Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/iWEpqcgSYEg1ASOardhnmTCwvsc.roa
File: iWEpqcgSYEg1ASOardhnmTCwvsc.roa (raw, json)
Hash identifier: vbntYgRspNo1pYwupsjhsrtEs+aVxZqbtVYieQodyD0=
Subject key identifier: 89:61:29:A9:C8:12:60:48:35:01:23:9A:AD:D8:67:99:30:B0:BE:C7
Certificate issuer: /CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Certificate serial: 045675AD
Authority key identifier: DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/iWEpqcgSYEg1ASOardhnmTCwvsc.roa
Signing time: Sat 01 Jan 2022 03:51:24 +0000
ROA not before: Sat 01 Jan 2022 03:51:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209839
IP address blocks: 94.154.152.0/22 maxlen: 22
94.154.152.0/24 maxlen: 24
94.154.154.0/23 maxlen: 23
94.154.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72775085 (0x45675ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Validity
Not Before: Jan 1 03:51:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=896129a9c81260483501239aadd8679930b0bec7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1a:8f:2c:fb:ee:21:46:38:46:b3:b6:18:63:
af:b1:7d:a5:d5:e8:ae:40:f5:04:79:52:30:08:4c:
32:24:f3:bf:b3:d7:71:26:ed:09:9b:31:ff:be:72:
bf:9f:f4:a4:36:7e:fc:78:bd:3d:a4:a0:5e:39:0a:
7c:ae:86:45:fb:9a:cf:92:3d:05:9c:de:5f:22:1a:
22:e5:97:60:f8:7e:e7:9f:2d:96:22:14:63:28:07:
15:7b:78:9a:2c:84:ae:a1:ef:58:57:f1:a7:8a:9c:
f2:89:dd:34:11:c2:94:d8:0d:98:a9:62:6a:7c:03:
9e:bc:97:8e:af:21:59:9a:e0:56:74:05:50:98:c0:
64:a6:eb:cd:84:97:86:a9:d6:01:f3:da:2d:cb:52:
28:55:7f:22:9d:e0:ec:51:b9:4a:e6:e6:36:35:8d:
4f:53:37:4f:36:ad:77:1b:33:e8:e2:e7:04:9a:ea:
c1:1b:fd:1b:41:00:05:87:94:6c:60:6e:6c:db:55:
5b:8c:85:16:1b:50:87:01:d6:80:ee:21:30:e2:a0:
c8:29:69:52:a0:98:c3:8e:07:c9:8b:92:17:08:44:
2f:c7:55:88:93:16:3a:d2:05:b8:80:67:3d:48:b1:
be:b2:b3:15:e7:39:81:80:a6:5e:e6:f9:45:f4:90:
09:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:61:29:A9:C8:12:60:48:35:01:23:9A:AD:D8:67:99:30:B0:BE:C7
X509v3 Authority Key Identifier:
keyid:DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/iWEpqcgSYEg1ASOardhnmTCwvsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.152.0/22
Signature Algorithm: sha256WithRSAEncryption
09:42:4a:5b:08:3d:ca:50:f4:ee:31:a1:c8:d1:39:bf:db:78:
6d:1d:b0:1a:61:bc:ee:f3:91:63:23:38:4c:c9:0e:5c:cd:17:
32:3a:b5:2f:89:0c:fe:92:34:97:e1:57:22:12:23:fa:22:fe:
5d:22:db:ef:2f:b1:4d:4a:c8:ac:c0:a9:3d:74:e3:ab:d0:14:
77:cc:4f:7c:ab:96:c8:04:fe:14:bc:74:5a:18:9e:fd:96:05:
4a:d1:7c:94:83:a0:1b:f8:69:ee:5a:41:2e:e4:1c:e9:70:a0:
93:b2:b6:46:ff:2f:fa:e7:4c:25:6e:2a:29:0f:a8:6e:90:8c:
64:8d:1f:cb:fe:3c:7b:c8:95:eb:83:85:2a:9a:dc:4e:c7:db:
8e:f5:01:5b:40:bc:c8:ec:34:79:73:0f:24:e3:01:3f:da:3c:
d6:a2:c3:a0:5d:fc:98:82:38:fd:de:4d:3c:00:dc:1a:1b:22:
60:3c:e6:44:61:0d:c3:26:c0:cb:46:14:ff:cc:23:be:b4:db:
9c:b6:de:52:b9:47:55:1a:f6:61:05:c9:60:9a:49:9c:98:9c:
82:f3:67:e2:6c:d1:70:07:ef:40:58:03:98:7e:42:8f:f5:5f:
ab:b9:89:d2:a0:5b:78:2b:4b:92:17:f9:0e:dc:0f:9c:42:86:
9f:4d:0d:1c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBFZ1rTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YjE0ZTdhNmJlOTdjZWM2ZjViYzFhNjc4YTc2ZWE2ZDE2MTljMzA2MB4XDTIyMDEw
MTAzNTEyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODk2MTI5YTljODEy
NjA0ODM1MDEyMzlhYWRkODY3OTkzMGIwYmVjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4ajyz77iFGOEazthhjr7F9pdXorkD1BHlSMAhMMiTzv7PX
cSbtCZsx/75yv5/0pDZ+/Hi9PaSgXjkKfK6GRfuaz5I9BZzeXyIaIuWXYPh+558t
liIUYygHFXt4miyErqHvWFfxp4qc8ondNBHClNgNmKlianwDnryXjq8hWZrgVnQF
UJjAZKbrzYSXhqnWAfPaLctSKFV/Ip3g7FG5SubmNjWNT1M3Tzatdxsz6OLnBJrq
wRv9G0EABYeUbGBubNtVW4yFFhtQhwHWgO4hMOKgyClpUqCYw44HyYuSFwhEL8dV
iJMWOtIFuIBnPUixvrKzFec5gYCmXub5RfSQCRECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSJYSmpyBJgSDUBI5qt2GeZMLC+xzAfBgNVHSMEGDAWgBTbFOemvpfOxvW8
GmeKduptFhnDBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJ4VG5wcjZYenNiMXZCcG5pbmJxYlJZWnd3WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvMTA2NDVkLTM1NDItNGU1ZC04ZTcwLTExZjkxZDA3MzljOS8x
L2lXRXBxY2dTWUVnMUFTT2FyZGhubVRDd3ZzYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
MTA2NDVkLTM1NDItNGU1ZC04ZTcwLTExZjkxZDA3MzljOS8xLzJ4VG5wcjZYenNi
MXZCcG5pbmJxYlJZWnd3WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAl6amDANBgkqhkiG9w0BAQsFAAOC
AQEACUJKWwg9ylD07jGhyNE5v9t4bR2wGmG87vORYyM4TMkOXM0XMjq1L4kM/pI0
l+FXIhIj+iL+XSLb7y+xTUrIrMCpPXTjq9AUd8xPfKuWyAT+FLx0Whie/ZYFStF8
lIOgG/hp7lpBLuQc6XCgk7K2Rv8v+udMJW4qKQ+obpCMZI0fy/48e8iV64OFKprc
TsfbjvUBW0C8yOw0eXMPJOMBP9o81qLDoF38mII4/d5NPADcGhsiYDzmRGENwybA
y0YU/8wjvrTbnLbeUrlHVRr2YQXJYJpJnJicgvNn4mzRcAfvQFgDmH5Cj/Vfq7mJ
0qBbeCtLkhf5DtwPnEKGn00NHA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:08 2025 by rpki-client