Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/Im2Hcr6jCWOU4NYDcxF8Ox1ZHa8.roa
File: Im2Hcr6jCWOU4NYDcxF8Ox1ZHa8.roa (raw, json)
Hash identifier: NeSy+2JjPykGZwKJuQZdhSS7qeY7O5EFUpiMlmKxLGI=
Subject key identifier: 22:6D:87:72:BE:A3:09:63:94:E0:D6:03:73:11:7C:3B:1D:59:1D:AF
Certificate issuer: /CN=90f25e6a6893f466d2695e90670c047443643701
Certificate serial: 0185720C5D7457A5F7D08A1455B464F0A01A
Authority key identifier: 90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/Im2Hcr6jCWOU4NYDcxF8Ox1ZHa8.roa
Signing time: Mon 02 Jan 2023 10:34:50 +0000
ROA not before: Mon 02 Jan 2023 10:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 33915
IP address blocks: 94.168.64.0/18 maxlen: 18
94.168.0.0/18 maxlen: 18
94.168.0.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:5d:74:57:a5:f7:d0:8a:14:55:b4:64:f0:a0:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f25e6a6893f466d2695e90670c047443643701
Validity
Not Before: Jan 2 10:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=226d8772bea3096394e0d60373117c3b1d591daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:63:ca:b8:9c:e8:5b:d9:c0:f2:97:8d:2d:d9:
42:ab:7a:84:9d:aa:5a:59:5f:e3:12:79:f4:ca:2a:
bc:d2:ab:02:3b:e8:c6:e8:dc:76:70:2f:37:7d:a8:
ec:76:09:42:ba:31:d1:fd:c1:ac:5b:6a:7c:9d:4e:
4c:46:f8:f0:1c:d4:f7:dc:1e:a0:1d:ce:fe:88:25:
13:45:0d:3c:21:50:8c:70:ce:c0:74:78:8a:b2:18:
27:b9:bf:0b:b2:1f:b7:bf:82:ff:f7:52:14:b2:06:
77:08:9f:0b:e0:62:63:b9:53:61:4e:b3:54:54:79:
5a:07:88:26:d3:df:55:3b:7f:82:42:99:0b:c3:c3:
a5:84:22:3c:b9:db:50:94:6b:4f:03:f9:41:50:31:
36:52:44:e1:ee:80:d4:8b:20:da:54:2b:31:5c:cc:
e1:59:8f:7f:01:cd:1a:5a:ec:f8:da:77:18:f1:c6:
c1:e9:1f:5a:cd:ba:e3:da:89:e1:08:f8:70:79:9f:
7c:17:9a:23:cf:f3:b8:87:88:2f:3f:7d:d9:23:cb:
03:a2:65:6a:5a:f2:99:98:16:05:47:cd:cb:6a:24:
3f:24:06:80:d6:24:6a:58:c3:06:92:8a:e4:5d:20:
35:c9:9c:76:aa:39:e1:97:b7:a4:7f:93:d4:a5:f9:
7e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6D:87:72:BE:A3:09:63:94:E0:D6:03:73:11:7C:3B:1D:59:1D:AF
X509v3 Authority Key Identifier:
keyid:90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/Im2Hcr6jCWOU4NYDcxF8Ox1ZHa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.168.0.0/17
Signature Algorithm: sha256WithRSAEncryption
08:e7:a0:8a:73:a4:3e:61:a6:db:ba:9d:31:27:c2:8b:22:07:
59:97:30:53:e3:64:c0:b3:a1:00:0b:83:91:43:83:bb:a7:22:
