Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/ic2RtnJqHX9nrokp0atJ18946so.roa
File: ic2RtnJqHX9nrokp0atJ18946so.roa (raw, json)
Hash identifier: VZBeHlrN5ZGbNCHSJOtuhAEvGDavLRaJpy/hRWhTdGY=
Subject key identifier: 89:CD:91:B6:72:6A:1D:7F:67:AE:89:29:D1:AB:49:D7:CF:78:EA:CA
Certificate issuer: /CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Certificate serial: DEF8B3
Authority key identifier: 5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/ic2RtnJqHX9nrokp0atJ18946so.roa
Signing time: Mon 21 Mar 2022 11:58:31 +0000
ROA not before: Mon 21 Mar 2022 11:58:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49720
IP address blocks: 94.131.240.0/24 maxlen: 24
94.131.241.0/24 maxlen: 24
94.131.242.0/24 maxlen: 24
185.241.109.0/24 maxlen: 24
94.131.243.0/24 maxlen: 24
94.131.246.0/24 maxlen: 24
94.131.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14612659 (0xdef8b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c6b0c001a99ab6296e242173bf7e7fdcf03c019
Validity
Not Before: Mar 21 11:58:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89cd91b6726a1d7f67ae8929d1ab49d7cf78eaca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fa:65:c2:b5:50:24:e8:4f:a0:3e:dc:fc:af:
f5:36:d3:dc:ea:17:83:e4:e7:2f:d0:f1:2f:a8:09:
a4:b6:a1:04:87:88:db:b1:26:e5:13:70:bd:19:ab:
20:00:67:2c:52:be:46:52:6a:94:b7:b8:5a:6e:f1:
1a:44:07:47:01:ab:3a:5d:b7:0f:9d:a1:a5:21:e3:
c8:f4:49:3b:b4:63:fe:ed:ad:36:4e:0f:19:8e:5f:
7a:24:54:41:ff:51:68:38:ec:e3:f5:3f:4a:61:25:
37:dd:aa:95:f6:0a:87:3f:f6:90:8f:df:f3:7c:95:
98:b7:03:e9:97:25:c3:24:04:39:f3:10:41:26:f8:
07:a3:1a:e0:93:c9:cc:ab:5e:e1:d5:95:6b:7d:96:
d1:0d:bb:d1:6b:e8:77:66:20:49:de:2f:cf:23:dc:
fa:6e:16:cb:67:bd:5f:9b:98:2c:95:b0:81:09:e6:
e7:01:b3:8f:ea:87:4a:f6:a2:61:54:30:1e:1e:61:
5d:cb:d9:2a:35:b3:3e:c1:e5:1a:ce:2b:8b:43:21:
41:9d:e3:26:c5:7d:e5:76:ec:75:fa:c8:61:f3:ad:
2e:7b:bf:b7:bf:91:cf:11:fc:4f:1e:21:c2:f5:d7:
df:e9:63:2f:48:7d:15:67:98:31:01:00:37:e6:f9:
28:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CD:91:B6:72:6A:1D:7F:67:AE:89:29:D1:AB:49:D7:CF:78:EA:CA
X509v3 Authority Key Identifier:
keyid:5C:6B:0C:00:1A:99:AB:62:96:E2:42:17:3B:F7:E7:FD:CF:03:C0:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XGsMABqZq2KW4kIXO_fn_c8DwBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/ic2RtnJqHX9nrokp0atJ18946so.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c89677-1d9a-418d-8593-c18e3ccc742b/1/XGsMABqZq2KW4kIXO_fn_c8DwBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.240.0/22
94.131.246.0/23
185.241.109.0/24
