORfJ6QzEp5WGjeFVyDC3RlxrgoAwgoTayNP
o3M7NdEYrRNe3PPjfyKcSCGnnS2hyn4vc9lsQ34XNpzxr0JMTgttnFJHSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN7WjIq/9hwneOS1Tv5haPdX5ihmMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvM3RhTWlyXzJIQ2Q0NUxWT19tRm85MWZtS0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXvp0MA0G
CSqGSIb3DQEBCwUAA4IBAQCWFHlbOaoscVJMv7oYLHaQm+eEViSWzxdIfWoZoq8h
Hl2/KfINxqMbYczeZT17MGBwlA8apyL+nUutkK3liXJRdK/Z235RELqkMhRHZpJd
tlIPb6aIedPibLc92YUyiiHnnsYTu3SN5y6qW2qNnWpwgx7+24XgQqomZHZ6+Uoh
XUKMbqqJYrduDosdIZEA8WK2TjQ5oilD/II4+xw2m9dPFenw5qQ1M8Rfy5O17MtB
em584acPpMS7ui5HOmw+6aT7Pgx5XpA7wBo6mxw5NdDA8sTlZRytTZuix8iimf1B
j/HD+2Bi2S2R8qWdySgJSJcVmom6laJeKPwWGt3wNMGb
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:49 2025 by rpki-client