Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/rkqrhxMIGDC509xLXFgABeb2LdI.roa
File: rkqrhxMIGDC509xLXFgABeb2LdI.roa (raw, json)
Hash identifier: obDpYKbbsuaBKxHUQwAoqvNGbdU3KPcKDifo9B4uFZc=
Subject key identifier: AE:4A:AB:87:13:08:18:30:B9:D3:DC:4B:5C:58:00:05:E6:F6:2D:D2
Certificate issuer: /CN=7a350d024af01f8eaf125717caa03aafad184e1d
Certificate serial: 14742952
Authority key identifier: 7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/rkqrhxMIGDC509xLXFgABeb2LdI.roa
Signing time: Sat 01 Jan 2022 15:57:23 +0000
ROA not before: Sat 01 Jan 2022 15:57:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49265
IP address blocks: 94.230.76.0/24 maxlen: 24
94.230.77.0/24 maxlen: 24
94.230.78.0/24 maxlen: 24
94.230.76.0/22 maxlen: 22
94.230.79.0/24 maxlen: 24
109.104.240.0/22 maxlen: 22
109.104.240.0/24 maxlen: 24
109.104.241.0/24 maxlen: 24
109.104.242.0/24 maxlen: 24
109.104.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 343157074 (0x14742952)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a350d024af01f8eaf125717caa03aafad184e1d
Validity
Not Before: Jan 1 15:57:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae4aab8713081830b9d3dc4b5c580005e6f62dd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ac:6f:50:9c:f9:b6:62:73:5d:89:f7:1f:2a:
b4:9a:d2:80:db:4b:90:a4:1c:c1:5d:81:c2:bd:1b:
06:cb:fa:3a:69:f3:e9:4b:a7:e8:75:4f:b2:40:21:
71:a6:5e:4b:b9:47:cd:8a:c0:e7:18:ee:9b:2e:5c:
dd:93:b0:b9:be:ac:2a:2b:b5:b4:0e:bb:03:75:bb:
d3:9b:1e:5d:e0:4c:82:5d:bc:29:b8:90:3b:21:1c:
82:77:84:53:67:dc:e1:f9:13:6f:3a:4b:9b:c9:56:
f5:72:8c:f7:80:3c:18:30:50:73:c9:6a:70:a9:3a:
b1:28:39:f4:e5:1a:d6:91:22:fe:f4:a0:5c:5e:27:
da:b9:a3:ac:54:54:f2:fd:a3:2c:1b:ec:a7:2a:72:
66:4f:4a:9d:34:d1:cb:cc:f8:f3:67:15:ed:71:dd:
a8:b3:3f:f7:bd:2a:4f:ad:ed:13:04:fe:84:b1:51:
e4:cc:48:30:55:13:5e:3c:3a:b6:bf:40:1e:6d:e0:
a4:9d:37:d2:00:7e:ac:7f:89:a8:eb:5e:6c:a7:ec:
11:32:93:8b:b0:0e:0e:54:d8:0e:ab:4e:7b:d3:8a:
2a:26:6b:d5:6e:b7:3a:72:48:f3:9d:60:7f:d7:ba:
71:a9:08:5a:80:26:55:18:47:f6:a0:74:ec:57:d5:
27:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4A:AB:87:13:08:18:30:B9:D3:DC:4B:5C:58:00:05:E6:F6:2D:D2
X509v3 Authority Key Identifier:
keyid:7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/rkqrhxMIGDC509xLXFgABeb2LdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.230.76.0/22
109.104.240.0/22
Signature Algorithm: sha256WithRSAEncryption
11:f5:c7:2f:28:45:aa:e3:08:89:0e:87:b3:eb:7e:cb:db:5d:
