Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/AQeMef3WHUP2q_aoxyDV1xjbTn0.roa
File: AQeMef3WHUP2q_aoxyDV1xjbTn0.roa (raw, json)
Hash identifier: 7Vjhd+VR1pF60lg/6rae6VLuzVmhP8IJ0SSts1oE9pY=
Subject key identifier: 01:07:8C:79:FD:D6:1D:43:F6:AB:F6:A8:C7:20:D5:D7:18:DB:4E:7D
Certificate issuer: /CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Certificate serial: 0E8785E5
Authority key identifier: 8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/AQeMef3WHUP2q_aoxyDV1xjbTn0.roa
Signing time: Sat 01 Jan 2022 04:55:13 +0000
ROA not before: Sat 01 Jan 2022 04:55:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8851
IP address blocks: 89.28.232.0/21 maxlen: 21
95.130.96.0/21 maxlen: 21
158.255.8.0/21 maxlen: 21
77.93.128.0/19 maxlen: 19
193.27.212.0/23 maxlen: 23
193.189.140.0/24 maxlen: 24
185.101.44.0/22 maxlen: 22
79.99.144.0/22 maxlen: 22
79.99.144.0/21 maxlen: 21
2a00:1c40::/29 maxlen: 29
2a02:6f80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 243762661 (0xe8785e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a5a3417fbe25c2e467c18485c181a7776f96ff4
Validity
Not Before: Jan 1 04:55:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01078c79fdd61d43f6abf6a8c720d5d718db4e7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:8d:6f:b9:eb:7b:ad:c6:1c:02:35:cb:80:
fc:0c:39:6c:72:57:a5:da:b0:7d:a4:92:a5:3c:30:
75:d8:01:86:d8:0a:68:cf:53:13:3b:6b:f1:8e:d9:
07:0b:7a:9e:64:96:c2:64:9b:97:1e:be:b0:6b:8d:
59:a8:b7:5b:52:e2:4a:82:06:d6:38:8e:ad:0b:fb:
f5:23:c8:c5:af:90:3f:40:c6:b0:86:f5:0a:37:6e:
8a:05:bc:4f:fd:68:01:3a:cf:17:9c:1c:59:36:4a:
70:03:ae:5a:57:fd:30:9b:42:f4:52:55:5c:0f:75:
27:c6:b9:4b:76:20:19:d8:30:7d:51:5b:4f:64:0d:
5d:f5:f0:cd:ee:0b:0f:d9:88:84:12:22:b8:16:bd:
6b:67:2b:80:8c:1b:a6:84:26:a5:f7:6b:82:01:7a:
24:07:c4:ef:c2:55:a4:c1:43:35:86:12:91:07:56:
05:8f:ef:30:9f:e0:17:b5:80:17:d4:08:2c:bb:c6:
2f:87:f5:61:ee:a0:d3:8f:58:dd:3c:3e:da:15:60:
af:5c:28:04:90:35:3a:5a:89:e7:90:20:94:f8:19:
f6:e6:78:0a:26:d4:5a:80:35:1c:4a:d3:c4:ba:6c:
68:e6:e7:fb:56:97:3b:5e:15:1b:1d:5b:56:8b:31:
30:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:07:8C:79:FD:D6:1D:43:F6:AB:F6:A8:C7:20:D5:D7:18:DB:4E:7D
X509v3 Authority Key Identifier:
keyid:8A:5A:34:17:FB:E2:5C:2E:46:7C:18:48:5C:18:1A:77:76:F9:6F:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilo0F_viXC5GfBhIXBgad3b5b_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/AQeMef3WHUP2q_aoxyDV1xjbTn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/9c6e07-693f-46ce-8646-d7abcd0ef64a/1/ilo0F_viXC5GfBhIXBgad3b5b_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.128.0/19
79.99.144.0/21
89.28.232.0/21
95.130.96.0/21
158.255.8.0/21
185.101.44.0/22
