Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/ou6gR8DkPnn4oQtBnUULxo_NCNg.roa
File: ou6gR8DkPnn4oQtBnUULxo_NCNg.roa (raw, json)
Hash identifier: +q5lFchLDBws2cdpa8Qmol7cqEsvATcQCiR5+71WmwY=
Subject key identifier: A2:EE:A0:47:C0:E4:3E:79:F8:A1:0B:41:9D:45:0B:C6:8F:CD:08:D8
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 018682BF8558A1863560F9F87E6FF8B690DD
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/ou6gR8DkPnn4oQtBnUULxo_NCNg.roa
Signing time: Fri 24 Feb 2023 09:27:14 +0000
ROA not before: Fri 24 Feb 2023 09:27:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.72.0/24 maxlen: 24
94.137.74.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:bf:85:58:a1:86:35:60:f9:f8:7e:6f:f8:b6:90:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Feb 24 09:27:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2eea047c0e43e79f8a10b419d450bc68fcd08d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:df:72:0f:c2:7a:98:7f:9a:69:2a:39:2f:c9:
38:f3:a7:f5:a9:54:07:13:fc:a8:17:42:ae:fb:71:
6c:db:2f:05:95:d8:9b:b4:73:ad:9b:db:1e:ef:0b:
96:bc:ae:0f:bf:65:1d:2b:4e:71:c1:7d:4a:10:0e:
f6:4b:33:7e:ea:5c:22:49:11:7f:d3:83:d0:bc:2e:
c3:0d:c2:1b:12:f8:6b:14:85:47:23:7d:68:7b:1b:
af:1b:45:00:3c:09:6e:f1:12:4e:c0:ec:ff:c6:f8:
ea:f2:5d:ce:be:05:5f:ed:90:df:5d:a0:04:9f:37:
9f:29:5f:d6:2b:e1:00:00:64:a3:ec:f4:08:f6:cc:
4d:3e:eb:21:60:88:c1:c4:06:28:76:89:05:6d:23:
d7:82:20:df:46:e3:ee:0a:14:ce:e6:25:27:21:7d:
57:b1:33:a4:d7:3b:fb:48:53:3e:99:70:34:87:59:
1d:99:a5:46:0d:7e:d8:46:de:92:2e:ad:1d:b8:14:
1a:d0:ff:44:c8:21:89:8e:21:97:31:50:31:67:fa:
ca:25:2d:dd:0e:27:4d:db:a7:3d:df:d5:8b:ef:af:
d3:6f:30:f7:5b:12:27:49:35:0e:35:11:f9:a9:f4:
c2:2c:23:2e:8f:db:65:dd:74:28:38:b1:b5:cb:d1:
5f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:EE:A0:47:C0:E4:3E:79:F8:A1:0B:41:9D:45:0B:C6:8F:CD:08:D8
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/ou6gR8DkPnn4oQtBnUULxo_NCNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.98.0/24
94.137.72.0/24
94.137.74.0/24
94.137.78.0/24
94.137.89.0-94.137.91.255
94.137.93.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:bb:2e:ea:aa:3c:66:92:b7:6d:93:a3:e0:1d:ba:a7:a0:80:
c5:b7:75:61:3b:96:90:38:7d:92:51:d6:09:47:97:c8:cb:48:
aa:20:bf:a6:84:bd:bf:69:2a:ad:da:eb:e9:9f:56:16:3d:84:
46:db:1f:2f:5f:f0:0d:58:c0:ad:b0:c4:0e:53:74:47:db:e4:
c7:fa:86:1f:78:1d:f5:50:b9:a6:95:e1:43:95:30:08:59:42:
12:9a:18:6d:b8:cc:c5:ad:fa:1b:cf:a1:7a:ae:1b:3f:38:49:
e6:23:ff:6a:49:86:c2:2d:8c:85:53:0d:25:22:79:04:31:e0:
70:6d:83:91:23:79:53:fb:9d:e2:98:5d:95:49:70:c5:2a:26:
f7:0f:f2:da:bb:6f:90:84:15:be:e4:07:85:b9:bc:f4:3d:09:
48:f5:b5:96:ef:73:57:e1:29:a8:f5:84:b8:d2:0e:1f:f1:23:
0b:cf:15:19:75:63:6e:15:8d:8d:77:01:d6:2e:af:c3:bd:89:
3d:24:de:96:6e:86:41:0e:ef:85:a8:4a:e2:12:1d:ff:38:c8:
d0:1e:78:3d:4c:5a:b0:95:fe:d0:3f:87:03:f1:fe:d3:ea:c4:
bd:65:d9:d8:41:7f:3c:7e:91:73:69:4e:55:56:56:02:e6:c4:
55:40:e2:43
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYaCv4VYoYY1YPn4fm/4tpDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjMwMjI0MDkyNzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmVlYTA0N2MwZTQzZTc5ZjhhMTBiNDE5ZDQ1MGJjNjhmY2QwOGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlN9yD8J6mH+aaSo5L8k486f1qVQH
E/yoF0Ku+3Fs2y8FldibtHOtm9se7wuWvK4Pv2UdK05xwX1KEA72SzN+6lwiSRF/
04PQvC7DDcIbEvhrFIVHI31oexuvG0UAPAlu8RJOwOz/xvjq8l3OvgVf7ZDfXaAE
nzefKV/WK+EAAGSj7PQI9sxNPushYIjBxAYodokFbSPXgiDfRuPuChTO5iUnIX1X
sTOk1zv7SFM+mXA0h1kdmaVGDX7YRt6SLq0duBQa0P9EyCGJjiGXMVAxZ/rKJS3d
DidN26c939WL76/TbzD3WxInSTUONRH5qfTCLCMuj9tl3XQoOLG1y9FfmQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKLuoEfA5D55+KELQZ1FC8aPzQjYMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvb3U2Z1I4RGtQbm40b1F0Qm5VVUx4b19OQ05nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALZdiAwQA
XolIAwQAXolKAwQAXolOMAwDBABeiVkDBAJeiVgDBABeiV0wDQYJKoZIhvcNAQEL
BQADggEBAJu7LuqqPGaSt22To+AduqeggMW3dWE7lpA4fZJR1glHl8jLSKogv6aE
vb9pKq3a6+mfVhY9hEbbHy9f8A1YwK2wxA5TdEfb5Mf6hh94HfVQuaaV4UOVMAhZ
QhKaGG24zMWt+hvPoXquGz84SeYj/2pJhsItjIVTDSUieQQx4HBtg5EjeVP7neKY
XZVJcMUqJvcP8tq7b5CEFb7kB4W5vPQ9CUj1tZbvc1fhKaj1hLjSDh/xIwvPFRl1
Y24VjY13AdYur8O9iT0k3pZuhkEO74WoSuISHf84yNAeeD1MWrCV/tA/hwPx/tPq
xL1l2dhBfzx+kXNpTlVWVgLmxFVA4kM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:18:27 2025 by rpki-client