Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/1Dp1RIxkKAxe4f4dqTp6_ok0B6o.roa
File: 1Dp1RIxkKAxe4f4dqTp6_ok0B6o.roa (raw, json)
Hash identifier: 9oJxj5IicwbEeHnU7B/RGyp7VK/KerKvNY8OUjVMTSk=
Subject key identifier: D4:3A:75:44:8C:64:28:0C:5E:E1:FE:1D:A9:3A:7A:FE:89:34:07:AA
Certificate issuer: /CN=18f003fba37b00d5f9ce7ec84a3e0668bcd02824
Certificate serial: 01856E8208923202A7E50982B85E83E9F34A
Authority key identifier: 18:F0:03:FB:A3:7B:00:D5:F9:CE:7E:C8:4A:3E:06:68:BC:D0:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/1Dp1RIxkKAxe4f4dqTp6_ok0B6o.roa
Signing time: Sun 01 Jan 2023 18:04:53 +0000
ROA not before: Sun 01 Jan 2023 18:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48685
IP address blocks: 94.250.244.0/22 maxlen: 22
94.250.244.0/23 maxlen: 23
94.250.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:82:08:92:32:02:a7:e5:09:82:b8:5e:83:e9:f3:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18f003fba37b00d5f9ce7ec84a3e0668bcd02824
Validity
Not Before: Jan 1 18:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d43a75448c64280c5ee1fe1da93a7afe893407aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d1:6f:a7:36:0d:43:3c:cb:5f:eb:1b:27:2a:
9b:f9:29:df:b1:54:63:b8:52:b0:bb:f6:bf:1b:0e:
b9:d2:1c:fe:21:7e:95:53:53:4d:25:a0:af:eb:65:
99:3c:b3:92:8c:1f:02:50:81:d0:8b:e7:00:79:e0:
6c:22:04:39:05:a5:f7:c1:5d:b6:03:a6:f9:50:46:
19:97:57:f9:a6:6d:25:be:11:9c:c2:ec:2d:eb:cb:
fd:51:5b:17:79:e2:f6:26:04:36:a5:13:d4:96:59:
de:b3:81:26:8f:4c:3c:ca:8f:ae:36:58:8c:d5:6a:
d3:ef:9e:a4:cd:97:b8:99:62:7f:4b:b3:ac:38:76:
e9:06:32:56:66:13:bf:e4:cc:61:03:7d:0c:d9:3f:
0e:c4:32:73:0e:81:b4:bf:3c:9b:28:dc:06:14:55:
c2:9d:95:85:f2:8a:f3:0f:ec:55:d5:b6:6b:3a:69:
81:1a:0a:9e:4a:e4:2a:a4:20:2a:ef:20:23:b7:d5:
b6:de:21:30:e9:cf:ae:0b:b2:66:b5:43:4b:e6:24:
01:9f:60:84:e6:d5:f9:30:8e:b3:0a:c8:a7:aa:cc:
e6:6e:1d:bf:bc:0a:2e:08:03:f4:60:b9:ad:a5:41:
9d:ab:d0:e6:61:07:ef:e5:31:71:71:bf:e1:34:15:
e7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:3A:75:44:8C:64:28:0C:5E:E1:FE:1D:A9:3A:7A:FE:89:34:07:AA
X509v3 Authority Key Identifier:
keyid:18:F0:03:FB:A3:7B:00:D5:F9:CE:7E:C8:4A:3E:06:68:BC:D0:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/1Dp1RIxkKAxe4f4dqTp6_ok0B6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/d20fd2-072e-4752-afa4-0334ee1ef3ff/1/GPAD-6N7ANX5zn7ISj4GaLzQKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.244.0/22
Signature Algorithm: sha256WithRSAEncryption