Signature Algorithm: sha256WithRSAEncryption
70:70:c0:d8:b1:97:06:86:86:85:65:8a:22:10:53:8d:97:ed:
ca:39:7b:c6:5a:f9:77:0b:15:c6:b3:09:fe:e8:05:4f:b1:11:
a9:e7:fe:12:48:ef:28:1f:7b:b6:f6:09:11:19:74:58:b0:35:
3f:cf:63:43:a5:83:8f:c6:1d:97:5a:1a:7f:66:3b:66:cc:86:
f2:f4:db:81:0b:50:e4:27:c8:6d:4c:27:e9:df:f4:e0:ee:79:
99:99:8a:7b:18:ea:ef:7b:59:f9:75:39:03:83:ef:56:52:e7:
4f:3c:df:24:00:68:24:bd:a9:88:b6:a4:ff:63:70:8c:6c:d1:
8b:46:56:e0:15:bc:c8:38:92:75:ba:8b:fc:fc:05:29:6f:0e:
77:3a:e5:31:29:c4:8e:c7:b7:73:f9:22:c2:f7:3c:60:9c:bd:
01:70:63:49:ea:1c:16:be:78:50:ff:5f:dd:b4:7b:6f:38:82:
b0:fe:56:9e:43:48:7a:49:d4:aa:a5:7e:a2:fb:69:7d:b0:26:
96:41:49:db:45:29:4d:e1:af:f8:9b:6c:98:75:8f:35:f4:a9:
09:40:fe:6e:07:df:4a:28:52:35:94:15:ba:7b:5a:ed:94:95:
b8:97:85:77:26:0d:44:86:09:0f:1a:14:15:ce:ff:22:37:e6:
3d:8e:1f:fe
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAN74szANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YzZiMGMwMDFhOTlhYjYyOTZlMjQyMTczYmY3ZTdmZGNmMDNjMDE5MB4XDTIyMDMy
MTExNTgzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODljZDkxYjY3MjZh
MWQ3ZjY3YWU4OTI5ZDFhYjQ5ZDdjZjc4ZWFjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMD6ZcK1UCToT6A+3Pyv9TbT3OoXg+TnL9DxL6gJpLahBIeI
27Em5RNwvRmrIABnLFK+RlJqlLe4Wm7xGkQHRwGrOl23D52hpSHjyPRJO7Rj/u2t
Nk4PGY5feiRUQf9RaDjs4/U/SmElN92qlfYKhz/2kI/f83yVmLcD6ZclwyQEOfMQ
QSb4B6Ma4JPJzKte4dWVa32W0Q270Wvod2YgSd4vzyPc+m4Wy2e9X5uYLJWwgQnm
5wGzj+qHSvaiYVQwHh5hXcvZKjWzPsHlGs4ri0MhQZ3jJsV95XbsdfrIYfOtLnu/
t7+RzxH8Tx4hwvXX3+ljL0h9FWeYMQEAN+b5KHcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSJzZG2cmodf2euiSnRq0nXz3jqyjAfBgNVHSMEGDAWgBRcawwAGpmrYpbi
Qhc79+f9zwPAGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hHc01BQnFacTJLVzRrSVhPX2ZuX2M4RHdCay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvYzg5Njc3LTFkOWEtNDE4ZC04NTkzLWMxOGUzY2NjNzQyYi8x
L2ljMlJ0bkpxSFg5bnJva3AwYXRKMTg5NDZzby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
Yzg5Njc3LTFkOWEtNDE4ZC04NTkzLWMxOGUzY2NjNzQyYi8xL1hHc01BQnFacTJL
VzRrSVhPX2ZuX2M4RHdCay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAl6D8AMEAV6D9gMEALnxbTANBgkq
hkiG9w0BAQsFAAOCAQEAcHDA2LGXBoaGhWWKIhBTjZftyjl7xlr5dwsVxrMJ/ugF
T7ERqef+EkjvKB97tvYJERl0WLA1P89jQ6WDj8Ydl1oaf2Y7ZsyG8vTbgQtQ5CfI
bUwn6d/04O55mZmKexjq73tZ+XU5A4PvVlLnTzzfJABoJL2piLak/2NwjGzRi0ZW
4BW8yDiSdbqL/PwFKW8OdzrlMSnEjse3c/kiwvc8YJy9AXBjSeocFr54UP9f3bR7
bziCsP5WnkNIeknUqqV+ovtpfbAmlkFJ20UpTeGv+JtsmHWPNfSpCUD+bgffSihS
NZQVunta7ZSVuJeFdyYNRIYJDxoUFc7/IjfmPY4f/g==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:38:08 2025 by rpki-client