Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/aa2a44-3b3e-4b0f-a153-a486be3569a7/1/rAU949FHO7CI2oS_F9XVj_5EYvE.roa
File: rAU949FHO7CI2oS_F9XVj_5EYvE.roa (raw, json)
Hash identifier: AHpD1bdjP+E5OpTo8r37oy3Gt3LP8SLifhlNjWDtjE0=
Subject key identifier: AC:05:3D:E3:D1:47:3B:B0:88:DA:84:BF:17:D5:D5:8F:FE:44:62:F1
Certificate issuer: /CN=5f1fd44ccc54b5ceb3a79cb3794b9c66aeb67e49
Certificate serial: 072931FF
Authority key identifier: 5F:1F:D4:4C:CC:54:B5:CE:B3:A7:9C:B3:79:4B:9C:66:AE:B6:7E:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx_UTMxUtc6zp5yzeUucZq62fkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/aa2a44-3b3e-4b0f-a153-a486be3569a7/1/rAU949FHO7CI2oS_F9XVj_5EYvE.roa
Signing time: Sat 01 Jan 2022 04:58:12 +0000
ROA not before: Sat 01 Jan 2022 04:58:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39647
IP address blocks: 185.93.117.0/24 maxlen: 24
185.93.116.0/22 maxlen: 22
185.93.116.0/24 maxlen: 24
194.34.240.0/22 maxlen: 22
194.34.240.0/24 maxlen: 24
185.93.118.0/24 maxlen: 24
194.34.242.0/24 maxlen: 24
194.34.241.0/24 maxlen: 24
185.93.119.0/24 maxlen: 24
194.34.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120140287 (0x72931ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fd44ccc54b5ceb3a79cb3794b9c66aeb67e49
Validity
Not Before: Jan 1 04:58:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac053de3d1473bb088da84bf17d5d58ffe4462f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:21:2e:45:1b:6c:58:33:9b:20:bd:f9:40:ff:
ba:06:58:0d:78:ac:c8:9b:f8:aa:d8:43:57:77:49:
89:1d:17:a0:12:a4:2a:ae:1a:8d:ae:eb:e6:82:60:
9e:91:95:de:d5:f4:f8:25:11:28:20:95:88:24:71:
e8:ae:84:fa:99:70:cc:3e:86:47:e3:da:61:9d:bc:
03:45:35:f1:d5:4a:01:f8:0b:87:e2:8d:a9:b7:19:
38:66:f9:13:bf:13:26:ac:f2:2a:5c:7e:2c:a8:ed:
40:38:ba:66:86:12:8f:9b:1b:3a:93:82:a1:8b:fb:
a3:9e:12:0a:fa:61:b7:c4:d4:c4:a6:39:fb:09:92:
d0:b2:85:4b:b9:a3:da:98:7c:cb:9b:49:95:e5:95:
17:6c:96:1f:96:ec:8a:bd:d1:b4:c3:07:1e:48:47:
a5:a4:9b:e2:5e:5f:5c:b8:b3:73:c1:79:66:53:f5:
d0:ac:76:48:36:e2:76:76:cc:c6:37:a3:87:5c:f6:
39:1c:98:95:6f:50:7b:c5:10:9a:c2:df:70:b2:da:
be:39:56:1b:1c:59:33:37:a8:5d:34:fd:e7:41:12:
c1:17:c9:6d:f8:f6:c9:ac:6b:c8:00:89:5a:80:44:
79:43:5c:6a:17:04:a3:ec:12:6f:7d:d8:4c:94:ba:
6a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:05:3D:E3:D1:47:3B:B0:88:DA:84:BF:17:D5:D5:8F:FE:44:62:F1
X509v3 Authority Key Identifier:
keyid:5F:1F:D4:4C:CC:54:B5:CE:B3:A7:9C:B3:79:4B:9C:66:AE:B6:7E:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx_UTMxUtc6zp5yzeUucZq62fkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa2a44-3b3e-4b0f-a153-a486be3569a7/1/rAU949FHO7CI2oS_F9XVj_5EYvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa2a44-3b3e-4b0f-a153-a486be3569a7/1/Xx_UTMxUtc6zp5yzeUucZq62fkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.116.0/22
