Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/K2O9bG08SAcFEJW1_cs3n2wJZDY.roa
File: K2O9bG08SAcFEJW1_cs3n2wJZDY.roa (raw, json)
Hash identifier: iZRvoOa4/xWZhkmtEH7bzi81Ytq99fdRJHYhWpHHuOg=
Subject key identifier: 2B:63:BD:6C:6D:3C:48:07:05:10:95:B5:FD:CB:37:9F:6C:09:64:36
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 06556B93
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/K2O9bG08SAcFEJW1_cs3n2wJZDY.roa
Signing time: Fri 18 Feb 2022 18:14:12 +0000
ROA not before: Fri 18 Feb 2022 18:14:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
45.151.99.0/24 maxlen: 24
94.137.72.0/24 maxlen: 24
94.137.74.0/24 maxlen: 24
94.137.75.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.92.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
94.137.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 106261395 (0x6556b93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Feb 18 18:14:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b63bd6c6d3c4807051095b5fdcb379f6c096436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c0:6c:8b:1e:a7:e7:94:04:66:a5:69:06:eb:
45:41:49:08:4d:a3:29:b7:2e:e0:67:72:97:56:e2:
d6:a9:40:02:ee:e8:6e:e3:47:6f:95:68:47:bc:08:
c9:7a:c8:93:b8:d1:76:ef:e3:fd:16:17:e7:85:49:
de:ed:03:bb:0f:69:c8:b9:20:54:09:9b:9a:8e:e1:
45:55:c7:d0:90:f0:e1:d6:a5:f1:76:93:27:c1:6c:
3c:78:ef:35:1c:ae:a8:2e:12:9a:e7:03:71:8c:71:
4c:f8:e2:5b:34:c6:c4:35:5e:36:27:ce:1d:f1:49:
72:62:59:34:82:c4:48:56:3e:89:53:2a:45:c0:42:
92:19:43:7b:fa:d6:2a:62:ee:cc:75:d3:0e:da:1c:
ea:68:55:99:54:2f:7d:3c:ee:8e:6b:bd:c6:52:96:
d7:b6:28:44:89:1f:a2:27:55:a0:d7:44:e8:8c:7b:
f7:eb:a2:8e:6b:c6:b5:46:b1:67:68:c7:f5:6f:17:
e0:12:da:c0:29:38:0e:43:88:b7:93:8f:0d:94:c0:
95:b7:2f:87:85:06:b3:d2:fb:ea:f5:ec:51:77:22:
bf:01:8a:fb:8e:8e:3a:d7:f1:6c:e6:eb:67:79:27:
41:6d:4c:76:11:b9:a9:dc:77:73:73:8c:47:69:2b:
41:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:63:BD:6C:6D:3C:48:07:05:10:95:B5:FD:CB:37:9F:6C:09:64:36
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/K2O9bG08SAcFEJW1_cs3n2wJZDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.98.0/23
94.137.72.0/24
94.137.74.0/23
94.137.89.0-94.137.94.255
Signature Algorithm: sha256WithRSAEncryption
2d:69:ec:3f:e3:2c:b2:3d:16:82:a4:b6:f4:30:cb:61:20:fd:
40:4a:70:2a:b1:fe:75:9e:84:c9:c1:9a:ce:82:25:07:43:a6:
ea:bf:ac:d6:be:b1:8b:ef:96:ba:57:a5:34:95:1b:6a:d8:f6:
9e:5a:1b:c5:02:76:89:c8:6d:8d:f0:05:ae:ad:6e:97:75:bc:
df:89:34:f9:16:a1:d8:37:23:2b:8a:ac:b0:51:03:22:25:44:
d1:f7:bd:d8:7c:c4:7d:b3:0a:00:73:10:ba:e8:f7:57:5e:fb:
2c:5c:7f:92:4a:ac:dc:10:60:91:37:dd:9b:0b:ab:f9:ca:1f:
87:e3:1d:fe:1b:fe:d8:83:1d:11:21:1f:83:a1:89:e7:02:6b:
06:7f:76:3b:91:55:66:28:b1:a7:b7:9d:11:09:e1:53:ca:1f:
55:02:7b:f9:91:df:5e:4b:af:3c:09:93:41:f3:ba:f4:4b:ca:
9a:f0:73:2d:48:93:75:82:f1:0d:bb:3f:b6:a6:2e:51:30:35:
40:b0:a5:4b:4c:19:72:91:1c:ad:f6:64:3c:0e:36:31:06:41:
d0:79:72:fb:c7:f9:32:25:41:cc:c0:5d:8d:44:c1:e9:02:11:
e6:2e:67:8e:30:dc:41:7f:d3:fb:bd:cb:c4:e8:a2:44:ed:7d:
18:f0:11:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEBlVrkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWFjMGFjYmZkYjdhMjc0ZWYzNmMxNmY1ODYwYWRhMmEyNDcwNjk3MB4XDTIyMDIx
ODE4MTQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmI2M2JkNmM2ZDNj
NDgwNzA1MTA5NWI1ZmRjYjM3OWY2YzA5NjQzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbAbIsep+eUBGalaQbrRUFJCE2jKbcu4Gdyl1bi1qlAAu7o
buNHb5VoR7wIyXrIk7jRdu/j/RYX54VJ3u0Duw9pyLkgVAmbmo7hRVXH0JDw4dal
8XaTJ8FsPHjvNRyuqC4SmucDcYxxTPjiWzTGxDVeNifOHfFJcmJZNILESFY+iVMq
RcBCkhlDe/rWKmLuzHXTDtoc6mhVmVQvfTzujmu9xlKW17YoRIkfoidVoNdE6Ix7
9+uijmvGtUaxZ2jH9W8X4BLawCk4DkOIt5OPDZTAlbcvh4UGs9L76vXsUXcivwGK
+46OOtfxbObrZ3knQW1MdhG5qdx3c3OMR2krQX8CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQrY71sbTxIBwUQlbX9yzefbAlkNjAfBgNVHSMEGDAWgBSJrArL/beidO82
wW9YYK2iokcGlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lhd0t5XzIzb25Udk5zRnZXR0N0b3FKSEJwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvOTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8x
L0syTzliRzA4U0FjRkVKVzFfY3MzbjJ3SlpEWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
OTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8xL2lhd0t5XzIzb25U
dk5zRnZXR0N0b3FKSEJwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAS2XYgMEAF6JSAMEAV6JSjAMAwQA
XolZAwQAXoleMA0GCSqGSIb3DQEBCwUAA4IBAQAtaew/4yyyPRaCpLb0MMthIP1A
SnAqsf51noTJwZrOgiUHQ6bqv6zWvrGL75a6V6U0lRtq2PaeWhvFAnaJyG2N8AWu
rW6XdbzfiTT5FqHYNyMriqywUQMiJUTR973YfMR9swoAcxC66PdXXvssXH+SSqzc
EGCRN92bC6v5yh+H4x3+G/7Ygx0RIR+DoYnnAmsGf3Y7kVVmKLGnt50RCeFTyh9V
Anv5kd9eS688CZNB87r0S8qa8HMtSJN1gvENuz+2pi5RMDVAsKVLTBlykRyt9mQ8
DjYxBkHQeXL7x/kyJUHMwF2NRMHpAhHmLmeOMNxBf9P7vcvE6KJE7X0Y8BGI
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:11 2023 by rpki-client on console-fra.rpki-client.org