Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/jfzQZqEYebbxVsQw35ncZjNJiUw.roa
File: jfzQZqEYebbxVsQw35ncZjNJiUw.roa (raw, json)
Hash identifier: THwc+3sYHiFIOR7jCaULvPIuOS+daIJGQvbWGj4Ka78=
Subject key identifier: 8D:FC:D0:66:A1:18:79:B6:F1:56:C4:30:DF:99:DC:66:33:49:89:4C
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 06845F9D
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/jfzQZqEYebbxVsQw35ncZjNJiUw.roa
Signing time: Wed 09 Mar 2022 09:03:57 +0000
ROA not before: Wed 09 Mar 2022 09:03:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
45.151.97.0/24 maxlen: 24
45.151.99.0/24 maxlen: 24
94.137.76.0/24 maxlen: 24
94.137.75.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
94.137.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109338525 (0x6845f9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Mar 9 09:03:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8dfcd066a11879b6f156c430df99dc663349894c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:63:59:73:76:88:ad:5f:94:b2:a9:1a:9d:ff:
bc:fb:5d:30:73:11:9f:2d:df:49:7f:72:12:ce:e8:
f8:16:8d:a2:0e:23:80:b3:49:a1:7b:d4:b1:cc:e6:
6d:3e:bb:a0:dd:1f:e3:e7:3b:0c:3a:68:c6:4d:9c:
ce:97:12:bf:53:9e:39:c1:41:bc:9e:f8:44:42:9f:
05:16:af:f0:ac:74:4e:93:ce:2b:69:4b:9e:c3:3c:
d1:cf:37:f8:c4:6b:97:db:10:23:09:ad:7e:94:80:
6a:1a:9f:d5:ab:3c:66:7c:e6:84:67:e8:ea:12:c7:
32:c1:e8:a6:66:75:d7:c9:0f:30:b9:4d:2a:94:77:
ee:92:6d:89:e2:8f:77:ce:36:94:aa:61:ac:14:e7:
4e:65:b0:3a:5a:d9:33:2f:f0:d3:fc:01:07:3f:ad:
b0:53:06:bc:62:d7:c2:9f:cc:e6:38:85:b8:f4:6c:
27:d7:1e:dd:13:98:36:84:6b:39:d2:3b:89:05:6b:
85:8d:26:54:b4:ba:e9:04:b9:1a:3e:8f:71:12:fb:
4b:11:45:6d:40:80:9a:c9:c0:a6:1c:f6:bd:8f:2a:
ed:c4:13:e1:ae:5e:93:ba:85:74:8a:da:20:79:8d:
c4:18:42:b3:28:26:5d:22:25:76:6b:f9:08:9d:3b:
45:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:FC:D0:66:A1:18:79:B6:F1:56:C4:30:DF:99:DC:66:33:49:89:4C
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/jfzQZqEYebbxVsQw35ncZjNJiUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.97.0-45.151.99.255
94.137.75.0-94.137.76.255
94.137.79.0/24
94.137.89.0-94.137.91.255
94.137.93.0-94.137.94.255
Signature Algorithm: sha256WithRSAEncryption
9b:df:a2:fe:7e:ac:84:ba:ea:e0:41:aa:db:06:0e:ea:9b:84:
eb:88:f2:d6:3f:2f:f5:da:b6:d6:c3:15:fb:e3:64:53:03:1c:
70:49:72:c5:72:87:ad:b9:e2:32:c1:33:28:31:97:15:91:80:
5b:33:12:d0:b7:21:07:d9:c9:0d:cd:4b:4a:9a:e2:4d:c1:1a:
b8:2c:a5:41:1d:71:c9:d5:2e:eb:4e:af:bc:40:55:28:f0:60:
ea:7a:35:ef:47:21:67:9d:40:4f:57:f5:df:58:b3:d5:69:2b:
15:ae:46:b9:bc:11:20:b2:a5:6e:69:96:52:c3:5e:42:67:8d:
a6:64:e3:f9:8e:d2:b6:ac:08:a4:4c:e6:e2:14:0b:dd:69:26:
65:f0:5b:69:e9:2d:fa:d9:17:41:2c:d2:a7:cf:4b:54:46:73:
af:6c:57:8a:e5:fa:3a:83:e7:51:88:14:14:02:10:22:cf:06:
70:55:b0:81:ef:06:ea:18:33:74:a9:7a:7d:2b:66:6e:ce:39:
5a:b5:bd:b1:6b:85:4e:91:c2:47:39:d2:7a:6f:14:05:df:07:
f6:30:b4:1d:2b:6e:a8:ff:81:c3:72:2f:17:c0:6e:0f:d4:ef:
59:4f:ec:2e:53:8b:83:3b:b9:7e:b4:df:33:ea:bc:d8:ff:e5:
23:0f:b8:11
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIEBoRfnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWFjMGFjYmZkYjdhMjc0ZWYzNmMxNmY1ODYwYWRhMmEyNDcwNjk3MB4XDTIyMDMw
OTA5MDM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRmY2QwNjZhMTE4
NzliNmYxNTZjNDMwZGY5OWRjNjYzMzQ5ODk0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRjWXN2iK1flLKpGp3/vPtdMHMRny3fSX9yEs7o+BaNog4j
gLNJoXvUsczmbT67oN0f4+c7DDpoxk2czpcSv1OeOcFBvJ74REKfBRav8Kx0TpPO
K2lLnsM80c83+MRrl9sQIwmtfpSAahqf1as8ZnzmhGfo6hLHMsHopmZ118kPMLlN
KpR37pJtieKPd842lKphrBTnTmWwOlrZMy/w0/wBBz+tsFMGvGLXwp/M5jiFuPRs
J9ce3ROYNoRrOdI7iQVrhY0mVLS66QS5Gj6PcRL7SxFFbUCAmsnAphz2vY8q7cQT
4a5ek7qFdIraIHmNxBhCsygmXSIldmv5CJ07RWsCAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBSN/NBmoRh5tvFWxDDfmdxmM0mJTDAfBgNVHSMEGDAWgBSJrArL/beidO82
wW9YYK2iokcGlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lhd0t5XzIzb25Udk5zRnZXR0N0b3FKSEJwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvOTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8x
L2pmelFacUVZZWJieFZzUXczNW5jWmpOSmlVdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
OTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8xL2lhd0t5XzIzb25U
dk5zRnZXR0N0b3FKSEJwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwRAQCAAEwPjAMAwQALZdhAwQCLZdgMAwDBABeiUsD
BABeiUwDBABeiU8wDAMEAF6JWQMEAl6JWDAMAwQAXoldAwQAXoleMA0GCSqGSIb3
DQEBCwUAA4IBAQCb36L+fqyEuurgQarbBg7qm4TriPLWPy/12rbWwxX742RTAxxw
SXLFcoetueIywTMoMZcVkYBbMxLQtyEH2ckNzUtKmuJNwRq4LKVBHXHJ1S7rTq+8
QFUo8GDqejXvRyFnnUBPV/XfWLPVaSsVrka5vBEgsqVuaZZSw15CZ42mZOP5jtK2
rAikTObiFAvdaSZl8Ftp6S362RdBLNKnz0tURnOvbFeK5fo6g+dRiBQUAhAizwZw
VbCB7wbqGDN0qXp9K2Zuzjlatb2xa4VOkcJHOdJ6bxQF3wf2MLQdK26o/4HDci8X
wG4P1O9ZT+wuU4uDO7l+tN8z6rzY/+UjD7gR
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:14:08 2025 by rpki-client