Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/12onLFPiHpUVwWinxjRpfPQEJfA.roa
File: 12onLFPiHpUVwWinxjRpfPQEJfA.roa (raw, json)
Hash identifier: 5KqMhyR6xzRS6Z6fimR0ih7zAIWaxkrYF2XZuK6Tycg=
Subject key identifier: D7:6A:27:2C:53:E2:1E:95:15:C1:68:A7:C6:34:69:7C:F4:04:25:F0
Certificate issuer: /CN=cd6b9d593ac54aa6cbb83889277ba24f54067889
Certificate serial: 0609A2CB
Authority key identifier: CD:6B:9D:59:3A:C5:4A:A6:CB:B8:38:89:27:7B:A2:4F:54:06:78:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWudWTrFSqbLuDiJJ3uiT1QGeIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/12onLFPiHpUVwWinxjRpfPQEJfA.roa
Signing time: Thu 24 Feb 2022 21:05:56 +0000
ROA not before: Thu 24 Feb 2022 21:05:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12796
IP address blocks: 94.190.136.0/21 maxlen: 21
94.190.160.0/19 maxlen: 19
94.190.192.0/23 maxlen: 23
94.190.194.0/24 maxlen: 24
94.190.128.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 101294795 (0x609a2cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd6b9d593ac54aa6cbb83889277ba24f54067889
Validity
Not Before: Feb 24 21:05:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d76a272c53e21e9515c168a7c634697cf40425f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:08:8e:76:c3:7f:cd:61:c1:3e:9f:27:bb:54:
cf:e0:27:e3:4e:3a:09:91:18:e6:6c:9b:32:dd:e7:
70:99:16:c5:11:c2:85:c1:fe:80:6f:fd:46:96:22:
55:8e:23:e3:b3:0a:da:1f:e4:06:a9:1e:47:31:e6:
30:5b:5c:58:94:72:4c:e6:ee:32:da:e5:67:73:e2:
f6:d8:84:38:e1:51:32:75:e4:a3:f5:d9:e9:48:80:
82:00:5d:8e:7f:a0:06:cf:75:8d:ee:99:22:3d:2c:
56:dc:00:63:7d:ad:73:73:7f:2b:3d:66:e5:6b:38:
21:f3:ad:bf:a1:e1:07:97:6f:7a:c3:05:11:99:1e:
90:d7:29:1d:7a:32:13:49:da:29:9e:66:94:45:2f:
81:0c:4a:69:46:c5:c2:cd:c1:8d:5d:fc:ec:d1:69:
1f:2d:ad:6b:30:d3:55:0c:7b:31:37:7a:57:1f:58:
ac:0e:7e:c8:64:f8:5c:82:0b:c3:51:e7:f0:85:23:
2c:49:56:34:c6:00:c8:2f:92:ab:68:5e:70:76:ba:
70:49:65:f1:ce:f0:0f:f1:36:c6:50:07:30:bd:d6:
5a:82:7f:d2:4b:4d:c9:82:ba:25:22:3f:31:57:49:
63:68:a3:81:98:db:46:48:37:04:60:3e:60:9c:be:
aa:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:6A:27:2C:53:E2:1E:95:15:C1:68:A7:C6:34:69:7C:F4:04:25:F0
X509v3 Authority Key Identifier:
keyid:CD:6B:9D:59:3A:C5:4A:A6:CB:B8:38:89:27:7B:A2:4F:54:06:78:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWudWTrFSqbLuDiJJ3uiT1QGeIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/12onLFPiHpUVwWinxjRpfPQEJfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/e68e1b-356c-4868-909f-42606f5aa5b9/1/zWudWTrFSqbLuDiJJ3uiT1QGeIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.190.128.0/22
94.190.136.0/21
