Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/x3oYUiV6mzguSkq4Zd871TXwCHY.roa
File: x3oYUiV6mzguSkq4Zd871TXwCHY.roa (raw, json)
Hash identifier: BmVXeWn/5Tww9gZA8DVwChNkLIt3NmAR6x+QSrHn538=
Subject key identifier: C7:7A:18:52:25:7A:9B:38:2E:4A:4A:B8:65:DF:3B:D5:35:F0:08:76
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 01838AF1200C67C760E23C517D78241BAA97
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/x3oYUiV6mzguSkq4Zd871TXwCHY.roa
Signing time: Thu 29 Sep 2022 20:30:01 +0000
ROA not before: Thu 29 Sep 2022 20:30:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
94.137.78.0/24 maxlen: 24
94.137.72.0/24 maxlen: 24
94.137.74.0/24 maxlen: 24
94.137.79.0/24 maxlen: 24
94.137.91.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
94.137.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8a:f1:20:0c:67:c7:60:e2:3c:51:7d:78:24:1b:aa:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Sep 29 20:30:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c77a1852257a9b382e4a4ab865df3bd535f00876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f8:10:91:2f:1e:6f:f5:69:38:f1:ac:43:35:
e8:e2:df:12:cd:6a:30:81:55:a5:8c:d2:f4:78:d9:
ea:38:20:00:30:d0:fb:71:2f:61:59:55:ee:b4:eb:
25:53:b5:91:78:31:83:6a:ca:cf:00:55:56:98:48:
34:2c:18:70:36:64:60:27:8d:74:a3:d2:53:78:d3:
48:58:5b:e3:90:98:1a:34:bc:da:59:81:e6:43:7f:
65:92:05:95:dd:db:47:31:bc:f2:df:dc:13:46:5e:
7e:db:dd:c2:51:19:d1:0a:a6:7c:f4:9e:fd:c9:92:
76:c3:bc:73:eb:16:24:b7:36:89:09:b3:75:1e:b3:
6e:b5:d3:59:ef:a5:91:84:5b:a7:19:a2:40:21:90:
54:6a:f1:44:f8:4e:25:71:9b:fb:c7:7a:c3:fa:19:
f5:b3:c6:84:db:be:69:dd:d3:e3:3a:f9:4a:f1:d1:
ab:68:a5:46:36:f5:0d:f3:95:18:94:5d:14:20:75:
d5:b2:28:98:6d:75:29:57:8b:4a:74:0b:9d:21:01:
40:a4:59:b9:ab:35:95:04:02:da:43:cf:e7:d5:2a:
64:2a:a0:ab:27:dc:1c:8e:d5:c9:a8:ee:92:8b:b7:
f4:11:79:71:27:37:17:36:ef:e5:9d:9e:a8:31:ae:
a8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:7A:18:52:25:7A:9B:38:2E:4A:4A:B8:65:DF:3B:D5:35:F0:08:76
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/x3oYUiV6mzguSkq4Zd871TXwCHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.98.0/24
94.137.72.0/24
94.137.74.0/24
94.137.78.0/23
94.137.89.0-94.137.91.255
94.137.93.0-94.137.94.255
Signature Algorithm: sha256WithRSAEncryption
07:67:1c:90:df:38:42:09:97:b2:fc:e4:96:5c:0e:e6:a7:04:
ac:85:0d:2d:69:0a:f6:d3:83:bf:26:1a:4c:2d:ba:9d:55:19:
d8:d4:3a:06:b7:0e:75:be:6b:9c:9c:35:7b:6a:5d:44:a5:29:
dc:a7:c6:29:f7:5e:8e:10:3a:9d:d9:3c:3f:b0:08:52:d5:f1:
c9:c5:09:0d:66:51:5f:94:0a:71:ff:47:86:93:da:26:13:0f:
cd:cd:a3:52:89:75:67:f7:32:81:6d:50:b5:1e:e4:fa:7c:af:
e0:9c:8a:89:e4:6c:7a:cb:bf:1c:e2:2d:4a:a8:1f:dd:c4:cc:
7c:fd:4b:25:55:ab:70:77:9c:03:f5:40:e2:45:69:ab:81:b4:
b9:01:9a:3d:c8:54:85:bd:06:34:67:8c:6b:24:9c:1f:b9:0d:
83:30:58:37:86:2d:d8:01:4c:80:32:79:cb:67:54:33:b9:c5:
90:f2:4d:44:96:45:bd:42:98:01:18:a2:db:19:1e:f7:e7:f6:
0c:50:73:bc:6c:0a:ae:e3:d5:d3:01:db:6c:23:83:f7:e2:70:
4a:93:11:c3:b4:c2:79:52:44:ec:3a:6e:00:e3:d1:66:c1:0e:
01:f6:df:8a:9b:9a:64:57:c0:ca:d9:78:66:ad:1e:e9:cb:78:
6d:c1:08:66
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYOK8SAMZ8dg4jxRfXgkG6qXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjIwOTI5MjAzMDAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzdhMTg1MjI1N2E5YjM4MmU0YTRhYjg2NWRmM2JkNTM1ZjAwODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvgQkS8eb/VpOPGsQzXo4t8SzWow
gVWljNL0eNnqOCAAMND7cS9hWVXutOslU7WReDGDasrPAFVWmEg0LBhwNmRgJ410
o9JTeNNIWFvjkJgaNLzaWYHmQ39lkgWV3dtHMbzy39wTRl5+293CURnRCqZ89J79
yZJ2w7xz6xYktzaJCbN1HrNutdNZ76WRhFunGaJAIZBUavFE+E4lcZv7x3rD+hn1
s8aE275p3dPjOvlK8dGraKVGNvUN85UYlF0UIHXVsiiYbXUpV4tKdAudIQFApFm5
qzWVBALaQ8/n1SpkKqCrJ9wcjtXJqO6Si7f0EXlxJzcXNu/lnZ6oMa6oXQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFMd6GFIleps4LkpKuGXfO9U18Ah2MB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEveDNvWVVpVjZtemd1U2txNFpkODcxVFh3Q0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQALZdiAwQA
XolIAwQAXolKAwQBXolOMAwDBABeiVkDBAJeiVgwDAMEAF6JXQMEAF6JXjANBgkq
hkiG9w0BAQsFAAOCAQEAB2cckN84QgmXsvzkllwO5qcErIUNLWkK9tODvyYaTC26
nVUZ2NQ6BrcOdb5rnJw1e2pdRKUp3KfGKfdejhA6ndk8P7AIUtXxycUJDWZRX5QK
cf9HhpPaJhMPzc2jUol1Z/cygW1QtR7k+nyv4JyKieRsesu/HOItSqgf3cTMfP1L
JVWrcHecA/VA4kVpq4G0uQGaPchUhb0GNGeMayScH7kNgzBYN4Yt2AFMgDJ5y2dU
M7nFkPJNRJZFvUKYARii2xke9+f2DFBzvGwKruPV0wHbbCOD9+JwSpMRw7TCeVJE
7DpuAOPRZsEOAfbfipuaZFfAytl4Zq0e6ct4bcEIZg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:57 2023 by rpki-client on console-ams.rpki-client.org