Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/ur8IVdulTyXDdo5S6OJYxQLKx-w.roa
File: ur8IVdulTyXDdo5S6OJYxQLKx-w.roa (raw, json)
Hash identifier: ciW8oqz3ymNeQc5Zhxl/hu7h9NFsu9ChO0nVHHwNJR4=
Subject key identifier: BA:BF:08:55:DB:A5:4F:25:C3:76:8E:52:E8:E2:58:C5:02:CA:C7:EC
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 0183E4834565C50B1C6BD4D793B85B74D26C
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/ur8IVdulTyXDdo5S6OJYxQLKx-w.roa
Signing time: Mon 17 Oct 2022 05:55:51 +0000
ROA not before: Mon 17 Oct 2022 05:55:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
45.151.97.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.72.0/24 maxlen: 24
94.137.74.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
94.137.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:83:45:65:c5:0b:1c:6b:d4:d7:93:b8:5b:74:d2:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Oct 17 05:55:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=babf0855dba54f25c3768e52e8e258c502cac7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8a:06:6c:dd:c5:ea:e7:bf:da:fa:eb:9d:f9:
f2:64:27:3b:4f:bd:79:9f:6f:19:a5:a6:31:2c:25:
7e:87:59:30:5c:85:41:45:de:f4:5d:40:42:f8:13:
1e:83:53:3a:a0:ad:6d:4f:86:b2:70:a7:30:2d:c5:
bd:bc:89:e0:f0:59:8f:74:97:93:0d:aa:37:0b:d3:
4a:d5:70:39:6a:ff:92:dc:dd:1a:de:87:19:49:42:
d2:d8:c3:1b:59:e9:4f:70:c3:e2:4e:b1:37:0d:24:
a1:5e:79:13:e9:07:e9:a9:64:63:45:20:1e:76:66:
c3:7c:83:c0:33:1c:28:29:93:af:11:3f:0d:58:35:
80:fa:36:b3:38:97:f5:c3:ba:02:1a:49:bc:0c:e0:
d0:b0:91:34:6a:0c:29:df:06:c7:82:f6:0f:89:60:
73:3a:e3:7e:e9:20:19:f3:2d:54:94:a0:d5:1e:88:
e5:91:1a:18:ef:74:70:b6:ea:66:85:37:4d:a8:d2:
c1:17:96:6f:cb:31:e6:0b:37:68:0b:1d:4d:45:36:
1c:de:d1:1a:58:f3:e2:61:5a:1c:7e:0f:83:2b:93:
79:c4:e3:09:13:8d:a0:cf:b6:23:68:05:ba:7f:8d:
65:13:ab:3a:ad:ec:60:f9:5c:c9:36:9f:e2:16:d1:
51:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:BF:08:55:DB:A5:4F:25:C3:76:8E:52:E8:E2:58:C5:02:CA:C7:EC
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/ur8IVdulTyXDdo5S6OJYxQLKx-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.97.0-45.151.98.255
94.137.72.0/24
94.137.74.0/24
94.137.78.0/23
94.137.89.0-94.137.91.255
94.137.93.0-94.137.94.255
Signature Algorithm: sha256WithRSAEncryption
98:8e:c4:fd:f9:cf:23:49:63:61:59:05:f8:68:19:5d:f3:47:
7f:be:61:2b:59:78:fb:6e:48:28:f0:14:9e:ca:b6:06:b0:b7:
87:ed:4b:86:78:7a:c9:76:87:fd:ae:11:be:22:be:35:08:64:
a7:16:a3:4d:c6:fb:17:07:0d:52:3f:2b:18:3b:84:fc:38:eb:
5d:ec:44:52:ca:40:76:87:94:d2:5d:84:07:9c:55:f2:d1:9d:
3b:9c:0e:13:d5:1a:cc:c1:0b:14:fa:60:cf:fd:0c:23:1e:f5:
9e:69:da:c6:e4:15:7f:c9:3b:96:df:0b:92:5a:3c:72:dd:a2:
3e:1d:f8:9f:7c:44:af:a6:81:bf:4f:a2:1e:92:fe:d9:3c:89:
cb:e3:04:6e:ae:4a:1f:ec:e5:a7:8f:2b:67:71:75:5d:4d:0d:
cc:21:ea:1f:65:17:b2:49:68:aa:8e:f9:0a:d8:4d:12:53:f9:
02:0e:eb:ad:38:15:bb:0f:74:f0:76:e6:c3:90:67:bf:78:74:
be:b5:9f:97:04:a0:6e:51:34:e9:8c:fd:c0:1a:4e:3a:6f:67:
cc:42:df:4f:00:a9:2a:d1:0d:61:fc:f1:e2:5b:50:1e:2c:1b:
c4:19:8b:60:e5:49:3d:f1:4b:4a:15:af:5e:6e:7a:22:e7:89:
d0:73:1d:9b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYPkg0VlxQsca9TXk7hbdNJsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjIxMDE3MDU1NTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWJmMDg1NWRiYTU0ZjI1YzM3NjhlNTJlOGUyNThjNTAyY2FjN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4oGbN3F6ue/2vrrnfnyZCc7T715
n28ZpaYxLCV+h1kwXIVBRd70XUBC+BMeg1M6oK1tT4aycKcwLcW9vIng8FmPdJeT
Dao3C9NK1XA5av+S3N0a3ocZSULS2MMbWelPcMPiTrE3DSShXnkT6QfpqWRjRSAe
dmbDfIPAMxwoKZOvET8NWDWA+jazOJf1w7oCGkm8DODQsJE0agwp3wbHgvYPiWBz
OuN+6SAZ8y1UlKDVHojlkRoY73RwtupmhTdNqNLBF5ZvyzHmCzdoCx1NRTYc3tEa
WPPiYVocfg+DK5N5xOMJE42gz7YjaAW6f41lE6s6rexg+VzJNp/iFtFRiwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFLq/CFXbpU8lw3aOUujiWMUCysfsMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvdXI4SVZkdWxUeVhEZG81UzZPSll4UUxLeC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAAtl2ED
BAAtl2IDBABeiUgDBABeiUoDBAFeiU4wDAMEAF6JWQMEAl6JWDAMAwQAXoldAwQA
XoleMA0GCSqGSIb3DQEBCwUAA4IBAQCYjsT9+c8jSWNhWQX4aBld80d/vmErWXj7
bkgo8BSeyrYGsLeH7UuGeHrJdof9rhG+Ir41CGSnFqNNxvsXBw1SPysYO4T8OOtd
7ERSykB2h5TSXYQHnFXy0Z07nA4T1RrMwQsU+mDP/QwjHvWeadrG5BV/yTuW3wuS
Wjxy3aI+HfiffESvpoG/T6Iekv7ZPInL4wRurkof7OWnjytncXVdTQ3MIeofZRey
SWiqjvkK2E0SU/kCDuutOBW7D3TwdubDkGe/eHS+tZ+XBKBuUTTpjP3AGk46b2fM
Qt9PAKkq0Q1h/PHiW1AeLBvEGYtg5Uk98UtKFa9ebnoi54nQcx2b
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:57 2023 by rpki-client on console-ams.rpki-client.org