d3:10:79:fb:3f:89:fb:ec:67:4a:3a:b4:06:1a:22:67:88:6e:
35:32:51:3f:c5:e0:3d:bc:a9:21:34:52:42:9b:60:92:bc:f4:
50:9f:be:58:bc:28:90:66:1a:c9:7c:9c:83:ac:fe:2a:56:65:
bc:7b:b5:55:e8:4a:7c:7c:6d:30:c4:c2:bf:a7:0f:3d:4c:f4:
c8:6d:f3:07:25:1b:07:44:60:1d:8c:10:c3:70:8e:18:ee:17:
79:5f:8f:d8:1d:8a:5c:72:39:87:64:22:79:7e:e8:3b:1a:5d:
a5:92:3b:e7:27:73:0c:52:8d:7e:99:d9:74:03:fa:90:4d:0e:
a0:08:8b:54:ea:39:71:6c:09:f1:8f:f6:2a:95:72:c8:cf:be:
4b:03:5a:1b:c5:09:3d:d7:80:2a:c4:9c:8d:63:a8:9d:cc:b6:
b9:20:09:b8:08:36:68:53:98:7e:54:85:71:b7:f7:c9:c6:94:
86:f3:7c:ed:b8:54:b1:ce:27:ca:c9:fb:bd:02:d0:9a:14:b4:
74:b5:d5:53:a6:76:8b:6a:bb:66:89:01:c7:0f:c5:8a:79:82:
46:19:31:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyDF10V6X30IoUVbRk8KAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZjI1ZTZhNjg5M2Y0NjZkMjY5NWU5MDY3MGMwNDc0NDM2
NDM3MDEwHhcNMjMwMTAyMTAzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjZkODc3MmJlYTMwOTYzOTRlMGQ2MDM3MzExN2MzYjFkNTkxZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWPKuJzoW9nA8peNLdlCq3qEnapa
WV/jEnn0yiq80qsCO+jG6Nx2cC83fajsdglCujHR/cGsW2p8nU5MRvjwHNT33B6g
Hc7+iCUTRQ08IVCMcM7AdHiKshgnub8Lsh+3v4L/91IUsgZ3CJ8L4GJjuVNhTrNU
VHlaB4gm099VO3+CQpkLw8OlhCI8udtQlGtPA/lBUDE2UkTh7oDUiyDaVCsxXMzh
WY9/Ac0aWuz42ncY8cbB6R9azbrj2onhCPhweZ98F5ojz/O4h4gvP33ZI8sDomVq
WvKZmBYFR83LaiQ/JAaA1iRqWMMGkorkXSA1yZx2qjnhl7ekf5PUpfl+swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCJth3K+owljlODWA3MRfDsdWR2vMB8GA1UdIwQY
MBaAFJDyXmpok/Rm0mlekGcMBHRDZDcBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1BKZWFtaVQ5R2JTYVY2UVp3d0VkRU5rTndFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGIxNjItNzA5OS00MDRkLTgzOTEt
M2IwYjRiOGEyOTgzLzEvSW0ySGNyNmpDV09VNE5ZRGN4RjhPeDFaSGE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGIxNjItNzA5OS00MDRkLTgzOTEtM2IwYjRiOGEyOTgz
LzEva1BKZWFtaVQ5R2JTYVY2UVp3d0VkRU5rTndFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHXqgAMA0G
CSqGSIb3DQEBCwUAA4IBAQAI56CKc6Q+Yabbup0xJ8KLIgdZlzBT42TAs6EAC4OR
Q4O7pyLTEHn7P4n77GdKOrQGGiJniG41MlE/xeA9vKkhNFJCm2CSvPRQn75YvCiQ
ZhrJfJyDrP4qVmW8e7VV6Ep8fG0wxMK/pw89TPTIbfMHJRsHRGAdjBDDcI4Y7hd5
X4/YHYpccjmHZCJ5fug7Gl2lkjvnJ3MMUo1+mdl0A/qQTQ6gCItU6jlxbAnxj/Yq
lXLIz75LA1obxQk914AqxJyNY6idzLa5IAm4CDZoU5h+VIVxt/fJxpSG83ztuFSx
zifKyfu9AtCaFLR0tdVTpnaLartmiQHHD8WKeYJGGTEj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:25 2025 by rpki-client