12:28:9c:7c:28:66:a6:6b:b5:0c:c3:af:7f:a1:dc:0f:bb:23:
7e:12:f8:73:44:ae:f3:c8:35:ac:0c:5a:11:2f:cb:8f:28:67:
9d:2d:8a:fd:a4:ea:cf:45:9d:b4:d9:f8:26:fb:2a:2a:b5:5a:
f6:7e:4a:63:62:ee:48:bb:1a:b4:76:63:15:eb:f7:eb:e4:49:
72:eb:18:93:d2:6c:4f:7f:30:57:44:4e:23:9c:9d:a1:07:ca:
6d:e3:3c:a6:75:a4:96:27:a2:40:f1:f4:db:12:91:02:ef:f3:
d7:0e:23:ce:32:08:12:94:3e:20:8a:3f:c3:16:a0:f4:6d:84:
67:3a:da:db:17:f8:57:93:ba:8a:9d:b6:14:7d:6f:a5:15:f6:
bc:6e:2b:ae:3b:08:85:ff:a3:f8:5d:85:dc:48:83:e3:36:14:
2d:95:d3:b0:bf:07:a3:47:ae:99:a3:63:f0:dd:e5:91:4e:5d:
c5:71:19:c2:94:22:6c:31:4b:f7:71:29:6c:7f:44:63:19:71:
18:d0:04:85:6a:83:78:bc:96:ab:14:10:e3:c3:0d:ac:1c:59:
d7:da:b7:62:f0:58:9b:bf:0f:c5:fb:35:af:79:4b:51:58:a9:
30:7a:88:cd:f8:b4:05:42:01:a2:c5:71:88:60:10:7f:79:5a:
30:f5:ab:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuggiSMgKn5QmCuF6D6fNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZjAwM2ZiYTM3YjAwZDVmOWNlN2VjODRhM2UwNjY4YmNk
MDI4MjQwHhcNMjMwMTAxMTgwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDNhNzU0NDhjNjQyODBjNWVlMWZlMWRhOTNhN2FmZTg5MzQwN2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltFvpzYNQzzLX+sbJyqb+SnfsVRj
uFKwu/a/Gw650hz+IX6VU1NNJaCv62WZPLOSjB8CUIHQi+cAeeBsIgQ5BaX3wV22
A6b5UEYZl1f5pm0lvhGcwuwt68v9UVsXeeL2JgQ2pRPUllnes4Emj0w8yo+uNliM
1WrT756kzZe4mWJ/S7OsOHbpBjJWZhO/5MxhA30M2T8OxDJzDoG0vzybKNwGFFXC
nZWF8orzD+xV1bZrOmmBGgqeSuQqpCAq7yAjt9W23iEw6c+uC7JmtUNL5iQBn2CE
5tX5MI6zCsinqszmbh2/vAouCAP0YLmtpUGdq9DmYQfv5TFxcb/hNBXnQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQ6dUSMZCgMXuH+Hak6ev6JNAeqMB8GA1UdIwQY
MBaAFBjwA/ujewDV+c5+yEo+Bmi80CgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1BBRC02TjdBTlg1em43SVNqNEdhTHpRS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9kMjBmZDItMDcyZS00NzUyLWFmYTQt
MDMzNGVlMWVmM2ZmLzEvMURwMVJJeGtLQXhlNGY0ZHFUcDZfb2swQjZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9kMjBmZDItMDcyZS00NzUyLWFmYTQtMDMzNGVlMWVmM2Zm
LzEvR1BBRC02TjdBTlg1em43SVNqNEdhTHpRS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXvr0MA0G
CSqGSIb3DQEBCwUAA4IBAQASKJx8KGama7UMw69/odwPuyN+EvhzRK7zyDWsDFoR
L8uPKGedLYr9pOrPRZ202fgm+yoqtVr2fkpjYu5Iuxq0dmMV6/fr5Ely6xiT0mxP
fzBXRE4jnJ2hB8pt4zymdaSWJ6JA8fTbEpEC7/PXDiPOMggSlD4gij/DFqD0bYRn
OtrbF/hXk7qKnbYUfW+lFfa8biuuOwiF/6P4XYXcSIPjNhQtldOwvwejR66Zo2Pw
3eWRTl3FcRnClCJsMUv3cSlsf0RjGXEY0ASFaoN4vJarFBDjww2sHFnX2rdi8Fib
vw/F+zWveUtRWKkweojN+LQFQgGixXGIYBB/eVow9asg
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:58:31 2025 by rpki-client