Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/3ZocdVnIsLgz8HCth3mmmHU5vAo.roa
File: 3ZocdVnIsLgz8HCth3mmmHU5vAo.roa (raw, json)
Hash identifier: J1xx0Pn3tGOmcrrsKr+hX5BKJRhK1tCyjRr6sI1rdXg=
Subject key identifier: DD:9A:1C:75:59:C8:B0:B8:33:F0:70:AD:87:79:A6:98:75:39:BC:0A
Certificate issuer: /CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Certificate serial: 01856E8B20F96C388CF7E25169A50CEC3AB7
Authority key identifier: 5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/3ZocdVnIsLgz8HCth3mmmHU5vAo.roa
Signing time: Sun 01 Jan 2023 18:14:49 +0000
ROA not before: Sun 01 Jan 2023 18:14:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49720
IP address blocks: 94.131.240.0/24 maxlen: 24
94.131.241.0/24 maxlen: 24
94.131.242.0/24 maxlen: 24
185.241.109.0/24 maxlen: 24
94.131.243.0/24 maxlen: 24
94.131.246.0/24 maxlen: 24
94.131.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:20:f9:6c:38:8c:f7:e2:51:69:a5:0c:ec:3a:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Validity
Not Before: Jan 1 18:14:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd9a1c7559c8b0b833f070ad8779a6987539bc0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:65:9a:d1:dc:55:f4:1e:76:43:9b:83:df:31:
e3:3f:4b:95:b2:af:0b:44:28:02:4b:29:d5:62:82:
ed:bf:c7:2e:22:1d:c2:bd:aa:74:1c:6c:fd:5a:6a:
bf:94:19:a8:5d:c7:d1:11:98:86:7b:54:4c:88:7c:
70:8b:c6:8f:de:4d:33:10:c1:54:71:0c:97:f9:60:
32:2a:d2:45:1b:9a:65:85:66:39:b7:5b:80:36:bb:
36:0e:ea:97:2c:df:0e:06:05:94:ab:6c:39:28:9a:
7f:78:86:45:93:5a:65:1e:8f:f9:9f:4e:c3:c2:fb:
dd:fb:c0:a5:4f:ff:2f:82:21:66:88:49:5c:c7:a3:
c6:1f:1b:aa:71:e9:07:94:e4:c6:7c:d7:73:04:de:
57:1c:ce:5a:b6:a1:ce:7d:36:d7:33:b2:67:a2:1b:
c7:6b:76:53:2c:34:44:33:7c:9e:60:36:53:0c:b4:
e2:dd:a9:9f:b6:91:6b:fc:b2:d4:d7:69:06:e2:55:
c7:2e:48:7c:4b:9f:47:7a:bf:9c:59:43:87:f0:d5:
c7:0b:81:02:19:ab:78:95:9e:d9:32:8d:b2:78:a2:
ae:96:d0:95:07:5b:85:04:71:f1:2d:bb:5e:8b:3e:
ae:f1:bc:fb:4b:b6:46:51:39:bb:4b:12:92:b5:cf:
e8:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:9A:1C:75:59:C8:B0:B8:33:F0:70:AD:87:79:A6:98:75:39:BC:0A
X509v3 Authority Key Identifier:
keyid:5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/3ZocdVnIsLgz8HCth3mmmHU5vAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.240.0/22
94.131.246.0/23
185.241.109.0/24
Signature Algorithm: sha256WithRSAEncryption