94.190.160.0-94.190.194.255
Signature Algorithm: sha256WithRSAEncryption
69:c9:b9:d1:67:91:3c:15:04:ec:40:e4:e6:f1:53:5f:3d:76:
20:f5:bd:3c:8b:b1:76:1f:3d:b1:19:9d:c1:1c:4c:89:1a:54:
e6:d8:ee:fe:14:fe:92:80:c7:57:a5:14:17:4b:1d:1d:ec:75:
ca:c9:e1:b3:db:3d:b7:7d:a3:46:fd:53:a2:ac:60:c7:67:17:
f1:45:ac:fb:20:ca:7c:ff:87:ef:a8:ed:be:bd:14:71:ca:e1:
97:85:ed:d5:ae:58:d4:c8:d4:53:52:65:cd:0d:d5:7b:27:d5:
38:44:a8:3d:43:79:1e:b2:ad:80:c4:67:45:99:48:3b:a6:c7:
b0:c6:48:63:b9:42:48:ee:25:23:f8:b4:e9:cd:b0:21:09:41:
bc:4d:85:b3:6e:1b:e7:34:6a:36:04:00:82:93:34:66:a0:7f:
55:cc:73:18:da:42:9c:05:da:c9:57:d6:0e:7e:b9:2b:3d:45:
20:44:04:c8:3c:b9:70:f8:3a:7a:64:05:38:fe:31:fe:a5:93:
15:24:c0:5c:1c:b1:4b:33:27:8f:71:9d:99:ef:de:dc:60:d9:
6d:a9:43:d1:3d:93:b1:9f:b2:df:0c:0b:ec:af:8f:e0:6c:be:
77:de:02:89:6e:c7:23:1f:6f:8f:eb:49:94:ac:8f:81:56:bb:
16:60:e2:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBgmiyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDZiOWQ1OTNhYzU0YWE2Y2JiODM4ODkyNzdiYTI0ZjU0MDY3ODg5MB4XDTIyMDIy
NDIxMDU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc2YTI3MmM1M2Uy
MWU5NTE1YzE2OGE3YzYzNDY5N2NmNDA0MjVmMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPoIjnbDf81hwT6fJ7tUz+An4046CZEY5mybMt3ncJkWxRHC
hcH+gG/9RpYiVY4j47MK2h/kBqkeRzHmMFtcWJRyTObuMtrlZ3Pi9tiEOOFRMnXk
o/XZ6UiAggBdjn+gBs91je6ZIj0sVtwAY32tc3N/Kz1m5Ws4IfOtv6HhB5dvesMF
EZkekNcpHXoyE0naKZ5mlEUvgQxKaUbFws3BjV387NFpHy2tazDTVQx7MTd6Vx9Y
rA5+yGT4XIILw1Hn8IUjLElWNMYAyC+Sq2hecHa6cEll8c7wD/E2xlAHML3WWoJ/
0ktNyYK6JSI/MVdJY2ijgZjbRkg3BGA+YJy+qvMCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTXaicsU+IelRXBaKfGNGl89AQl8DAfBgNVHSMEGDAWgBTNa51ZOsVKpsu4
OIkne6JPVAZ4iTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pXdWRXVHJGU3FiTHVEaUpKM3VpVDFRR2VJay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvZTY4ZTFiLTM1NmMtNDg2OC05MDlmLTQyNjA2ZjVhYTViOS8x
LzEyb25MRlBpSHBVVndXaW54alJwZlBRRUpmQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
ZTY4ZTFiLTM1NmMtNDg2OC05MDlmLTQyNjA2ZjVhYTViOS8xL3pXdWRXVHJGU3Fi
THVEaUpKM3VpVDFRR2VJay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAl6+gAMEA16+iDAMAwQFXr6gAwQA
Xr7CMA0GCSqGSIb3DQEBCwUAA4IBAQBpybnRZ5E8FQTsQOTm8VNfPXYg9b08i7F2
Hz2xGZ3BHEyJGlTm2O7+FP6SgMdXpRQXSx0d7HXKyeGz2z23faNG/VOirGDHZxfx
Raz7IMp8/4fvqO2+vRRxyuGXhe3VrljUyNRTUmXNDdV7J9U4RKg9Q3kesq2AxGdF
mUg7psewxkhjuUJI7iUj+LTpzbAhCUG8TYWzbhvnNGo2BACCkzRmoH9VzHMY2kKc
BdrJV9YOfrkrPUUgRATIPLlw+Dp6ZAU4/jH+pZMVJMBcHLFLMyePcZ2Z797cYNlt
qUPRPZOxn7LfDAvsr4/gbL533gKJbscjH2+P60mUrI+BVrsWYOLk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:54 2024 by rpki-client on console-ams.rpki-client.org