Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/Xa2PBUkIEQvtrSJaz5bTIBwsTcc.roa
File: Xa2PBUkIEQvtrSJaz5bTIBwsTcc.roa (raw, json)
Hash identifier: icGpw7DwMBNMI1B9PMQJBo9cETuTL/29LYcPd2hHcek=
Subject key identifier: 5D:AD:8F:05:49:08:11:0B:ED:AD:22:5A:CF:96:D3:20:1C:2C:4D:C7
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 01846B9082257A6F8679EE2B30E0A8B67521
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/Xa2PBUkIEQvtrSJaz5bTIBwsTcc.roa
Signing time: Sat 12 Nov 2022 11:19:03 +0000
ROA not before: Sat 12 Nov 2022 11:19:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 94.137.76.0/24 maxlen: 24
94.137.94.0/24 maxlen: 24
94.137.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6b:90:82:25:7a:6f:86:79:ee:2b:30:e0:a8:b6:75:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Nov 12 11:19:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dad8f054908110bedad225acf96d3201c2c4dc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f4:3f:a4:9d:f6:37:2e:c1:26:1e:42:f3:41:
62:bf:10:15:aa:4d:00:6a:5f:ec:56:91:b8:04:af:
94:ac:cc:be:a9:e2:53:39:dd:a2:d5:a9:58:c0:7a:
b2:4a:fd:42:40:f3:bf:37:cc:34:a3:b1:f2:9b:2e:
e3:bc:09:46:9c:4c:44:5f:4c:71:2b:90:98:db:a2:
f5:b8:05:92:57:59:5c:38:e5:85:aa:de:71:dc:d5:
ea:0d:f5:d5:b3:49:4e:84:35:cb:aa:46:31:cc:de:
c2:d0:b2:fc:98:30:c8:ef:2b:10:95:f7:8f:8d:0a:
83:d8:9e:6f:30:b8:4d:7c:9b:09:65:1e:53:56:c7:
3b:97:ff:f4:2d:ba:6e:db:f3:26:ba:43:d5:29:f5:
b4:fa:fd:0d:71:26:6e:76:50:6f:35:d2:79:8a:cc:
f8:e3:9a:17:35:91:47:12:2d:60:4b:04:fa:3f:fc:
be:9c:af:06:d3:df:a8:cb:96:78:87:a2:2f:d2:26:
6a:72:11:0c:64:1d:ab:66:d7:ac:1e:f2:5e:65:f6:
5c:b3:bd:4e:3b:4c:99:62:69:de:c3:fb:a8:20:a0:
0b:ff:c0:d7:a3:cf:f7:51:c1:0e:37:77:f4:c8:89:
b4:93:b0:4a:7d:5f:b6:1a:56:4a:2e:39:f3:06:42:
f1:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AD:8F:05:49:08:11:0B:ED:AD:22:5A:CF:96:D3:20:1C:2C:4D:C7
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/Xa2PBUkIEQvtrSJaz5bTIBwsTcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.137.76.0/24
94.137.92.0/24
94.137.94.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:60:bd:b1:75:d1:a5:ae:0b:04:83:18:26:64:46:1e:30:8f:
51:29:70:e3:34:1c:53:da:63:d8:5e:9a:14:cf:6c:22:4d:c2:
77:e9:6a:68:8b:ca:d6:39:62:d2:b3:20:87:c1:95:a9:09:de:
4c:d5:cc:8d:fb:c8:5a:f0:ad:0d:4d:c0:dc:5a:89:10:6f:4a:
13:86:8b:7e:24:5c:0a:46:ef:80:6c:9f:9b:e0:e0:ed:0e:02:
af:1d:f4:96:ac:d4:fe:9d:74:00:a6:af:c3:c1:2a:5e:b7:32:
80:65:03:f4:73:4c:6e:e7:bb:3e:d7:2c:eb:fc:52:e4:6c:19:
cd:3e:c6:c9:7b:6e:2c:bd:8c:78:96:ed:b2:f0:cf:4c:38:7f:
a6:70:39:eb:36:b8:0d:a7:82:fc:b8:f5:28:5c:d4:eb:a7:47:
23:ca:7f:f8:2d:7c:af:24:3e:7d:48:bb:0d:59:00:dc:3c:35:
a3:9e:b9:aa:53:0e:17:80:e2:23:a7:05:64:bb:b2:25:fc:b6:
69:c8:d8:af:6a:e6:fa:09:3b:4a:1a:18:7f:83:14:db:0a:0e:
37:5f:fb:74:dc:17:3f:db:b3:a9:74:1b:b2:51:98:cc:47:5e:
39:30:ff:5c:7e:b4:06:68:bd:d4:5e:90:83:50:4b:34:91:56:
73:86:09:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRrkIIlem+Gee4rMOCotnUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjIxMTEyMTExOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGFkOGYwNTQ5MDgxMTBiZWRhZDIyNWFjZjk2ZDMyMDFjMmM0ZGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPQ/pJ32Ny7BJh5C80FivxAVqk0A
al/sVpG4BK+UrMy+qeJTOd2i1alYwHqySv1CQPO/N8w0o7Hymy7jvAlGnExEX0xx
K5CY26L1uAWSV1lcOOWFqt5x3NXqDfXVs0lOhDXLqkYxzN7C0LL8mDDI7ysQlfeP
jQqD2J5vMLhNfJsJZR5TVsc7l//0Lbpu2/MmukPVKfW0+v0NcSZudlBvNdJ5isz4
45oXNZFHEi1gSwT6P/y+nK8G09+oy5Z4h6Iv0iZqchEMZB2rZtesHvJeZfZcs71O
O0yZYmnew/uoIKAL/8DXo8/3UcEON3f0yIm0k7BKfV+2GlZKLjnzBkLxfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF2tjwVJCBEL7a0iWs+W0yAcLE3HMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvWGEyUEJVa0lFUXZ0clNKYXo1YlRJQndzVGNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXolMAwQA
XolcAwQAXoleMA0GCSqGSIb3DQEBCwUAA4IBAQCOYL2xddGlrgsEgxgmZEYeMI9R
KXDjNBxT2mPYXpoUz2wiTcJ36Wpoi8rWOWLSsyCHwZWpCd5M1cyN+8ha8K0NTcDc
WokQb0oThot+JFwKRu+AbJ+b4ODtDgKvHfSWrNT+nXQApq/DwSpetzKAZQP0c0xu
57s+1yzr/FLkbBnNPsbJe24svYx4lu2y8M9MOH+mcDnrNrgNp4L8uPUoXNTrp0cj
yn/4LXyvJD59SLsNWQDcPDWjnrmqUw4XgOIjpwVku7Il/LZpyNivaub6CTtKGhh/
gxTbCg43X/t03Bc/27OpdBuyUZjMR145MP9cfrQGaL3UXpCDUEs0kVZzhgmV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:57 2023 by rpki-client on console-ams.rpki-client.org