Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/PAXuvMN1VdI9ctHTUBW-xNMMEIA.roa
File: PAXuvMN1VdI9ctHTUBW-xNMMEIA.roa (raw, json)
Hash identifier: nTm3miCUrFZsJj0ViSxNQm6P0I2spHnyfQn8NcWQVvU=
Subject key identifier: 3C:05:EE:BC:C3:75:55:D2:3D:72:D1:D3:50:15:BE:C4:D3:0C:10:80
Certificate issuer: /CN=94846741139263388d984db1e97e031669c6486e
Certificate serial: 0204829C
Authority key identifier: 94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/PAXuvMN1VdI9ctHTUBW-xNMMEIA.roa
Signing time: Sun 30 Jan 2022 13:52:20 +0000
ROA not before: Sun 30 Jan 2022 13:52:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209297
IP address blocks: 188.95.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33850012 (0x204829c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94846741139263388d984db1e97e031669c6486e
Validity
Not Before: Jan 30 13:52:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c05eebcc37555d23d72d1d35015bec4d30c1080
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:99:fe:f8:46:7c:67:71:80:d7:c1:d1:31:1c:
e8:08:8a:53:c8:8c:24:ac:a3:43:bd:69:00:0e:4e:
38:c4:fc:c4:6b:65:df:1b:26:92:44:92:35:ef:6a:
90:d2:c4:f5:56:91:62:aa:d7:14:b0:3c:5c:0e:ae:
3a:b0:d5:1c:08:7a:c1:74:87:a6:7b:c5:cc:70:48:
1c:44:ac:93:cb:71:2b:75:fa:79:b6:ec:3a:4f:93:
f4:6f:7d:cf:7b:01:c3:88:17:d6:ce:89:a7:95:7a:
d4:29:a1:7d:6c:cf:00:68:82:79:18:82:b0:a0:7d:
a7:08:34:08:dd:3f:7e:54:c0:9f:34:ed:13:16:ac:
bd:7c:66:89:6a:7f:97:99:9e:7b:e3:82:64:12:fc:
99:e1:3e:fa:23:cc:33:d8:76:10:5a:6a:8c:d5:66:
bc:53:50:73:c8:31:2d:ee:5c:64:7e:33:be:ed:27:
c0:38:e4:7e:41:94:1d:3e:a8:7c:0d:37:09:53:7c:
48:d0:18:f5:e1:56:86:e9:88:dd:c5:4b:f9:be:56:
d5:8c:01:f8:b3:46:05:84:ca:cc:b4:63:31:03:3e:
6b:24:fc:77:89:a0:69:a6:dc:52:ec:d0:7a:32:38:
b7:c2:01:54:22:de:f5:92:f9:66:63:4e:b3:9c:58:
f5:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:05:EE:BC:C3:75:55:D2:3D:72:D1:D3:50:15:BE:C4:D3:0C:10:80
X509v3 Authority Key Identifier:
keyid:94:84:67:41:13:92:63:38:8D:98:4D:B1:E9:7E:03:16:69:C6:48:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lIRnQROSYziNmE2x6X4DFmnGSG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/PAXuvMN1VdI9ctHTUBW-xNMMEIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/a49102-0612-47a0-8117-cb1125007dfb/1/lIRnQROSYziNmE2x6X4DFmnGSG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.95.89.0/24
Signature Algorithm: sha256WithRSAEncryption
48:1a:cd:a3:d2:12:0e:c7:b1:d5:57:70:3c:51:87:bb:e5:c9:
1f:9d:31:56:5f:e4:18:45:2a:6b:d9:53:3a:58:76:bb:49:c0:
6b:3f:2a:9b:43:df:15:cc:1e:dd:79:3e:a0:63:42:f7:76:74:
17:67:3d:dc:d0:7b:ad:e0:60:d4:cb:3d:ee:a3:cd:77:e2:55:
dd:60:b4:39:67:c9:9f:3e:07:1c:56:a0:c5:c5:a0:e1:db:6d:
9c:bf:7a:d7:85:fa:39:a8:09:01:7b:87:68:ad:44:42:5d:a9:
37:2f:d4:34:7a:f6:55:4d:2c:69:88:ad:2c:59:bd:80:a3:c1:
64:9f:ab:2a:fc:9b:14:46:32:fb:2a:71:f5:e2:2d:f5:4c:6d:
84:a5:50:56:16:29:cf:f5:3c:ac:bc:b4:21:0b:e9:55:88:f1:
65:e6:ec:05:b1:27:db:de:28:42:78:28:4b:e7:5f:e6:58:0e:
a5:24:fd:03:62:05:1a:52:6a:95:e2:10:91:fe:d9:00:82:69:
da:10:d0:41:2d:19:f6:98:50:cc:93:a3:c9:31:37:f1:91:cb:
e5:bb:81:70:56:00:69:9a:06:d1:a4:9f:04:0d:c2:a2:8e:30:
27:b0:ba:83:01:ec:f2:10:6c:75:5b:cc:93:79:61:3c:cf:f3:
a4:0e:f9:b7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAgSCnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDg0Njc0MTEzOTI2MzM4OGQ5ODRkYjFlOTdlMDMxNjY5YzY0ODZlMB4XDTIyMDEz
MDEzNTIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MwNWVlYmNjMzc1
NTVkMjNkNzJkMWQzNTAxNWJlYzRkMzBjMTA4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOeZ/vhGfGdxgNfB0TEc6AiKU8iMJKyjQ71pAA5OOMT8xGtl
3xsmkkSSNe9qkNLE9VaRYqrXFLA8XA6uOrDVHAh6wXSHpnvFzHBIHESsk8txK3X6
ebbsOk+T9G99z3sBw4gX1s6Jp5V61CmhfWzPAGiCeRiCsKB9pwg0CN0/flTAnzTt
ExasvXxmiWp/l5mee+OCZBL8meE++iPMM9h2EFpqjNVmvFNQc8gxLe5cZH4zvu0n
wDjkfkGUHT6ofA03CVN8SNAY9eFWhumI3cVL+b5W1YwB+LNGBYTKzLRjMQM+ayT8
d4mgaabcUuzQejI4t8IBVCLe9ZL5ZmNOs5xY9XcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ8Be68w3VV0j1y0dNQFb7E0wwQgDAfBgNVHSMEGDAWgBSUhGdBE5JjOI2Y
TbHpfgMWacZIbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xJUm5RUk9TWXppTm1FMng2WDRERm1uR1NHNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvYTQ5MTAyLTA2MTItNDdhMC04MTE3LWNiMTEyNTAwN2RmYi8x
L1BBWHV2TU4xVmRJOWN0SFRVQlcteE5NTUVJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
YTQ5MTAyLTA2MTItNDdhMC04MTE3LWNiMTEyNTAwN2RmYi8xL2xJUm5RUk9TWXpp
Tm1FMng2WDRERm1uR1NHNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALxfWTANBgkqhkiG9w0BAQsFAAOC
AQEASBrNo9ISDsex1VdwPFGHu+XJH50xVl/kGEUqa9lTOlh2u0nAaz8qm0PfFcwe
3Xk+oGNC93Z0F2c93NB7reBg1Ms97qPNd+JV3WC0OWfJnz4HHFagxcWg4dttnL96
14X6OagJAXuHaK1EQl2pNy/UNHr2VU0saYitLFm9gKPBZJ+rKvybFEYy+ypx9eIt
9UxthKVQVhYpz/U8rLy0IQvpVYjxZebsBbEn294oQngoS+df5lgOpST9A2IFGlJq
leIQkf7ZAIJp2hDQQS0Z9phQzJOjyTE38ZHL5buBcFYAaZoG0aSfBA3Coo4wJ7C6
gwHs8hBsdVvMk3lhPM/zpA75tw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:51 2024 by rpki-client on console-fra.rpki-client.org