f4:9a:e1:90:05:3a:f9:26:bb:62:db:30:d1:6d:0e:79:04:06:
51:13:1b:d2:f9:de:2b:18:29:ba:0e:03:6e:38:68:49:c7:81:
86:2e:7a:f7:1b:5d:84:02:23:67:47:4f:0a:be:c4:c1:60:c0:
0c:f2:15:ca:17:ce:31:ec:06:c0:98:de:9b:1e:c6:64:d0:f3:
52:d2:4e:40:02:cc:8d:56:ad:c1:68:83:36:66:77:43:ad:72:
49:14:8e:0a:16:ff:a1:11:2a:e1:99:ac:94:51:27:f2:07:2b:
b8:52:05:da:34:23:39:dd:4d:1d:82:32:a0:7c:44:9f:c7:7c:
18:bd:3a:5a:1b:e9:8e:dd:56:66:35:a9:82:a3:6e:65:ee:0a:
e3:a8:bb:f3:b4:53:0d:ca:8b:9a:48:e7:53:3a:f1:cc:2d:b6:
2b:dd:9e:dc:bf:07:81:11:04:c7:17:d8:69:ba:ac:9d:f6:ad:
ff:05:f1:e4:22:d2:87:1b:6c:bf:57:33:fe:62:4a:c5:d3:01:
7b:9d:79:82:41:70:ca:97:f2:4b:94:4e:0c:86:70:e0:d1:8b:
b6:4d:46:fc:3e:d8:39:b9:b9:6d:9f:1f:72:c7:e0:06:ba:73:
f7:bd:dc:3a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFHQpUjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YTM1MGQwMjRhZjAxZjhlYWYxMjU3MTdjYWEwM2FhZmFkMTg0ZTFkMB4XDTIyMDEw
MTE1NTcyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWU0YWFiODcxMzA4
MTgzMGI5ZDNkYzRiNWM1ODAwMDVlNmY2MmRkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOsb1Cc+bZic12J9x8qtJrSgNtLkKQcwV2Bwr0bBsv6Omnz
6Uun6HVPskAhcaZeS7lHzYrA5xjumy5c3ZOwub6sKiu1tA67A3W705seXeBMgl28
KbiQOyEcgneEU2fc4fkTbzpLm8lW9XKM94A8GDBQc8lqcKk6sSg59OUa1pEi/vSg
XF4n2rmjrFRU8v2jLBvspypyZk9KnTTRy8z482cV7XHdqLM/970qT63tEwT+hLFR
5MxIMFUTXjw6tr9AHm3gpJ030gB+rH+JqOtebKfsETKTi7AODlTYDqtOe9OKKiZr
1W63OnJI851gf9e6cakIWoAmVRhH9qB07FfVJyMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSuSquHEwgYMLnT3EtcWAAF5vYt0jAfBgNVHSMEGDAWgBR6NQ0CSvAfjq8S
VxfKoDqvrRhOHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VqVU5Ba3J3SDQ2dkVsY1h5cUE2cjYwWVRoMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvNzk2NmFlLTljODgtNDNlOS1iODk5LWQwMDNlNTZmZTc1My8x
L3JrcXJoeE1JR0RDNTA5eExYRmdBQmViMkxkSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
Nzk2NmFlLTljODgtNDNlOS1iODk5LWQwMDNlNTZmZTc1My8xL2VqVU5Ba3J3SDQ2
dkVsY1h5cUE2cjYwWVRoMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAl7mTAMEAm1o8DANBgkqhkiG9w0B
AQsFAAOCAQEAEfXHLyhFquMIiQ6Hs+t+y9td9JrhkAU6+Sa7Ytsw0W0OeQQGURMb
0vneKxgpug4DbjhoSceBhi569xtdhAIjZ0dPCr7EwWDADPIVyhfOMewGwJjemx7G
ZNDzUtJOQALMjVatwWiDNmZ3Q61ySRSOChb/oREq4ZmslFEn8gcruFIF2jQjOd1N
HYIyoHxEn8d8GL06Whvpjt1WZjWpgqNuZe4K46i787RTDcqLmkjnUzrxzC22K92e
3L8HgREExxfYabqsnfat/wXx5CLShxtsv1cz/mJKxdMBe515gkFwypfyS5RODIZw
4NGLtk1G/D7YObm5bZ8fcsfgBrpz973cOg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:25 2024 by rpki-client on console-ams.rpki-client.org