Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/XZjnK42GKP3ld9z1uuu44YihSXg.roa
File: XZjnK42GKP3ld9z1uuu44YihSXg.roa (raw, json)
Hash identifier: ZlldOGdpDvzAIv4QUg+kwh6elH+vpIE0qwSfNKvn+Rw=
Subject key identifier: 5D:98:E7:2B:8D:86:28:FD:E5:77:DC:F5:BA:EB:B8:E1:88:A1:49:78
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 075FDB4E
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/XZjnK42GKP3ld9z1uuu44YihSXg.roa
Signing time: Mon 30 May 2022 19:27:53 +0000
ROA not before: Mon 30 May 2022 19:27:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.74.0/24 maxlen: 24
94.137.76.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
94.137.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123722574 (0x75fdb4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: May 30 19:27:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d98e72b8d8628fde577dcf5baebb8e188a14978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9f:11:83:3b:92:3a:37:44:59:00:b8:e0:2c:
f9:d9:ce:dc:75:ea:c7:00:ce:cd:34:c3:07:18:bd:
95:24:f9:6b:d4:0d:07:ad:3c:ca:06:ba:ac:c2:9a:
74:12:bd:79:fb:01:f1:42:43:e9:bf:9d:07:bd:16:
12:3b:d7:e3:a9:8c:f4:25:ca:f7:be:7a:75:1c:ad:
71:d2:5b:1b:93:e6:f9:ab:75:c8:f4:ce:8e:0a:dd:
ca:9d:ca:39:ea:a7:8a:bc:b0:8d:35:c4:29:6f:aa:
ba:05:a4:86:d7:fb:73:eb:45:11:a1:95:7a:a3:e3:
0d:6b:8a:2d:26:b3:fc:66:e4:ca:4d:38:e1:0a:3a:
b6:a8:ec:04:fd:04:39:87:76:ec:6b:96:80:d6:ec:
e1:b7:6b:81:89:91:50:25:37:ca:e2:28:1f:17:39:
d1:d9:f7:8c:b2:52:50:59:0e:f1:02:a1:d9:a0:ff:
9c:89:df:0f:fa:a8:92:ae:4b:a3:04:04:b6:08:8c:
02:dd:58:2e:97:55:70:15:b2:d2:08:a9:3b:c5:13:
a2:0c:9b:10:a4:e9:13:82:76:c8:93:36:6a:6d:2d:
92:bb:b2:99:03:92:ef:bf:7b:8f:e8:ad:ed:4a:ed:
a8:eb:e1:61:ba:6b:43:c9:ea:d0:dd:d4:1e:17:59:
0e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:98:E7:2B:8D:86:28:FD:E5:77:DC:F5:BA:EB:B8:E1:88:A1:49:78
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/XZjnK42GKP3ld9z1uuu44YihSXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.98.0/24
94.137.74.0/24
94.137.76.0/24
94.137.78.0/23
94.137.89.0-94.137.91.255
94.137.93.0-94.137.94.255
Signature Algorithm: sha256WithRSAEncryption
44:58:91:d5:b1:bf:bf:e5:ba:73:18:fe:02:f7:ad:d2:8f:c5:
25:80:d2:64:3c:35:aa:22:6f:03:09:76:2b:a4:7d:1f:fd:12:
14:49:89:de:ca:bd:27:58:af:da:65:5c:78:b9:48:3e:fb:83:
a9:36:13:a0:5c:3a:22:8c:11:8f:d1:45:a7:e4:23:8c:b4:6d:
ec:da:46:68:9b:3f:59:54:42:16:7a:85:12:26:21:da:b1:cb:
83:fd:a7:b6:6e:ae:17:ff:08:b6:cd:b6:1a:5b:99:22:a4:ad:
1c:ee:fb:fb:7c:fa:7a:92:8f:99:fa:04:94:73:98:75:64:d6:
0f:95:ad:b8:e7:64:4b:7c:51:15:da:21:5f:a2:4e:1c:ce:40:
82:70:ad:9b:00:15:58:dc:56:40:b7:9f:77:cd:a8:57:b0:6e:
8c:7f:8d:1d:52:f8:3a:c1:42:82:2c:99:b8:07:b3:41:d6:65:
a6:c4:15:85:6f:b5:db:a8:b7:57:39:60:52:4b:dd:0d:3e:14:
58:3a:30:3d:73:ab:88:9e:9b:d4:75:8c:84:4d:50:b0:6d:56:
0a:b3:13:53:ed:25:7b:8b:c1:7a:2b:2a:53:87:87:17:d0:a6:
74:ba:54:d9:4f:d4:42:e1:00:68:52:ed:df:0d:f5:0d:84:cd:
60:bb:49:0c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEB1/bTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWFjMGFjYmZkYjdhMjc0ZWYzNmMxNmY1ODYwYWRhMmEyNDcwNjk3MB4XDTIyMDUz
MDE5Mjc1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ5OGU3MmI4ZDg2
MjhmZGU1NzdkY2Y1YmFlYmI4ZTE4OGExNDk3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALifEYM7kjo3RFkAuOAs+dnO3HXqxwDOzTTDBxi9lST5a9QN
B608yga6rMKadBK9efsB8UJD6b+dB70WEjvX46mM9CXK9756dRytcdJbG5Pm+at1
yPTOjgrdyp3KOeqnirywjTXEKW+qugWkhtf7c+tFEaGVeqPjDWuKLSaz/Gbkyk04
4Qo6tqjsBP0EOYd27GuWgNbs4bdrgYmRUCU3yuIoHxc50dn3jLJSUFkO8QKh2aD/
nInfD/qokq5LowQEtgiMAt1YLpdVcBWy0gipO8UTogybEKTpE4J2yJM2am0tkruy
mQOS7797j+it7UrtqOvhYbprQ8nq0N3UHhdZDn8CAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRdmOcrjYYo/eV33PW667jhiKFJeDAfBgNVHSMEGDAWgBSJrArL/beidO82
wW9YYK2iokcGlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lhd0t5XzIzb25Udk5zRnZXR0N0b3FKSEJwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvOTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8x
L1haam5LNDJHS1AzbGQ5ejF1dXU0NFlpaFNYZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
OTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8xL2lhd0t5XzIzb25U
dk5zRnZXR0N0b3FKSEJwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAC2XYgMEAF6JSgMEAF6JTAMEAV6J
TjAMAwQAXolZAwQCXolYMAwDBABeiV0DBABeiV4wDQYJKoZIhvcNAQELBQADggEB
AERYkdWxv7/lunMY/gL3rdKPxSWA0mQ8NaoibwMJdiukfR/9EhRJid7KvSdYr9pl
XHi5SD77g6k2E6BcOiKMEY/RRafkI4y0bezaRmibP1lUQhZ6hRImIdqxy4P9p7Zu
rhf/CLbNthpbmSKkrRzu+/t8+nqSj5n6BJRzmHVk1g+VrbjnZEt8URXaIV+iThzO
QIJwrZsAFVjcVkC3n3fNqFewbox/jR1S+DrBQoIsmbgHs0HWZabEFYVvtduot1c5
YFJL3Q0+FFg6MD1zq4iem9R1jIRNULBtVgqzE1PtJXuLwXorKlOHhxfQpnS6VNlP
1ELhAGhS7d8N9Q2EzWC7SQw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:57 2023 by rpki-client on console-ams.rpki-client.org