Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/HDvM7UoCgAwvJXv6IeAnR430uLE.roa
File: HDvM7UoCgAwvJXv6IeAnR430uLE.roa (raw, json)
Hash identifier: cnqKCwVXfbcorSmcsb0hzunzSN+5aAcG72KtI96eb3A=
Subject key identifier: 1C:3B:CC:ED:4A:02:80:0C:2F:25:7B:FA:21:E0:27:47:8D:F4:B8:B1
Certificate issuer: /CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Certificate serial: 14814FA0
Authority key identifier: D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/HDvM7UoCgAwvJXv6IeAnR430uLE.roa
Signing time: Tue 25 Jan 2022 19:32:00 +0000
ROA not before: Tue 25 Jan 2022 19:32:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47944
IP address blocks: 94.125.200.0/21 maxlen: 21
94.125.207.0/24 maxlen: 24
2a03:2ba0::/32 maxlen: 32
2a03:2ba0:1:888::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 344018848 (0x14814fa0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Validity
Not Before: Jan 25 19:32:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c3bcced4a02800c2f257bfa21e027478df4b8b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:48:ef:6c:91:e5:38:ea:91:f7:a9:03:c2:dc:
92:e9:d9:de:8c:33:10:b5:b2:5f:f4:eb:fd:65:8b:
99:d1:76:7d:0a:e7:f6:75:33:9b:f3:50:86:a3:d7:
12:c4:9b:e5:14:99:a9:e2:a1:ab:73:c8:9e:f3:e2:
3d:4e:24:ed:58:d0:91:bb:bb:40:4a:0d:74:02:30:
5d:21:98:c9:9b:81:94:50:64:4e:e0:ff:bb:ee:a6:
5e:d3:06:03:3c:b2:f5:6a:a2:46:21:b0:83:ca:97:
d0:55:eb:f7:e6:3e:8e:d8:85:f5:d0:5e:d9:7a:9c:
ec:95:84:da:82:da:6f:bd:34:f7:46:7b:9d:76:c2:
bb:1e:57:f0:23:c9:fe:1b:03:d4:dc:cc:45:85:b5:
a5:a6:8c:71:aa:ca:2d:5a:e3:ed:ea:c3:d3:4d:1e:
db:dc:d8:ad:26:b7:ce:14:1a:e4:ac:b7:68:34:7e:
47:47:eb:30:74:ee:8d:cb:25:71:73:4c:50:fc:58:
6d:b0:ef:cf:c1:32:55:66:21:6d:a4:bf:0b:60:8e:
4a:54:d5:6f:35:ba:68:49:5e:13:21:fa:50:1c:bb:
de:92:65:65:da:77:eb:d1:36:a7:d4:46:47:14:2f:
51:83:b3:fd:b6:bc:84:82:75:cf:a2:c5:90:e5:d9:
97:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3B:CC:ED:4A:02:80:0C:2F:25:7B:FA:21:E0:27:47:8D:F4:B8:B1
X509v3 Authority Key Identifier:
keyid:D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/HDvM7UoCgAwvJXv6IeAnR430uLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.200.0/21
IPv6:
2a03:2ba0::/32
Signature Algorithm: sha256WithRSAEncryption
65:98:ab:56:82:36:55:c1:95:b1:03:1e:31:8b:3a:d8:29:89:
6a:2c:df:a9:05:53:f9:1e:67:90:d5:ab:09:22:df:b3:e3:5e:
00:95:34:3e:1e:d2:cc:bf:97:0d:ad:e9:03:d5:dd:e1:6c:b6:
