Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/1xfZyvhwOMIhaGQcozmu02CSgcM.roa
File: 1xfZyvhwOMIhaGQcozmu02CSgcM.roa (raw, json)
Hash identifier: EuMjYzxI11QikUwX9WDVmjuzMvY7Yfs85plc9FRnOeM=
Subject key identifier: D7:17:D9:CA:F8:70:38:C2:21:68:64:1C:A3:39:AE:D3:60:92:81:C3
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 06C63AD5
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/1xfZyvhwOMIhaGQcozmu02CSgcM.roa
Signing time: Fri 01 Apr 2022 19:11:11 +0000
ROA not before: Fri 01 Apr 2022 19:11:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
45.151.97.0/24 maxlen: 24
45.151.99.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.74.0/24 maxlen: 24
94.137.75.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
94.137.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113654485 (0x6c63ad5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Apr 1 19:11:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d717d9caf87038c22168641ca339aed3609281c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b8:d7:82:e3:72:9d:13:0a:de:da:6c:bc:73:
3e:e6:e7:c6:44:61:c3:c3:fd:b7:41:71:b4:be:6d:
03:fc:c3:12:68:a8:5f:bd:5b:13:c8:50:93:1b:c2:
0f:66:dc:40:85:86:bc:b2:a8:63:95:2c:4f:80:d4:
d4:cd:99:42:e8:f0:2b:f7:15:3e:9a:b4:80:3e:ab:
45:44:b4:a3:6b:6c:fc:04:9f:ba:98:27:ca:8d:5b:
e6:f8:7d:2d:06:7e:90:1f:cf:dd:29:39:35:c9:31:
12:da:95:cd:d7:1b:ef:d6:56:ca:78:53:8d:25:8a:
19:ca:26:85:37:c4:8f:25:ce:80:b3:2e:78:36:73:
a8:06:8e:d2:47:0e:94:5e:d1:7b:0f:51:c1:06:b4:
35:8a:2a:5a:14:63:e7:cc:c5:45:d1:54:4b:30:cd:
38:5e:5f:e4:16:a7:d3:93:ae:4b:1d:ea:29:59:cb:
24:f9:c1:4b:f4:c2:b4:44:3e:09:db:58:f9:1c:9a:
30:59:3d:59:46:01:34:e3:21:04:08:35:00:b4:b3:
a9:75:35:18:4e:c1:b2:db:c2:90:88:f9:e7:6d:2c:
40:ca:62:7b:6d:22:85:d9:62:ca:e3:50:43:14:ad:
bc:7d:c0:17:e8:53:ec:99:e5:6d:63:2a:55:d9:45:
0a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:17:D9:CA:F8:70:38:C2:21:68:64:1C:A3:39:AE:D3:60:92:81:C3
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/1xfZyvhwOMIhaGQcozmu02CSgcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.97.0-45.151.99.255
94.137.74.0/23
94.137.78.0/23
94.137.89.0-94.137.91.255
94.137.93.0-94.137.94.255
Signature Algorithm: sha256WithRSAEncryption
32:93:29:8b:b8:c1:1d:9d:2d:e1:cc:0d:13:03:fa:5a:88:af:
34:66:20:f0:e7:e9:b9:3c:47:01:bf:fa:c4:d9:86:3f:bf:36:
e5:df:34:07:44:36:10:c5:cb:e4:7a:09:6c:37:f3:11:b2:79:
82:5e:d5:85:85:cd:bb:3d:24:1e:87:01:3d:37:e8:bc:dc:c4:
39:22:49:c6:e2:77:39:ff:85:e2:0c:6a:c2:53:f9:14:da:72:
0e:29:36:e7:7b:ff:0c:2d:cc:c9:97:af:8b:06:95:11:4c:2b:
e7:b5:a2:6d:62:f5:01:0c:7c:f1:fa:a0:10:01:77:a9:66:f8:
08:44:b2:a2:ed:8f:05:8a:ef:d3:95:53:a2:3d:17:51:14:1a:
72:2f:0f:59:5e:7a:cf:f3:80:ac:e2:05:1a:fb:cc:47:e6:d8:
4d:55:4f:1b:32:78:03:fb:5e:c8:23:08:13:f8:47:2a:7f:eb:
f8:6a:a4:12:5f:07:f8:6b:0a:19:5e:03:3e:80:1c:8b:23:1e:
7f:cb:47:2a:af:d9:ce:3f:c7:f0:96:af:0e:a2:5b:64:b7:ab:
b3:ac:03:4f:0d:dc:b3:c5:db:11:06:5d:94:68:44:e6:2d:09:
ba:15:d3:ca:dc:f0:c7:90:2c:01:73:00:64:24:7c:29:ed:38:
a1:1c:e3:66
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBsY61TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWFjMGFjYmZkYjdhMjc0ZWYzNmMxNmY1ODYwYWRhMmEyNDcwNjk3MB4XDTIyMDQw
MTE5MTExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDcxN2Q5Y2FmODcw
MzhjMjIxNjg2NDFjYTMzOWFlZDM2MDkyODFjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJq414Ljcp0TCt7abLxzPubnxkRhw8P9t0FxtL5tA/zDEmio
X71bE8hQkxvCD2bcQIWGvLKoY5UsT4DU1M2ZQujwK/cVPpq0gD6rRUS0o2ts/ASf
upgnyo1b5vh9LQZ+kB/P3Sk5NckxEtqVzdcb79ZWynhTjSWKGcomhTfEjyXOgLMu
eDZzqAaO0kcOlF7Rew9RwQa0NYoqWhRj58zFRdFUSzDNOF5f5Ban05OuSx3qKVnL
JPnBS/TCtEQ+CdtY+RyaMFk9WUYBNOMhBAg1ALSzqXU1GE7BstvCkIj5520sQMpi
e20ihdliyuNQQxStvH3AF+hT7JnlbWMqVdlFCtcCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTXF9nK+HA4wiFoZByjOa7TYJKBwzAfBgNVHSMEGDAWgBSJrArL/beidO82
wW9YYK2iokcGlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lhd0t5XzIzb25Udk5zRnZXR0N0b3FKSEJwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvOTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8x
LzF4Zlp5dmh3T01JaGFHUWNvem11MDJDU2djTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
OTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8xL2lhd0t5XzIzb25U
dk5zRnZXR0N0b3FKSEJwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNjAMAwQALZdhAwQCLZdgAwQBXolKAwQB
XolOMAwDBABeiVkDBAJeiVgwDAMEAF6JXQMEAF6JXjANBgkqhkiG9w0BAQsFAAOC
AQEAMpMpi7jBHZ0t4cwNEwP6WoivNGYg8OfpuTxHAb/6xNmGP7825d80B0Q2EMXL
5HoJbDfzEbJ5gl7VhYXNuz0kHocBPTfovNzEOSJJxuJ3Of+F4gxqwlP5FNpyDik2
53v/DC3MyZeviwaVEUwr57WibWL1AQx88fqgEAF3qWb4CESyou2PBYrv05VToj0X
URQaci8PWV56z/OArOIFGvvMR+bYTVVPGzJ4A/teyCMIE/hHKn/r+GqkEl8H+GsK
GV4DPoAciyMef8tHKq/Zzj/H8JavDqJbZLers6wDTw3cs8XbEQZdlGhE5i0JuhXT
ytzwx5AsAXMAZCR8Ke04oRzjZg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:11 2023 by rpki-client on console-fra.rpki-client.org