Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/ba61ce-9c86-42ef-90fb-dd515e63cfcb/1/Db5hpxzgLWyCr1GqpfQI__wyTLI.roa
File: Db5hpxzgLWyCr1GqpfQI__wyTLI.roa (raw, json)
Hash identifier: SyUQuWK4Uv66UqyPI4EBSRr/NxCyGuhSEQQe+kynzrM=
Subject key identifier: 0D:BE:61:A7:1C:E0:2D:6C:82:AF:51:AA:A5:F4:08:FF:FC:32:4C:B2
Certificate issuer: /CN=738e65fb03e6d607d8be204345d6e05a460b9a4f
Certificate serial: 018346C87B2FCDC629E05330B2BE189D87D9
Authority key identifier: 73:8E:65:FB:03:E6:D6:07:D8:BE:20:43:45:D6:E0:5A:46:0B:9A:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c45l-wPm1gfYviBDRdbgWkYLmk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/ba61ce-9c86-42ef-90fb-dd515e63cfcb/1/Db5hpxzgLWyCr1GqpfQI__wyTLI.roa
Signing time: Fri 16 Sep 2022 14:51:27 +0000
ROA not before: Fri 16 Sep 2022 14:51:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213307
IP address blocks: 94.154.12.0/24 maxlen: 24
2a05:7700::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:46:c8:7b:2f:cd:c6:29:e0:53:30:b2:be:18:9d:87:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=738e65fb03e6d607d8be204345d6e05a460b9a4f
Validity
Not Before: Sep 16 14:51:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0dbe61a71ce02d6c82af51aaa5f408fffc324cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8d:bd:43:57:08:b5:67:13:4a:1e:16:34:45:
ee:d4:c7:09:17:f0:2d:65:3a:54:83:5e:6b:6e:8d:
c6:4f:d4:29:17:18:64:0b:b4:08:d8:d6:8d:1a:bb:
33:61:ae:69:71:43:22:6a:d2:d5:02:64:f2:f9:5c:
c9:ec:e1:7c:55:ca:7b:60:a1:32:44:a2:e9:5d:4a:
c8:8f:ce:37:40:4f:ed:07:2d:5b:46:01:e9:51:cd:
d7:fc:87:a8:84:bb:39:32:f8:d7:a4:64:dd:3c:f6:
36:71:fe:53:53:50:85:bb:97:23:02:93:a2:87:bc:
ec:3d:95:30:eb:80:80:71:2d:53:d1:87:3b:da:79:
c8:0e:43:6a:6a:da:4e:6f:20:a5:80:3d:b2:45:8b:
49:5c:84:aa:4e:e3:a8:ee:e1:bf:2e:11:3f:09:2a:
b6:bf:17:90:5b:47:6c:56:09:3e:52:41:13:07:b5:
a9:98:3b:50:83:1b:25:33:a7:8c:bf:f7:74:d0:c0:
54:8c:15:fa:1b:d9:d4:60:e3:9e:5c:f0:1e:3d:d8:
42:cb:c8:df:a1:bd:c5:d1:b5:dc:6f:99:33:a1:52:
8b:d6:4f:60:85:d6:3a:33:6e:01:57:65:f6:11:05:
f2:84:e5:a5:1e:bc:f9:b9:3d:2e:25:dc:f7:aa:aa:
5c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:BE:61:A7:1C:E0:2D:6C:82:AF:51:AA:A5:F4:08:FF:FC:32:4C:B2
X509v3 Authority Key Identifier:
keyid:73:8E:65:FB:03:E6:D6:07:D8:BE:20:43:45:D6:E0:5A:46:0B:9A:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c45l-wPm1gfYviBDRdbgWkYLmk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/ba61ce-9c86-42ef-90fb-dd515e63cfcb/1/Db5hpxzgLWyCr1GqpfQI__wyTLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/ba61ce-9c86-42ef-90fb-dd515e63cfcb/1/c45l-wPm1gfYviBDRdbgWkYLmk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.12.0/24
