Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/X71brQ5b3jDI0hUnVWuzx6SJODM.roa
File: X71brQ5b3jDI0hUnVWuzx6SJODM.roa (raw, json)
Hash identifier: CRren0FfJMfLKbW4mOp0Tpt8DjFINGyZHQ20JpcadLk=
Subject key identifier: 5F:BD:5B:AD:0E:5B:DE:30:C8:D2:15:27:55:6B:B3:C7:A4:89:38:33
Certificate issuer: /CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Certificate serial: 0184592281D70ED70A2A482DFB8605AF2940
Authority key identifier: DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/X71brQ5b3jDI0hUnVWuzx6SJODM.roa
Signing time: Tue 08 Nov 2022 21:25:44 +0000
ROA not before: Tue 08 Nov 2022 21:25:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 94.154.41.0/24 maxlen: 24
94.154.40.0/24 maxlen: 24
94.154.43.0/24 maxlen: 24
94.154.42.0/24 maxlen: 24
94.154.44.0/24 maxlen: 24
94.154.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:59:22:81:d7:0e:d7:0a:2a:48:2d:fb:86:05:af:29:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc11daefaff81c7e501278d87d9bc2b204d71155
Validity
Not Before: Nov 8 21:25:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fbd5bad0e5bde30c8d21527556bb3c7a4893833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:fb:6a:22:5b:19:74:9b:1c:6d:03:e1:40:5c:
fb:d8:cc:12:33:58:0d:35:fe:97:72:89:db:16:66:
53:52:b7:18:ff:a3:46:cb:4d:5c:37:ae:7f:35:7b:
0b:95:48:85:71:fd:98:07:65:25:ce:6a:30:6e:08:
d1:19:4d:1c:05:1b:38:19:4b:36:26:2b:ac:b1:fa:
cf:c8:eb:07:19:65:f5:0b:e3:2d:0d:d9:67:ad:36:
76:35:6f:b1:47:6a:74:7d:c4:0e:51:58:34:d9:8e:
0e:36:44:7c:15:b6:92:0f:8c:2a:c5:de:d0:54:d4:
c5:08:59:01:48:54:6b:db:02:81:68:df:21:71:95:
7c:ad:56:de:cb:1b:0c:d5:33:c1:f8:a7:0d:fe:5d:
ac:62:fe:85:cf:65:5d:92:a3:1c:d1:b5:39:80:29:
57:23:bf:71:bf:11:65:12:4e:ad:3b:12:24:08:19:
27:8a:18:45:24:56:ee:d6:51:09:a0:c6:01:4f:55:
79:9b:e8:f7:dc:d5:33:10:91:7b:63:44:57:82:b7:
c7:87:10:76:29:1c:e4:ef:a0:34:9d:3c:95:8e:52:
d3:80:be:d1:19:97:db:e9:05:03:f8:ac:de:23:04:
06:2d:a9:a5:d0:3f:7f:c1:6f:92:1e:ec:57:95:c5:
24:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BD:5B:AD:0E:5B:DE:30:C8:D2:15:27:55:6B:B3:C7:A4:89:38:33
X509v3 Authority Key Identifier:
keyid:DC:11:DA:EF:AF:F8:1C:7E:50:12:78:D8:7D:9B:C2:B2:04:D7:11:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3BHa76_4HH5QEnjYfZvCsgTXEVU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/X71brQ5b3jDI0hUnVWuzx6SJODM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/b22603-90ab-43ad-ab16-65249cbc573c/1/3BHa76_4HH5QEnjYfZvCsgTXEVU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.40.0-94.154.45.255