194.34.240.0/22
Signature Algorithm: sha256WithRSAEncryption
52:81:3e:53:5e:04:e0:08:43:1b:07:1e:1a:ea:6b:ce:2c:1d:
70:52:8a:98:c2:7f:f4:ec:5e:d3:3f:51:53:28:c3:1f:47:bd:
f3:b8:28:55:79:5e:1a:cc:36:11:27:a7:86:9e:3e:c3:12:fe:
c8:e7:cf:d2:f5:41:35:75:54:32:9f:ac:a2:7b:6e:4c:86:32:
bf:17:d2:32:02:db:98:57:25:75:2c:0f:15:99:a1:22:63:d5:
9d:44:47:8e:3f:67:f6:b6:c5:e3:98:69:b3:8d:b2:e0:ab:a8:
41:a2:4b:2f:c3:1a:98:8a:f0:cf:8c:48:9c:57:a1:aa:69:1f:
9e:23:15:fd:a6:93:3d:d7:ca:75:a4:e6:21:a4:f9:16:eb:84:
4f:4e:e7:b5:ba:ef:a5:af:fd:21:8e:45:21:4b:68:18:da:07:
92:03:aa:d2:a6:b5:ad:29:d0:90:9e:83:48:03:02:0e:d7:5f:
4e:a8:4e:6e:a2:72:24:98:24:c4:e3:f5:b4:81:6b:cf:c5:9e:
f0:0c:21:34:cf:7f:91:1f:c6:99:61:74:b8:ad:74:07:39:f5:
0c:94:0f:a4:57:98:e0:d6:15:0e:13:78:cd:cb:ec:b2:08:ab:
e1:b0:81:fb:1c:52:9f:9e:a1:e9:7e:f7:de:0d:8d:51:1a:97:
04:20:f9:67
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBykx/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZjFmZDQ0Y2NjNTRiNWNlYjNhNzljYjM3OTRiOWM2NmFlYjY3ZTQ5MB4XDTIyMDEw
MTA0NTgxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWMwNTNkZTNkMTQ3
M2JiMDg4ZGE4NGJmMTdkNWQ1OGZmZTQ0NjJmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANkhLkUbbFgzmyC9+UD/ugZYDXisyJv4qthDV3dJiR0XoBKk
Kq4aja7r5oJgnpGV3tX0+CURKCCViCRx6K6E+plwzD6GR+PaYZ28A0U18dVKAfgL
h+KNqbcZOGb5E78TJqzyKlx+LKjtQDi6ZoYSj5sbOpOCoYv7o54SCvpht8TUxKY5
+wmS0LKFS7mj2ph8y5tJleWVF2yWH5bsir3RtMMHHkhHpaSb4l5fXLizc8F5ZlP1
0Kx2SDbidnbMxjejh1z2ORyYlW9Qe8UQmsLfcLLavjlWGxxZMzeoXTT950ESwRfJ
bfj2yaxryACJWoBEeUNcahcEo+wSb33YTJS6avcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSsBT3j0Uc7sIjahL8X1dWP/kRi8TAfBgNVHSMEGDAWgBRfH9RMzFS1zrOn
nLN5S5xmrrZ+STAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1h4X1VUTXhVdGM2enA1eXplVXVjWnE2MmZray5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvYWEyYTQ0LTNiM2UtNGIwZi1hMTUzLWE0ODZiZTM1NjlhNy8x
L3JBVTk0OUZITzdDSTJvU19GOVhWal81RVl2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
YWEyYTQ0LTNiM2UtNGIwZi1hMTUzLWE0ODZiZTM1NjlhNy8xL1h4X1VUTXhVdGM2
enA1eXplVXVjWnE2MmZray5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlddAMEAsIi8DANBgkqhkiG9w0B
AQsFAAOCAQEAUoE+U14E4AhDGwceGuprziwdcFKKmMJ/9Oxe0z9RUyjDH0e987go
VXleGsw2ESenhp4+wxL+yOfP0vVBNXVUMp+sontuTIYyvxfSMgLbmFcldSwPFZmh
ImPVnURHjj9n9rbF45hps42y4KuoQaJLL8MamIrwz4xInFehqmkfniMV/aaTPdfK
daTmIaT5FuuET07ntbrvpa/9IY5FIUtoGNoHkgOq0qa1rSnQkJ6DSAMCDtdfTqhO
bqJyJJgkxOP1tIFrz8We8AwhNM9/kR/GmWF0uK10Bzn1DJQPpFeY4NYVDhN4zcvs
sgir4bCB+xxSn56h6X733g2NURqXBCD5Zw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:58 2024 by rpki-client on console-ams.rpki-client.org