IPv6:
2a05:7700::/29
Signature Algorithm: sha256WithRSAEncryption
97:e4:b2:05:46:7f:de:73:ab:8e:82:40:4b:03:08:8b:34:ff:
81:cf:d9:8d:96:fe:f8:ea:ed:ab:f0:b3:43:14:14:f0:a1:ec:
59:46:1b:92:e2:a9:ef:9a:02:cf:97:81:f0:09:6b:cd:e5:8a:
84:72:2b:e7:1b:3c:ae:3f:8b:36:db:9c:1e:25:6d:83:12:90:
e5:be:9b:8c:72:dc:c1:15:b8:96:b1:15:a1:92:44:73:e2:86:
7e:b7:87:44:24:81:1e:27:01:0a:14:41:ac:98:ca:36:eb:1f:
15:a5:88:37:57:10:3e:30:a4:12:eb:6f:34:0b:81:a4:2f:18:
37:9e:65:ab:33:b2:50:3b:68:ac:6c:60:98:3f:31:25:46:4f:
22:a3:c5:c5:3b:ce:92:30:af:54:76:45:96:c0:75:90:6e:16:
ed:88:46:80:ed:fe:e0:ed:66:79:ec:6c:84:5b:89:16:f5:56:
2e:d7:84:c6:e8:81:1f:ea:c6:83:c1:b2:9a:48:3a:57:be:b6:
fc:dc:91:ac:68:a0:14:29:01:cf:67:d7:35:00:9b:77:52:26:
b2:a2:a7:6a:d7:5d:99:47:22:e5:c1:d5:0f:7b:02:d3:7f:fd:
05:d0:4a:73:aa:a4:99:91:2f:ff:43:3d:80:3a:d4:df:a8:b7:
cb:e4:e8:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNGyHsvzcYp4FMwsr4YnYfZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOGU2NWZiMDNlNmQ2MDdkOGJlMjA0MzQ1ZDZlMDVhNDYw
YjlhNGYwHhcNMjIwOTE2MTQ1MTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGJlNjFhNzFjZTAyZDZjODJhZjUxYWFhNWY0MDhmZmZjMzI0Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmY29Q1cItWcTSh4WNEXu1McJF/At
ZTpUg15rbo3GT9QpFxhkC7QI2NaNGrszYa5pcUMiatLVAmTy+VzJ7OF8Vcp7YKEy
RKLpXUrIj843QE/tBy1bRgHpUc3X/IeohLs5MvjXpGTdPPY2cf5TU1CFu5cjApOi
h7zsPZUw64CAcS1T0Yc72nnIDkNqatpObyClgD2yRYtJXISqTuOo7uG/LhE/CSq2
vxeQW0dsVgk+UkETB7WpmDtQgxslM6eMv/d00MBUjBX6G9nUYOOeXPAePdhCy8jf
ob3F0bXcb5kzoVKL1k9ghdY6M24BV2X2EQXyhOWlHrz5uT0uJdz3qqpc5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFA2+Yacc4C1sgq9RqqX0CP/8MkyyMB8GA1UdIwQY
MBaAFHOOZfsD5tYH2L4gQ0XW4FpGC5pPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzQ1bC13UG0xZ2ZZdmlCRFJkYmdXa1lMbWs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9iYTYxY2UtOWM4Ni00MmVmLTkwZmIt
ZGQ1MTVlNjNjZmNiLzEvRGI1aHB4emdMV3lDcjFHcXBmUUlfX3d5VExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9iYTYxY2UtOWM4Ni00MmVmLTkwZmItZGQ1MTVlNjNjZmNi
LzEvYzQ1bC13UG0xZ2ZZdmlCRFJkYmdXa1lMbWs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAXpoMMA0E
AgACMAcDBQMqBXcAMA0GCSqGSIb3DQEBCwUAA4IBAQCX5LIFRn/ec6uOgkBLAwiL
NP+Bz9mNlv746u2r8LNDFBTwoexZRhuS4qnvmgLPl4HwCWvN5YqEcivnGzyuP4s2
25weJW2DEpDlvpuMctzBFbiWsRWhkkRz4oZ+t4dEJIEeJwEKFEGsmMo26x8VpYg3
VxA+MKQS6280C4GkLxg3nmWrM7JQO2isbGCYPzElRk8io8XFO86SMK9UdkWWwHWQ
bhbtiEaA7f7g7WZ57GyEW4kW9VYu14TG6IEf6saDwbKaSDpXvrb83JGsaKAUKQHP
Z9c1AJt3Uiayoqdq112ZRyLlwdUPewLTf/0F0EpzqqSZkS//Qz2AOtTfqLfL5OjW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:12 2025 by rpki-client