Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/R6eP9kj_qP3YbITsfqk-zhvFKF0.roa
File: R6eP9kj_qP3YbITsfqk-zhvFKF0.roa (raw, json)
Hash identifier: t/L+Ld5KO7Mi46Wc1TF90M0WiVDiLyvsHJcYK5aSujU=
Subject key identifier: 47:A7:8F:F6:48:FF:A8:FD:D8:6C:84:EC:7E:A9:3E:CE:1B:C5:28:5D
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 06B67ABD
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/R6eP9kj_qP3YbITsfqk-zhvFKF0.roa
Signing time: Wed 27 Apr 2022 09:32:46 +0000
ROA not before: Wed 27 Apr 2022 09:32:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 94.26.89.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
45.141.233.0/24 maxlen: 24
45.141.232.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112622269 (0x6b67abd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Apr 27 09:32:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47a78ff648ffa8fdd86c84ec7ea93ece1bc5285d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c6:ab:da:7e:f1:6e:ab:4e:9e:e0:cb:8c:71:
cf:d7:60:f9:04:00:26:c8:b6:3d:b3:73:c3:1a:cd:
df:1d:0e:49:66:5d:84:8b:f9:dd:ed:60:be:77:fc:
d8:52:42:c1:b5:90:c9:23:2d:48:75:ad:45:85:c7:
93:04:4d:b9:f7:9b:22:50:90:09:80:6e:69:7a:13:
7a:9d:b5:31:02:5e:0a:5d:fa:1d:ae:9d:c2:59:73:
41:4f:79:38:82:19:7d:0d:2a:d8:2f:bc:f6:37:35:
dc:4f:ce:1a:0a:58:66:f7:39:df:72:ea:3c:c4:42:
9e:74:d5:f9:d6:61:b1:80:a9:d7:55:66:18:f8:95:
66:78:ca:bf:dc:90:1f:95:f1:ac:63:c5:48:a6:eb:
e2:1c:b4:22:df:bf:8e:5d:74:16:d2:ae:a1:75:eb:
1b:bc:e0:e0:a7:96:f7:07:6a:d9:61:51:2f:b0:b3:
01:18:c8:71:1c:c1:e6:d7:15:19:6f:ec:0b:5d:3e:
f8:c0:8c:d2:8e:df:7c:9a:40:c6:7b:9b:aa:7d:64:
8a:64:82:42:66:b0:8a:0e:f7:b9:32:9f:41:0b:4c:
14:e9:a2:a4:5d:af:44:71:72:6f:74:cd:d3:33:7b:
1d:bf:53:76:66:9a:be:60:04:4e:fd:d0:eb:57:fb:
2d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:A7:8F:F6:48:FF:A8:FD:D8:6C:84:EC:7E:A9:3E:CE:1B:C5:28:5D
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/R6eP9kj_qP3YbITsfqk-zhvFKF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/22
78.159.131.0/24
78.159.156.0/24
91.92.34.0/24
93.152.207.0-93.152.208.255
94.26.89.0/24
94.190.195.0/24
Signature Algorithm: sha256WithRSAEncryption
19:97:0a:5b:00:ce:c7:0d:c4:af:f4:a2:a1:ea:14:e8:62:57:
a4:83:3f:86:e1:00:8b:d3:10:81:27:f6:a5:33:a3:6f:c9:9f:
a6:40:2a:5c:00:38:d3:a8:7e:67:db:dd:eb:eb:f2:a8:3d:57:
09:0b:52:a8:ad:49:83:1c:57:d9:38:24:eb:f9:f2:99:a6:f1:
0d:ff:6f:d1:3a:e3:72:be:0f:d9:72:6d:5b:f6:5c:25:4d:23:
30:16:28:b3:2a:ab:d4:d6:60:f1:af:5a:18:8e:f3:fa:c5:32:
19:e0:ec:44:bd:fd:96:05:ee:3d:8c:83:56:29:47:cd:fd:e7:
ba:4e:a5:b6:7f:32:d6:ee:b0:a2:c1:6e:ca:4f:f2:da:e4:41:
98:fa:06:e4:1f:fe:5a:2e:42:be:95:a8:dc:29:ae:91:32:92:
99:6f:0b:1e:99:b1:21:ac:78:4d:74:08:21:9b:d2:1b:0b:a6:
f5:07:84:2f:65:30:3c:fb:86:4b:f1:28:63:04:67:4d:f1:13:
60:04:ea:ea:4f:c2:18:d5:9d:82:db:44:c2:2f:91:84:87:ed:
0c:bc:44:d2:17:98:eb:84:cb:08:e4:4d:57:f2:c3:05:e0:51:
c9:96:32:0a:5b:d8:1c:85:33:00:c3:21:fc:b8:c0:59:01:16:
9c:01:ff:67
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEBrZ6vTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDQy
NzA5MzI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDdhNzhmZjY0OGZm
YThmZGQ4NmM4NGVjN2VhOTNlY2UxYmM1Mjg1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL7Gq9p+8W6rTp7gy4xxz9dg+QQAJsi2PbNzwxrN3x0OSWZd
hIv53e1gvnf82FJCwbWQySMtSHWtRYXHkwRNufebIlCQCYBuaXoTep21MQJeCl36
Ha6dwllzQU95OIIZfQ0q2C+89jc13E/OGgpYZvc533LqPMRCnnTV+dZhsYCp11Vm
GPiVZnjKv9yQH5XxrGPFSKbr4hy0It+/jl10FtKuoXXrG7zg4KeW9wdq2WFRL7Cz
ARjIcRzB5tcVGW/sC10++MCM0o7ffJpAxnubqn1kimSCQmawig73uTKfQQtMFOmi
pF2vRHFyb3TN0zN7Hb9TdmaavmAETv3Q61f7LX8CAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBRHp4/2SP+o/dhshOx+qT7OG8UoXTAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L1I2ZVA5a2pfcVAzWWJJVHNmcWstemh2RktGMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowOAQCAAEwMgMEAi2N6AMEAE6fgwMEAE6fnAMEAFtc
IjAMAwQAXZjPAwQAXZjQAwQAXhpZAwQAXr7DMA0GCSqGSIb3DQEBCwUAA4IBAQAZ
lwpbAM7HDcSv9KKh6hToYlekgz+G4QCL0xCBJ/alM6NvyZ+mQCpcADjTqH5n293r
6/KoPVcJC1KorUmDHFfZOCTr+fKZpvEN/2/ROuNyvg/Zcm1b9lwlTSMwFiizKqvU
1mDxr1oYjvP6xTIZ4OxEvf2WBe49jINWKUfN/ee6TqW2fzLW7rCiwW7KT/La5EGY
+gbkH/5aLkK+lajcKa6RMpKZbwsembEhrHhNdAghm9IbC6b1B4QvZTA8+4ZL8Shj
BGdN8RNgBOrqT8IY1Z2C20TCL5GEh+0MvETSF5jrhMsI5E1X8sMF4FHJljIKW9gc
hTMAwyH8uMBZARacAf9n
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:17:52 2025 by rpki-client