Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/2DuJAiqKA-EePvO7FyFyKTYKu4c.roa
File: 2DuJAiqKA-EePvO7FyFyKTYKu4c.roa (raw, json)
Hash identifier: r0WdsSCM591Ew7b13prL4PcC2ebdjFWopL1lr3byTQI=
Subject key identifier: D8:3B:89:02:2A:8A:03:E1:1E:3E:F3:BB:17:21:72:29:36:0A:BB:87
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 01857139CEAA630C395EE8CC24584409E073
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/2DuJAiqKA-EePvO7FyFyKTYKu4c.roa
Signing time: Mon 02 Jan 2023 06:44:51 +0000
ROA not before: Mon 02 Jan 2023 06:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58224
IP address blocks: 94.184.0.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:ce:aa:63:0c:39:5e:e8:cc:24:58:44:09:e0:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Jan 2 06:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d83b89022a8a03e11e3ef3bb17217229360abb87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:84:78:b7:03:81:78:ab:3f:a4:0b:c7:1b:99:
f8:47:9a:cd:1d:a5:b3:ad:57:20:47:7e:7f:73:4a:
2e:5a:09:a1:b6:55:15:25:99:1c:08:88:9d:50:33:
e7:97:04:63:45:e2:60:95:68:8b:75:67:7c:66:d6:
f9:9d:02:da:8c:59:da:5d:4a:7b:49:08:d6:a2:16:
93:5b:80:f0:99:e6:a4:eb:d6:cb:ca:fe:95:0f:56:
bf:df:aa:b6:d4:d9:ed:82:48:52:ae:cd:e6:17:f6:
0e:58:f6:f2:19:27:cd:7b:de:ce:04:5e:4b:ed:78:
75:df:90:d5:fe:47:4d:23:3e:7d:ff:d5:01:1b:99:
7c:d9:51:0c:26:6f:4e:7d:3f:f3:85:c0:55:b2:b9:
8a:d1:1d:63:39:93:81:76:d7:e5:c7:98:99:c7:58:
46:bc:ae:12:a2:4c:07:5c:5f:95:1d:fc:53:c9:3b:
54:f2:57:cf:d5:76:0b:4b:5c:e9:26:c0:38:ac:6a:
4d:91:b3:27:11:d4:88:d7:60:d1:16:d3:86:69:86:
61:9c:d3:ae:6f:f5:a7:d3:39:49:b9:be:78:7a:43:
dc:f1:8e:4a:b0:bd:d6:10:91:18:db:c0:c1:3b:42:
c5:d9:b1:86:2c:ac:31:1b:f4:0b:e6:f8:94:46:ed:
bc:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:3B:89:02:2A:8A:03:E1:1E:3E:F3:BB:17:21:72:29:36:0A:BB:87
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/2DuJAiqKA-EePvO7FyFyKTYKu4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.0.0/18
Signature Algorithm: sha256WithRSAEncryption
35:8e:79:5a:3f:ec:d4:15:3e:28:71:7b:8b:98:91:ef:07:9c:
71:70:db:49:11:4b:10:84:19:d9:1a:fd:f1:06:a0:d0:81:d9:
eb:ab:12:8a:1f:e1:0d:d3:b0:a2:3d:4f:34:cb:4d:b8:5d:d1:
e9:da:07:ca:bc:92:1c:31:d3:26:d1:dd:b6:e6:75:45:c1:38:
3d:0f:ca:cf:93:96:c0:16:49:ef:69:f6:6d:f2:6c:cd:80:8a:
20:5d:cd:0d:a8:d1:0c:77:f4:7f:f5:7b:61:9c:a8:af:78:ff:
39:8d:ff:df:9a:23:c3:d9:3c:82:dd:ea:44:5e:da:27:67:4f:
57:4c:a2:1b:b2:25:42:b3:40:d8:16:e0:06:09:97:7e:70:2d:
98:95:f2:61:b9:20:c1:bf:9e:7d:ac:2b:32:07:fc:d2:4a:33:
6a:71:f4:72:7f:0a:8b:c0:da:d7:cd:4b:15:dc:a6:72:e3:03:
87:c7:3a:7e:bf:8b:01:1b:c7:d2:6c:f3:c9:f9:90:7d:5e:71:
76:99:f3:88:05:96:16:9e:7c:7c:c5:46:3f:cd:87:53:33:1d:
e0:24:2c:29:88:d5:e5:f1:65:be:4e:a2:54:ca:c2:f9:fe:68:
21:0e:d0:8e:cd:76:52:fe:47:3a:15:3f:75:3f:0a:2a:b9:97:
b5:4e:7a:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxOc6qYww5XujMJFhECeBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjMwMTAyMDY0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODNiODkwMjJhOGEwM2UxMWUzZWYzYmIxNzIxNzIyOTM2MGFiYjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIR4twOBeKs/pAvHG5n4R5rNHaWz
rVcgR35/c0ouWgmhtlUVJZkcCIidUDPnlwRjReJglWiLdWd8Ztb5nQLajFnaXUp7
SQjWohaTW4Dwmeak69bLyv6VD1a/36q21NntgkhSrs3mF/YOWPbyGSfNe97OBF5L
7Xh135DV/kdNIz59/9UBG5l82VEMJm9OfT/zhcBVsrmK0R1jOZOBdtflx5iZx1hG
vK4SokwHXF+VHfxTyTtU8lfP1XYLS1zpJsA4rGpNkbMnEdSI12DRFtOGaYZhnNOu
b/Wn0zlJub54ekPc8Y5KsL3WEJEY28DBO0LF2bGGLKwxG/QL5viURu28RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNg7iQIqigPhHj7zuxchcik2CruHMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvMkR1SkFpcUtBLUVlUHZPN0Z5RnlLVFlLdTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGXrgAMA0G
CSqGSIb3DQEBCwUAA4IBAQA1jnlaP+zUFT4ocXuLmJHvB5xxcNtJEUsQhBnZGv3x
BqDQgdnrqxKKH+EN07CiPU80y024XdHp2gfKvJIcMdMm0d225nVFwTg9D8rPk5bA
FknvafZt8mzNgIogXc0NqNEMd/R/9XthnKiveP85jf/fmiPD2TyC3epEXtonZ09X
TKIbsiVCs0DYFuAGCZd+cC2YlfJhuSDBv559rCsyB/zSSjNqcfRyfwqLwNrXzUsV
3KZy4wOHxzp+v4sBG8fSbPPJ+ZB9XnF2mfOIBZYWnnx8xUY/zYdTMx3gJCwpiNXl
8WW+TqJUysL5/mghDtCOzXZS/kc6FT91PwoquZe1Tnr2
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:26 2025 by rpki-client