Signature Algorithm: sha256WithRSAEncryption
64:8c:89:ab:a5:0d:22:80:e4:d2:17:36:26:28:5f:3c:2b:fb:
5f:90:cd:30:aa:f0:62:0f:b7:b7:34:dd:05:4e:43:4c:69:80:
0f:b8:f6:54:ae:20:c3:e3:c1:8b:7f:84:b8:8e:f4:9d:49:7f:
6c:cd:fc:df:a2:d7:d5:a6:36:c7:e2:1c:12:d6:6b:5b:d2:8c:
fe:30:3d:e0:a2:8d:14:0f:29:2c:c2:d2:3f:82:bc:eb:10:f1:
2e:81:72:c7:14:ac:66:2d:25:68:40:71:bd:ac:5d:6a:40:92:
97:df:64:31:08:1e:1a:80:f0:a6:ec:ad:51:08:0f:2b:75:46:
7e:ed:b3:75:3b:04:93:15:bf:63:22:fd:b3:fd:3b:91:6f:b2:
98:b0:3f:40:a1:89:9c:29:08:ea:a5:e7:81:6d:81:7f:47:04:
20:79:f4:78:bc:70:4b:da:99:44:f3:3f:50:57:5f:71:f0:b4:
6d:04:6a:ee:9d:2b:51:a2:d3:43:b0:3e:84:ad:66:38:34:f0:
4a:41:0d:cd:93:ea:a6:f0:73:dd:be:c4:80:56:ad:89:e5:2e:
51:0e:1f:6f:57:23:e8:b5:1f:af:f0:a1:7a:8e:46:cf:e2:0c:
ff:70:24:05:b4:1e:73:c7:e6:7c:fd:de:50:55:c7:f1:05:1a:
fa:ba:5d:fd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYRZIoHXDtcKKkgt+4YFrylAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjMTFkYWVmYWZmODFjN2U1MDEyNzhkODdkOWJjMmIyMDRk
NzExNTUwHhcNMjIxMTA4MjEyNTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmJkNWJhZDBlNWJkZTMwYzhkMjE1Mjc1NTZiYjNjN2E0ODkzODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgftqIlsZdJscbQPhQFz72MwSM1gN
Nf6XconbFmZTUrcY/6NGy01cN65/NXsLlUiFcf2YB2UlzmowbgjRGU0cBRs4GUs2
JiussfrPyOsHGWX1C+MtDdlnrTZ2NW+xR2p0fcQOUVg02Y4ONkR8FbaSD4wqxd7Q
VNTFCFkBSFRr2wKBaN8hcZV8rVbeyxsM1TPB+KcN/l2sYv6Fz2VdkqMc0bU5gClX
I79xvxFlEk6tOxIkCBknihhFJFbu1lEJoMYBT1V5m+j33NUzEJF7Y0RXgrfHhxB2
KRzk76A0nTyVjlLTgL7RGZfb6QUD+KzeIwQGLaml0D9/wW+SHuxXlcUk5QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF+9W60OW94wyNIVJ1Vrs8ekiTgzMB8GA1UdIwQY
MBaAFNwR2u+v+Bx+UBJ42H2bwrIE1xFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYt
NjUyNDljYmM1NzNjLzEvWDcxYnJRNWIzakRJMGhVblZXdXp4NlNKT0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9iMjI2MDMtOTBhYi00M2FkLWFiMTYtNjUyNDljYmM1NzNj
LzEvM0JIYTc2XzRISDVRRW5qWWZadkNzZ1RYRVZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANemigD
BAFemiwwDQYJKoZIhvcNAQELBQADggEBAGSMiaulDSKA5NIXNiYoXzwr+1+QzTCq
8GIPt7c03QVOQ0xpgA+49lSuIMPjwYt/hLiO9J1Jf2zN/N+i19WmNsfiHBLWa1vS
jP4wPeCijRQPKSzC0j+CvOsQ8S6BcscUrGYtJWhAcb2sXWpAkpffZDEIHhqA8Kbs
rVEIDyt1Rn7ts3U7BJMVv2Mi/bP9O5FvspiwP0ChiZwpCOql54FtgX9HBCB59Hi8
cEvamUTzP1BXX3HwtG0Eau6dK1Gi00OwPoStZjg08EpBDc2T6qbwc92+xIBWrYnl
LlEOH29XI+i1H6/woXqORs/iDP9wJAW0HnPH5nz93lBVx/EFGvq6Xf0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:31 2024 by rpki-client on console-fra.rpki-client.org