Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/Mi7h2EalUb3faG_NfjUpjdzRy-Q.roa
File: Mi7h2EalUb3faG_NfjUpjdzRy-Q.roa (raw, json)
Hash identifier: nNQQJg2VfD7kcl/cnZyEhrzfUE197viMu/DoOQrBwQI=
Subject key identifier: 32:2E:E1:D8:46:A5:51:BD:DF:68:6F:CD:7E:35:29:8D:DC:D1:CB:E4
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 01848AF276193298CB310A86347B6C3FED63
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/Mi7h2EalUb3faG_NfjUpjdzRy-Q.roa
Signing time: Fri 18 Nov 2022 13:34:16 +0000
ROA not before: Fri 18 Nov 2022 13:34:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211439
IP address blocks: 93.114.62.0/24 maxlen: 24
89.46.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8a:f2:76:19:32:98:cb:31:0a:86:34:7b:6c:3f:ed:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Nov 18 13:34:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=322ee1d846a551bddf686fcd7e35298ddcd1cbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f0:8c:70:7b:91:13:39:be:7a:98:ef:aa:6c:
c1:e5:5e:7e:99:c2:08:4b:fb:0b:95:1f:d3:f5:fa:
97:78:32:12:e0:7c:57:1f:4a:5e:2e:1c:b1:21:b3:
8f:36:6f:2c:2e:17:a7:93:9e:12:3c:60:ed:95:df:
20:96:19:0b:ad:49:f2:18:47:5a:69:9e:7b:e5:84:
1d:d2:6e:f4:ae:57:d8:b5:5d:6f:2f:d8:c7:53:bc:
8e:88:f6:28:b7:ec:e4:70:fd:2c:df:de:d3:77:c0:
90:c9:08:ce:c4:81:38:5d:b6:1e:1d:9f:9e:74:3e:
a3:8a:7e:07:f2:45:b5:f0:50:a1:11:a5:33:a5:54:
08:96:78:12:67:3c:d3:ba:26:b4:d3:09:6d:3b:01:
ae:72:d2:c7:72:f4:b2:f4:2b:8b:a7:cd:9a:a5:9a:
a6:95:f9:e3:a6:33:5e:60:3e:dd:87:36:5a:82:59:
b6:93:3e:5a:ee:30:66:fc:f0:98:0c:05:db:25:e4:
70:1b:7b:c7:68:0a:01:8e:46:91:1e:7c:ca:b2:f6:
e4:9f:32:ce:83:14:d0:f9:16:49:8d:1d:e5:49:dd:
37:29:a8:85:20:53:2f:63:30:d2:29:6e:01:b3:2b:
08:39:86:bc:a5:a3:fc:2e:63:7c:08:83:4c:c5:24:
91:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:2E:E1:D8:46:A5:51:BD:DF:68:6F:CD:7E:35:29:8D:DC:D1:CB:E4
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/Mi7h2EalUb3faG_NfjUpjdzRy-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.11.0/24
93.114.62.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:0a:1c:05:55:4c:d1:f3:6d:82:75:c6:6b:13:19:84:f1:20:
8f:82:6d:2b:df:2b:74:a3:b9:d2:34:60:92:03:e2:bc:da:21:
00:df:5a:d9:72:25:4e:4a:fa:01:40:e1:73:35:69:ce:6b:c4:
77:a8:48:98:9a:de:d4:68:7f:8d:bc:11:05:86:63:48:8f:1d:
f4:65:f7:df:83:4e:d5:9c:73:7f:f5:33:5f:af:75:42:52:82:
94:91:38:d9:f9:68:4b:17:79:f5:2f:33:34:1a:54:9c:52:18:
60:0a:dc:46:05:00:56:a9:1c:72:15:af:cf:49:74:42:37:e0:
fd:4d:a4:7f:99:39:22:c1:72:a6:9c:9f:92:e8:2e:a1:f9:eb:
cd:35:c8:e8:62:2b:d7:96:c4:0a:75:a3:a8:b4:10:8a:fd:6a:
f7:88:10:e4:71:32:4c:c3:54:91:d0:29:9a:06:aa:d5:f9:48:
e8:7c:f7:d8:22:b9:03:92:e3:cb:0c:d0:0c:bc:43:7a:cd:64:
7a:b0:d5:22:1c:28:3f:7b:da:c9:1f:2e:f0:b1:95:8e:6c:be:
93:bd:b1:1b:21:c1:a7:4f:bb:ce:d6:4c:a0:04:9e:a0:49:43:
db:52:0a:c1:f6:f3:dd:a4:8f:51:67:e3:8a:a8:d3:14:df:5a:
a4:40:8e:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSK8nYZMpjLMQqGNHtsP+1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjIxMTE4MTMzNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjJlZTFkODQ2YTU1MWJkZGY2ODZmY2Q3ZTM1Mjk4ZGRjZDFjYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfCMcHuREzm+epjvqmzB5V5+mcII
S/sLlR/T9fqXeDIS4HxXH0peLhyxIbOPNm8sLhenk54SPGDtld8glhkLrUnyGEda
aZ575YQd0m70rlfYtV1vL9jHU7yOiPYot+zkcP0s397Td8CQyQjOxIE4XbYeHZ+e
dD6jin4H8kW18FChEaUzpVQIlngSZzzTuia00wltOwGuctLHcvSy9CuLp82apZqm
lfnjpjNeYD7dhzZaglm2kz5a7jBm/PCYDAXbJeRwG3vHaAoBjkaRHnzKsvbknzLO
gxTQ+RZJjR3lSd03KaiFIFMvYzDSKW4BsysIOYa8paP8LmN8CINMxSSRxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDIu4dhGpVG932hvzX41KY3c0cvkMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvTWk3aDJFYWxVYjNmYUdfTmZqVXBqZHpSeS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWS4LAwQA
XXI+MA0GCSqGSIb3DQEBCwUAA4IBAQCpChwFVUzR822CdcZrExmE8SCPgm0r3yt0
o7nSNGCSA+K82iEA31rZciVOSvoBQOFzNWnOa8R3qEiYmt7UaH+NvBEFhmNIjx30
Zfffg07VnHN/9TNfr3VCUoKUkTjZ+WhLF3n1LzM0GlScUhhgCtxGBQBWqRxyFa/P
SXRCN+D9TaR/mTkiwXKmnJ+S6C6h+evNNcjoYivXlsQKdaOotBCK/Wr3iBDkcTJM
w1SR0CmaBqrV+UjofPfYIrkDkuPLDNAMvEN6zWR6sNUiHCg/e9rJHy7wsZWObL6T
vbEbIcGnT7vO1kygBJ6gSUPbUgrB9vPdpI9RZ+OKqNMU31qkQI5J
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:19 2023 by rpki-client on console-fra.rpki-client.org