01:8c:7c:70:b8:c3:91:95:ac:5c:b9:2e:b0:b4:0d:91:87:69:
dc:09:d9:e7:c5:d7:fe:11:ea:47:3a:fa:6b:2d:b2:58:b8:40:
95:45:a7:dd:c6:b6:70:53:ed:1a:a4:64:25:ed:3c:6b:a7:33:
3f:cc:84:57:b7:be:6e:71:66:bd:5a:31:17:f8:6e:ef:e1:f4:
03:56:86:f6:8a:55:1e:07:49:73:3d:2c:c3:9a:0c:68:fb:ab:
20:b4:b1:a4:86:a6:16:e6:5e:03:ac:2b:04:42:e8:31:f2:8b:
38:52:99:b3:a7:2a:37:fe:2c:f3:dc:59:b8:a8:8a:34:dc:a8:
67:65:17:bb:3f:e0:f5:ee:2a:7b:d4:0d:b7:b5:96:19:0e:ea:
4c:8c:f4:ec:73:93:88:1e:98:c3:25:57:d2:ee:75:82:d7:e2:
d8:2f:e9:2e:22:db:fd:c4:1e:ee:c6:32:66:a0:f8:e5:9c:78:
f3:58:aa:d0:b5:e2:d4:af:85:39:c1:9c:8e:10:80:01:06:d1:
10:9e:43:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFIFPoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MWY3Y2QwZWM0YzNiYzU0YzU5NDMxMzA3ZWVjMzZlZjAzODI3NzMzMB4XDTIyMDEy
NTE5MzIwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWMzYmNjZWQ0YTAy
ODAwYzJmMjU3YmZhMjFlMDI3NDc4ZGY0YjhiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtI72yR5TjqkfepA8LckunZ3owzELWyX/Tr/WWLmdF2fQrn
9nUzm/NQhqPXEsSb5RSZqeKhq3PInvPiPU4k7VjQkbu7QEoNdAIwXSGYyZuBlFBk
TuD/u+6mXtMGAzyy9WqiRiGwg8qX0FXr9+Y+jtiF9dBe2Xqc7JWE2oLab70090Z7
nXbCux5X8CPJ/hsD1NzMRYW1paaMcarKLVrj7erD000e29zYrSa3zhQa5Ky3aDR+
R0frMHTujcslcXNMUPxYbbDvz8EyVWYhbaS/C2COSlTVbzW6aEleEyH6UBy73pJl
Zdp369E2p9RGRxQvUYOz/ba8hIJ1z6LFkOXZl8ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQcO8ztSgKADC8le/oh4CdHjfS4sTAfBgNVHSMEGDAWgBTR980OxMO8VMWU
MTB+7DbvA4J3MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBmZk5Ec1REdkZURmxERXdmdXcyN3dPQ2R6TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMDI0ZDQ3LTQ3YjItNDBiNS1hMmI4LTljYjVkODhmZGQzOS8x
L0hEdk03VW9DZ0F3dkpYdjZJZUFuUjQzMHVMRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MDI0ZDQ3LTQ3YjItNDBiNS1hMmI4LTljYjVkODhmZGQzOS8xLzBmZk5Ec1REdkZU
RmxERXdmdXcyN3dPQ2R6TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEA159yDANBAIAAjAHAwUAKgMroDAN
BgkqhkiG9w0BAQsFAAOCAQEAZZirVoI2VcGVsQMeMYs62CmJaizfqQVT+R5nkNWr
CSLfs+NeAJU0Ph7SzL+XDa3pA9Xd4Wy2AYx8cLjDkZWsXLkusLQNkYdp3AnZ58XX
/hHqRzr6ay2yWLhAlUWn3ca2cFPtGqRkJe08a6czP8yEV7e+bnFmvVoxF/hu7+H0
A1aG9opVHgdJcz0sw5oMaPurILSxpIamFuZeA6wrBELoMfKLOFKZs6cqN/4s89xZ
uKiKNNyoZ2UXuz/g9e4qe9QNt7WWGQ7qTIz07HOTiB6YwyVX0u51gtfi2C/pLiLb
/cQe7sYyZqD45Zx481iq0LXi1K+FOcGcjhCAAQbREJ5Dkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:17 2024 by rpki-client on console-ams.rpki-client.org