193.27.212.0/23
193.189.140.0/24
IPv6:
2a00:1c40::/29
2a02:6f80::/29
Signature Algorithm: sha256WithRSAEncryption
81:a9:2c:44:f6:ef:af:52:17:6e:ef:42:ba:27:09:80:15:cd:
21:1b:99:37:21:0b:a9:0c:c8:77:d9:eb:61:28:55:75:8b:0d:
a7:1a:31:8c:00:5a:8c:e9:c1:5c:01:ef:9f:45:6d:c1:80:8a:
7e:e5:31:87:cb:b5:89:88:41:91:ae:68:6b:34:83:93:85:61:
a0:df:c6:b9:d0:c2:f2:7b:6e:3d:cc:78:eb:3f:44:6c:b6:16:
b2:29:1c:d8:1c:c9:93:61:7d:75:f2:92:27:b0:99:d7:80:cc:
90:4e:fe:bb:d4:a4:c0:a8:71:2e:e8:b6:20:8f:21:65:42:56:
e9:53:e8:0e:40:be:f6:4e:7d:08:49:12:8a:14:54:a4:a8:b9:
86:6c:e2:fb:fb:d9:0c:0e:ab:c1:d1:56:9e:da:35:c0:d2:c0:
4b:49:45:bf:6f:18:d1:48:b2:6f:93:21:bc:dd:ec:e1:77:c7:
da:a2:ee:4a:44:13:fe:04:74:40:90:80:d1:e3:de:bb:fa:c8:
01:ec:75:ec:15:1d:19:fc:76:5d:b2:77:7b:df:e6:2f:c2:79:
1f:18:4f:a1:51:6e:92:2d:18:c2:53:8b:60:da:8b:56:01:6e:
aa:02:a1:a6:9f:38:83:ed:08:63:69:2d:fa:41:03:25:49:b1:
35:23:80:e1
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEDoeF5TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YTVhMzQxN2ZiZTI1YzJlNDY3YzE4NDg1YzE4MWE3Nzc2Zjk2ZmY0MB4XDTIyMDEw
MTA0NTUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDEwNzhjNzlmZGQ2
MWQ0M2Y2YWJmNmE4YzcyMGQ1ZDcxOGRiNGU3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALl2jW+563utxhwCNcuA/Aw5bHJXpdqwfaSSpTwwddgBhtgK
aM9TEztr8Y7ZBwt6nmSWwmSblx6+sGuNWai3W1LiSoIG1jiOrQv79SPIxa+QP0DG
sIb1CjduigW8T/1oATrPF5wcWTZKcAOuWlf9MJtC9FJVXA91J8a5S3YgGdgwfVFb
T2QNXfXwze4LD9mIhBIiuBa9a2crgIwbpoQmpfdrggF6JAfE78JVpMFDNYYSkQdW
BY/vMJ/gF7WAF9QILLvGL4f1Ye6g049Y3Tw+2hVgr1woBJA1OlqJ55AglPgZ9uZ4
CibUWoA1HErTxLpsaObn+1aXO14VGx1bVosxMB0CAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBQBB4x5/dYdQ/ar9qjHINXXGNtOfTAfBgNVHSMEGDAWgBSKWjQX++JcLkZ8
GEhcGBp3dvlv9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lsbzBGX3ZpWEM1R2ZCaElYQmdhZDNiNWJfUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvOWM2ZTA3LTY5M2YtNDZjZS04NjQ2LWQ3YWJjZDBlZjY0YS8x
L0FRZU1lZjNXSFVQMnFfYW94eURWMXhqYlRuMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
OWM2ZTA3LTY5M2YtNDZjZS04NjQ2LWQ3YWJjZDBlZjY0YS8xL2lsbzBGX3ZpWEM1
R2ZCaElYQmdhZDNiNWJfUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wNgQCAAEwMAMEBU1dgAMEA09jkAMEA1kc6AMEA1+C
YAMEA57/CAMEArllLAMEAcEb1AMEAMG9jDAUBAIAAjAOAwUDKgAcQAMFAyoCb4Aw
DQYJKoZIhvcNAQELBQADggEBAIGpLET2769SF27vQronCYAVzSEbmTchC6kMyHfZ
62EoVXWLDacaMYwAWozpwVwB759FbcGAin7lMYfLtYmIQZGuaGs0g5OFYaDfxrnQ
wvJ7bj3MeOs/RGy2FrIpHNgcyZNhfXXykiewmdeAzJBO/rvUpMCocS7otiCPIWVC
VulT6A5AvvZOfQhJEooUVKSouYZs4vv72QwOq8HRVp7aNcDSwEtJRb9vGNFIsm+T
Ibzd7OF3x9qi7kpEE/4EdECQgNHj3rv6yAHsdewVHRn8dl2yd3vf5i/CeR8YT6FR
bpItGMJTi2Dai1YBbqoCoaafOIPtCGNpLfpBAyVJsTUjgOE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org