Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/nCaY0xXZ-dQHU3lN2NgdklfDb5Y.roa
File: nCaY0xXZ-dQHU3lN2NgdklfDb5Y.roa (raw, json)
Hash identifier: CxDjovgN+SvDaL6nhYoQXm6kLjCQ7BQelIbruVxyduM=
Subject key identifier: 9C:26:98:D3:15:D9:F9:D4:07:53:79:4D:D8:D8:1D:92:57:C3:6F:96
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 06E5260E
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/nCaY0xXZ-dQHU3lN2NgdklfDb5Y.roa
Signing time: Tue 12 Apr 2022 08:39:38 +0000
ROA not before: Tue 12 Apr 2022 08:39:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.74.0/24 maxlen: 24
94.137.76.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
94.137.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115680782 (0x6e5260e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Apr 12 08:39:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c2698d315d9f9d40753794dd8d81d9257c36f96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b4:af:d1:2b:07:c0:a8:80:68:ac:16:e5:37:
aa:35:5b:dd:0f:10:06:f1:d4:12:09:57:d2:6c:da:
e2:d4:0b:e3:80:04:00:11:8d:32:e2:ad:e7:60:42:
74:56:34:7b:b0:99:49:81:0c:fb:68:e2:0a:5a:a8:
8a:b7:e7:6f:8b:07:55:ef:09:53:4f:e2:a5:bb:52:
3b:84:fd:f3:fd:2f:05:8f:48:71:d5:b9:2a:96:51:
53:47:e0:d9:7d:3c:3d:3f:aa:84:16:4a:87:f4:f7:
43:c4:9f:53:8f:f8:60:ea:cc:5e:6c:84:c6:64:32:
e2:91:4f:24:c2:0a:b0:15:6a:0a:05:bf:39:7a:a7:
b0:be:29:35:2f:8e:59:ec:a7:e2:36:50:14:dc:0f:
cc:43:63:d9:a2:83:e9:db:0a:5d:1e:fd:e4:2f:08:
49:65:12:ba:83:80:f7:38:96:d0:ef:6b:25:cb:36:
08:1d:37:ed:19:06:74:a9:76:a2:57:93:fe:19:b3:
7a:e3:29:d9:1c:27:03:a5:14:57:99:32:aa:ea:56:
fd:cc:d7:a4:f7:87:6b:74:24:fb:cc:55:dc:42:49:
b5:3a:39:68:ae:87:2b:94:c4:c2:bc:49:09:be:d6:
53:e5:d5:31:f3:60:e7:04:44:fd:bb:cc:16:b3:91:
30:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:26:98:D3:15:D9:F9:D4:07:53:79:4D:D8:D8:1D:92:57:C3:6F:96
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/nCaY0xXZ-dQHU3lN2NgdklfDb5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.98.0/24
94.137.74.0/24
94.137.76.0/24
94.137.78.0/23
94.137.89.0-94.137.91.255
94.137.93.0-94.137.94.255
Signature Algorithm: sha256WithRSAEncryption
50:d9:c1:53:77:93:90:e2:f3:7b:80:51:e0:17:d9:60:88:76:
96:19:8d:a5:39:02:a4:71:3d:d9:22:4d:3c:33:1d:de:86:df:
28:ce:2f:db:c8:c7:96:6b:80:19:2a:22:41:ac:a7:9b:a7:24:
ae:15:1d:92:af:c4:1e:33:49:cb:d5:c0:55:46:ed:d7:b5:73:
a6:3f:01:de:65:21:06:c8:da:ec:53:d9:ab:b4:77:9b:bb:66:
d0:cf:e7:a3:d6:67:58:85:d1:a0:79:27:a3:98:7f:c1:16:14:
b4:37:cf:22:e8:56:05:9b:d9:b9:d5:2b:d9:16:2a:b9:21:f6:
b5:61:79:ad:91:32:2a:ec:9f:58:44:93:24:3a:1f:7d:64:90:
49:61:a8:5d:a8:39:6b:4b:69:e0:97:f1:44:14:cd:b4:e8:55:
e8:d5:77:99:f5:57:06:ed:49:99:2d:6f:1a:8e:e4:99:b8:90:
cd:d3:3a:91:43:91:b2:a3:6f:08:32:4c:a7:64:28:aa:77:42:
84:a8:bf:e8:95:d4:c2:fc:16:70:a7:87:a2:24:b7:0a:05:bb:
5c:4d:ec:21:40:ac:91:98:24:5d:b6:cd:ba:81:94:71:de:ef:
1f:f8:7f:4f:23:f3:bc:13:7d:3c:4c:63:08:04:89:2c:87:57:
a2:e5:6c:84
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEBuUmDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWFjMGFjYmZkYjdhMjc0ZWYzNmMxNmY1ODYwYWRhMmEyNDcwNjk3MB4XDTIyMDQx
MjA4MzkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWMyNjk4ZDMxNWQ5
ZjlkNDA3NTM3OTRkZDhkODFkOTI1N2MzNmY5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMO0r9ErB8CogGisFuU3qjVb3Q8QBvHUEglX0mza4tQL44AE
ABGNMuKt52BCdFY0e7CZSYEM+2jiClqoirfnb4sHVe8JU0/ipbtSO4T98/0vBY9I
cdW5KpZRU0fg2X08PT+qhBZKh/T3Q8SfU4/4YOrMXmyExmQy4pFPJMIKsBVqCgW/
OXqnsL4pNS+OWeyn4jZQFNwPzENj2aKD6dsKXR795C8ISWUSuoOA9ziW0O9rJcs2
CB037RkGdKl2oleT/hmzeuMp2RwnA6UUV5kyqupW/czXpPeHa3Qk+8xV3EJJtTo5
aK6HK5TEwrxJCb7WU+XVMfNg5wRE/bvMFrORMOkCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBScJpjTFdn51AdTeU3Y2B2SV8NvljAfBgNVHSMEGDAWgBSJrArL/beidO82
wW9YYK2iokcGlzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lhd0t5XzIzb25Udk5zRnZXR0N0b3FKSEJwYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvOTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8x
L25DYVkweFhaLWRRSFUzbE4yTmdka2xmRGI1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
OTNhNzY4LTI2NzctNDhkNi05MTRjLWQ0ZGJmNzA2NmZkMy8xL2lhd0t5XzIzb25U
dk5zRnZXR0N0b3FKSEJwYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwOgQCAAEwNAMEAC2XYgMEAF6JSgMEAF6JTAMEAV6J
TjAMAwQAXolZAwQCXolYMAwDBABeiV0DBABeiV4wDQYJKoZIhvcNAQELBQADggEB
AFDZwVN3k5Di83uAUeAX2WCIdpYZjaU5AqRxPdkiTTwzHd6G3yjOL9vIx5ZrgBkq
IkGsp5unJK4VHZKvxB4zScvVwFVG7de1c6Y/Ad5lIQbI2uxT2au0d5u7ZtDP56PW
Z1iF0aB5J6OYf8EWFLQ3zyLoVgWb2bnVK9kWKrkh9rVhea2RMirsn1hEkyQ6H31k
kElhqF2oOWtLaeCX8UQUzbToVejVd5n1VwbtSZktbxqO5Jm4kM3TOpFDkbKjbwgy
TKdkKKp3QoSov+iV1ML8FnCnh6IktwoFu1xN7CFArJGYJF22zbqBlHHe7x/4f08j
87wTfTxMYwgEiSyHV6LlbIQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:51 2025 by rpki-client