Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/2jjXLAgO0NMFzmStA9FcJyDoPKQ.roa
File: 2jjXLAgO0NMFzmStA9FcJyDoPKQ.roa (raw, json)
Hash identifier: aA/J2fbi99lCXvAp70FVVhqFZ1rasyDi4Y2e5JdPqNs=
Subject key identifier: DA:38:D7:2C:08:0E:D0:D3:05:CE:64:AD:03:D1:5C:27:20:E8:3C:A4
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 06864123
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/2jjXLAgO0NMFzmStA9FcJyDoPKQ.roa
Signing time: Wed 09 Mar 2022 14:10:56 +0000
ROA not before: Wed 09 Mar 2022 14:10:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
45.151.99.0/24 maxlen: 24
94.137.76.0/24 maxlen: 24
94.137.75.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
94.137.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109461795 (0x6864123)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Mar 9 14:10:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da38d72c080ed0d305ce64ad03d15c2720e83ca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6f:f9:a2:dc:2c:d4:a9:21:4f:a1:ca:62:6c:
7d:d2:7b:78:21:db:31:ce:ad:27:72:17:9b:4b:96:
1a:bf:3d:66:33:33:17:6d:85:61:c4:62:9e:93:b0:
6e:99:ec:46:72:91:4d:80:8d:b8:e3:e9:b7:0e:9d:
86:03:93:e9:1c:fa:04:de:51:4d:1e:a1:f7:3e:92:
15:28:df:5b:9d:c4:41:ab:6d:d3:d4:47:6b:1c:66:
b2:f6:8a:a5:e5:da:70:21:0a:7b:0d:b4:d5:95:94:
e1:90:38:f8:90:5f:24:c1:08:8f:6c:6f:9e:bd:ed:
b9:df:d3:de:5e:f1:af:bd:0f:7b:b2:b8:7c:b8:aa:
fe:4c:4c:be:88:6d:b8:71:cd:70:5c:02:d5:67:d3:
83:16:33:34:0b:61:79:82:cb:79:86:cd:9f:bd:98:
ee:a8:19:0a:35:bb:7c:43:c6:10:ef:35:7a:cf:05:
14:ca:f7:6a:1f:d8:09:4a:5b:8c:cb:ab:20:6d:bf:
ae:9e:9f:8e:68:b0:93:ee:9e:c3:06:6e:c2:43:30:
59:cb:f7:53:f9:10:af:6e:c9:47:d5:3e:7c:f1:fe:
61:4a:b6:6b:32:b0:93:34:43:e0:f3:3d:fd:df:9e:
d7:57:50:c7:be:4b:f7:83:26:2e:7a:52:ba:3e:75:
32:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:38:D7:2C:08:0E:D0:D3:05:CE:64:AD:03:D1:5C:27:20:E8:3C:A4
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/2jjXLAgO0NMFzmStA9FcJyDoPKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.98.0/23
94.137.75.0-94.137.76.255
94.137.79.0/24
94.137.89.0-94.137.91.255
94.137.93.0-94.137.94.255
Signature Algorithm: sha256WithRSAEncryption
78:f9:f5:11:9a:11:ab:7c:99:ca:d7:0e:f0:79:ce:3e:6a:45:
74:36:45:6f:33:e5:3d:a2:c1:ef:f5:27:3c:3e:ba:8f:ef:a2:
96:c8:82:ed:7d:71:2a:6f:a3:41:23:ca:ee:04:88:bc:a4:0b:
4c:58:92:ee:86:12:8e:45:81:6c:bb:b1:08:61:92:f0:51:cc:
d3:26:31:fb:de:07:8f:78:10:a4:6e:56:47:a2:b2:02:3a:90:
4c:36:43:d3:23:5c:9d:da:5f:67:ef:2a:0f:33:31:34:2f:5b:
58:86:3a:96:f5:9e:76:ef:0c:85:56:73:8e:3d:76:50:6d:5d:
60:b0:5b:32:f6:9b:9d:be:05:b4:d1:ff:fc:9e:f6:cb:4e:71:
ba:20:d2:19:73:67:d4:d3:39:bf:e2:f0:41:07:b8:ec:3a:7f:
f7:92:75:3c:b3:99:77:70:56:72:e1:fb:88:43:d4:1a:41:d8:
01:28:f3:77:48:9a:5d:a2:33:4f:a2:42:ba:02:51:a0:94:54:
83:9f:e3:5b:88:6d:64:90:eb:f5:08:13:e0:de:14:56:a5:c3:
c8:34:78:a4:dd:1d:d6:4b:de:fb:c3:bc:25:13:67:d8:31:6b:
3d:c1:94:1d:1b:ba:e8:75:33:3a:35:08:4e:bb:6f:b6:e9:11:
55:3d:62:39
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBoZBIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWFjMGFjYmZkYjdhMjc0ZWYzNmMxNmY1ODYwYWRhMmEyNDcwNjk3MB4XDTIyMDMw
OTE0MTA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGEzOGQ3MmMwODBl
ZDBkMzA1Y2U2NGFkMDNkMTVjMjcyMGU4M2NhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJv+aLcLNSpIU+hymJsfdJ7eCHbMc6tJ3IXm0uWGr89ZjMz
F22FYcRinpOwbpnsRnKRTYCNuOPptw6dhgOT6Rz6BN5RTR6h9z6SFSjfW53EQatt
09RHaxxmsvaKpeXacCEKew201ZWU4ZA4+JBfJMEIj2xvnr3tud/T3l7xr70Pe7K4
fLiq/kxMvohtuHHNcFwC1WfTgxYzNAtheYLLeYbNn72Y7qgZCjW7fEPGEO81es8F
FMr3ah/YCUpbjMurIG2/rp6fjmiwk+6ewwZuwkMwWcv3U/kQr27JR9U+fPH+YUq2
azKwkzRD4PM9/d+e11dQx75L94MmLnpSuj51Mg8CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTaONcsCA7Q0wXOZK0D0VwnIOg8pDAfBgNVHSMEGDAWgBSJrArL/beidO82
wW9YYK2iokcGlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lhd0t5XzIzb25Udk5zRnZXR0N0b3FKSEJwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvOTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8x
LzJqalhMQWdPME5NRnptU3RBOUZjSnlEb1BLUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
OTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8xL2lhd0t5XzIzb25U
dk5zRnZXR0N0b3FKSEJwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAS2XYjAMAwQAXolLAwQAXolMAwQA
XolPMAwDBABeiVkDBAJeiVgwDAMEAF6JXQMEAF6JXjANBgkqhkiG9w0BAQsFAAOC
AQEAePn1EZoRq3yZytcO8HnOPmpFdDZFbzPlPaLB7/UnPD66j++ilsiC7X1xKm+j
QSPK7gSIvKQLTFiS7oYSjkWBbLuxCGGS8FHM0yYx+94Hj3gQpG5WR6KyAjqQTDZD
0yNcndpfZ+8qDzMxNC9bWIY6lvWedu8MhVZzjj12UG1dYLBbMvabnb4FtNH//J72
y05xuiDSGXNn1NM5v+LwQQe47Dp/95J1PLOZd3BWcuH7iEPUGkHYASjzd0iaXaIz
T6JCugJRoJRUg5/jW4htZJDr9QgT4N4UVqXDyDR4pN0d1kve+8O8JRNn2DFrPcGU
HRu66HUzOjUITrtvtukRVT1iOQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:11 2023 by rpki-client on console-fra.rpki-client.org