14:79:33:d6:25:b9:ed:5a:b3:7f:fa:a8:1a:a6:ba:1a:df:35:
7a:c8:e9:9e:65:3d:b6:58:08:3e:4c:ea:9c:6b:6e:67:b8:16:
d1:fa:55:34:53:e2:a2:a8:c2:ac:7c:ed:04:2e:bd:4d:7c:14:
a9:32:97:60:2c:eb:fc:d2:e3:e9:7f:67:0d:37:9d:e6:bd:1e:
1c:89:51:65:42:2b:56:c0:a9:ac:96:c8:4e:bf:af:6c:43:14:
1f:ac:ec:88:68:5d:4a:6a:f1:0c:dd:9d:74:d3:9a:8c:72:4e:
21:f6:fc:43:e8:1e:c1:1f:75:1a:5d:a7:f1:64:fb:b5:d6:b5:
8f:37:b9:9c:da:29:d6:6a:73:c6:82:fc:87:2a:ae:bd:b3:43:
b0:dd:9b:61:62:c0:e6:9e:ba:76:fe:3f:7e:7f:0e:9b:bb:0f:
dc:8f:61:fa:bb:13:cd:4b:44:e4:06:86:83:a3:d0:d4:1e:5b:
48:87:27:8b:55:ed:b4:b2:d2:fe:70:c6:aa:3d:be:bf:62:76:
9d:c3:6b:e1:32:80:65:f5:1e:96:68:99:29:06:6e:5e:e8:4b:
54:52:28:ce:2a:8d:11:b2:e2:79:b4:ef:78:06:69:52:33:8e:
ef:d3:f7:c2:8b:f1:3b:ca:83:ef:98:13:c6:ad:24:43:8a:14:
b5:de:cc:9a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuiyD5bDiM9+JRaaUM7Dq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNmIwYzAwMWE5OWFiNjI5NmUyNDIxNzNiZjdlN2ZkY2Yw
M2MwMTkwHhcNMjMwMTAxMTgxNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDlhMWM3NTU5YzhiMGI4MzNmMDcwYWQ4Nzc5YTY5ODc1MzliYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmWa0dxV9B52Q5uD3zHjP0uVsq8L
RCgCSynVYoLtv8cuIh3Cvap0HGz9Wmq/lBmoXcfREZiGe1RMiHxwi8aP3k0zEMFU
cQyX+WAyKtJFG5plhWY5t1uANrs2DuqXLN8OBgWUq2w5KJp/eIZFk1plHo/5n07D
wvvd+8ClT/8vgiFmiElcx6PGHxuqcekHlOTGfNdzBN5XHM5atqHOfTbXM7JnohvH
a3ZTLDREM3yeYDZTDLTi3amftpFr/LLU12kG4lXHLkh8S59Her+cWUOH8NXHC4EC
Gat4lZ7ZMo2yeKKultCVB1uFBHHxLbteiz6u8bz7S7ZGUTm7SxKStc/oJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN2aHHVZyLC4M/BwrYd5pph1ObwKMB8GA1UdIwQY
MBaAFFxrDAAamatiluJCFzv35/3PA8AZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMt
YzE4ZTNjY2M3NDJiLzEvM1pvY2RWbklzTGd6OEhDdGgzbW1tSFU1dkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jODk2NzctMWQ5YS00MThkLTg1OTMtYzE4ZTNjY2M3NDJi
LzEvWEdzTUFCcVpxMktXNGtJWE9fZm5fYzhEd0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXoPwAwQB
XoP2AwQAufFtMA0GCSqGSIb3DQEBCwUAA4IBAQAUeTPWJbntWrN/+qgaproa3zV6
yOmeZT22WAg+TOqca25nuBbR+lU0U+KiqMKsfO0ELr1NfBSpMpdgLOv80uPpf2cN
N53mvR4ciVFlQitWwKmslshOv69sQxQfrOyIaF1KavEM3Z1005qMck4h9vxD6B7B
H3UaXafxZPu11rWPN7mc2inWanPGgvyHKq69s0Ow3ZthYsDmnrp2/j9+fw6buw/c
j2H6uxPNS0TkBoaDo9DUHltIhyeLVe20stL+cMaqPb6/Ynadw2vhMoBl9R6WaJkp
Bm5e6EtUUijOKo0RsuJ5tO94BmlSM47v0/fCi/E7yoPvmBPGrSRDihS13sya
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:13:04 2025 by rpki-client