Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/k9xtx3XCPBT-QdFNW3VpALz9H6A.roa
File: k9xtx3XCPBT-QdFNW3VpALz9H6A.roa (raw, json)
Hash identifier: c3iD7vWTWHqJTsCYWvbCIP7bfbrjyzw/CBjIgMZ0gXI=
Subject key identifier: 93:DC:6D:C7:75:C2:3C:14:FE:41:D1:4D:5B:75:69:00:BC:FD:1F:A0
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 2AE804E8
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/k9xtx3XCPBT-QdFNW3VpALz9H6A.roa
Signing time: Sat 01 Jan 2022 13:57:45 +0000
ROA not before: Sat 01 Jan 2022 13:57:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12968
IP address blocks: 93.159.0.0/18 maxlen: 18
62.111.128.0/17 maxlen: 17
85.128.0.0/17 maxlen: 17
89.171.0.0/16 maxlen: 16
193.91.16.0/20 maxlen: 20
62.181.160.0/19 maxlen: 19
2001:16b0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 719848680 (0x2ae804e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 13:57:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=93dc6dc775c23c14fe41d14d5b756900bcfd1fa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5a:95:11:43:0e:ab:5a:0b:eb:a4:c2:df:e6:
df:bf:22:dd:a8:1d:3e:78:5e:2b:59:fb:d5:7e:6e:
45:49:ac:8b:d4:a3:ef:86:66:fe:ae:67:24:49:58:
9d:fa:49:63:a0:70:b3:9e:c8:af:0c:4f:94:68:50:
2a:0d:0e:22:ce:f4:f6:4d:2c:eb:94:41:19:b8:ef:
1a:e8:67:2f:98:48:f1:10:e2:0d:b5:72:9c:03:18:
1c:e1:78:1f:0f:d9:5a:9c:3b:ec:ed:f9:03:f0:92:
c6:8f:e2:40:db:7f:0b:c6:ce:33:bb:38:b9:bf:12:
28:0b:5f:ef:01:25:9d:73:14:39:d6:30:b5:d1:e8:
20:2a:4c:0c:6d:1e:59:36:35:0a:07:4a:4e:e7:04:
1e:1f:f1:ee:45:65:48:a7:af:a2:05:46:b1:68:4f:
73:a1:ad:4e:83:d5:19:e3:71:ae:07:61:4a:fd:4c:
50:b0:6a:4c:47:01:38:21:11:ad:6e:aa:4d:b8:3e:
93:c8:b2:8f:b3:a9:f2:8d:a1:b4:19:e6:59:df:62:
65:e3:e0:7d:b5:30:3d:85:1b:01:3d:ff:7e:8b:c4:
ba:d9:aa:f2:bc:d2:05:a8:ac:b9:82:de:e3:ab:91:
b1:27:c4:2d:7f:63:ac:55:ab:de:fb:64:9d:10:72:
1c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:DC:6D:C7:75:C2:3C:14:FE:41:D1:4D:5B:75:69:00:BC:FD:1F:A0
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/k9xtx3XCPBT-QdFNW3VpALz9H6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.111.128.0/17
62.181.160.0/19
85.128.0.0/17
89.171.0.0/16
93.159.0.0/18
193.91.16.0/20
IPv6:
2001:16b0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:1e:e3:f4:db:15:b8:39:1a:00:18:a3:cb:5b:b5:ac:2d:a1:
e0:ce:bc:55:95:89:7b:5b:c3:3d:7a:2e:08:57:be:e7:ff:4e:
15:55:e4:f1:41:4a:8d:78:9b:a6:6d:d4:e4:19:f7:a3:26:70:
e8:87:ec:a4:76:fb:bd:44:37:63:0e:7f:32:55:0f:1b:e1:3d:
75:1b:79:f2:fd:0d:aa:d4:37:05:ec:91:f6:bc:0a:a7:3f:e9:
ff:72:33:27:05:98:0b:f7:6e:10:ac:09:31:da:09:3a:36:ee:
02:6e:f0:23:46:4e:57:10:18:1a:95:ce:86:c4:fe:ec:1c:05:
41:bc:f0:a3:f4:8e:dc:6b:cd:67:64:ce:3c:b0:c0:25:f5:80:
e0:2c:55:5c:1f:ca:b5:a3:50:36:8a:02:9e:21:88:d0:fa:0d:
75:cb:80:9c:65:3d:33:36:91:70:7c:ad:d2:c8:56:f4:55:36:
b5:63:1a:53:d2:2c:57:48:d1:bf:ed:25:9e:10:1d:08:85:17:
5b:ec:8e:4d:5b:19:d8:56:db:9b:56:b2:ad:d4:62:a6:1c:0b:
52:b3:37:f3:98:3f:72:0c:c2:51:02:a5:5c:9f:d0:ec:8d:32:
03:3b:f8:4e:aa:46:a9:79:15:ac:9e:e1:cb:f8:95:4c:db:f3:
fb:a0:7f:41
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIEKugE6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTNkYzZkYzc3NWMy
M2MxNGZlNDFkMTRkNWI3NTY5MDBiY2ZkMWZhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRalRFDDqtaC+ukwt/m378i3agdPnheK1n71X5uRUmsi9Sj
74Zm/q5nJElYnfpJY6Bws57IrwxPlGhQKg0OIs709k0s65RBGbjvGuhnL5hI8RDi
DbVynAMYHOF4Hw/ZWpw77O35A/CSxo/iQNt/C8bOM7s4ub8SKAtf7wElnXMUOdYw
tdHoICpMDG0eWTY1CgdKTucEHh/x7kVlSKevogVGsWhPc6GtToPVGeNxrgdhSv1M
ULBqTEcBOCERrW6qTbg+k8iyj7Op8o2htBnmWd9iZePgfbUwPYUbAT3/fovEutmq
8rzSBaisuYLe46uRsSfELX9jrFWr3vtknRByHIkCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBST3G3HdcI8FP5B0U1bdWkAvP0foDAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L2s5eHR4M1hDUEJULVFkRk5XM1ZwQUx6OUg2QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowKQQCAAEwIwMEBz5vgAMEBT61oAMEB1WAAAMDAFmr
AwQGXZ8AAwQEwVsQMA0EAgACMAcDBQAgARawMA0GCSqGSIb3DQEBCwUAA4IBAQAK
HuP02xW4ORoAGKPLW7WsLaHgzrxVlYl7W8M9ei4IV77n/04VVeTxQUqNeJumbdTk
GfejJnDoh+ykdvu9RDdjDn8yVQ8b4T11G3ny/Q2q1DcF7JH2vAqnP+n/cjMnBZgL
924QrAkx2gk6Nu4CbvAjRk5XEBgalc6GxP7sHAVBvPCj9I7ca81nZM48sMAl9YDg
LFVcH8q1o1A2igKeIYjQ+g11y4CcZT0zNpFwfK3SyFb0VTa1YxpT0ixXSNG/7SWe
EB0IhRdb7I5NWxnYVtubVrKt1GKmHAtSszfzmD9yDMJRAqVcn9DsjTIDO/hOqkap
eRWsnuHL+JVM2/P7oH9B
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:21 2024 by rpki-client on console-ams.rpki-client.org