Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/eRx4az9fWP3yPI-Wlxm81VH5TYM.roa
File: eRx4az9fWP3yPI-Wlxm81VH5TYM.roa (raw, json)
Hash identifier: AGxutwSui1WlX0kVYGR3hVuhqGX30kQPJvmk3Hn5GRs=
Subject key identifier: 79:1C:78:6B:3F:5F:58:FD:F2:3C:8F:96:97:19:BC:D5:51:F9:4D:83
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 098B63A1
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/eRx4az9fWP3yPI-Wlxm81VH5TYM.roa
Signing time: Sat 01 Jan 2022 05:04:02 +0000
ROA not before: Sat 01 Jan 2022 05:04:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42947
IP address blocks: 88.148.8.0/23 maxlen: 23
84.232.66.0/23 maxlen: 23
84.232.68.0/24 maxlen: 24
84.232.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160129953 (0x98b63a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=791c786b3f5f58fdf23c8f969719bcd551f94d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:b9:28:79:3c:b1:04:40:de:10:f9:a2:f9:87:
9a:60:c9:68:d2:7f:56:69:35:8c:79:cd:2c:da:e2:
1a:8a:d0:64:da:61:e5:9f:45:5d:16:c0:f4:c0:55:
73:a0:d8:4b:4e:ba:da:1a:5a:0f:92:8c:e3:e2:22:
63:25:df:c1:c3:60:c6:e9:4e:5e:e1:5a:53:fa:23:
40:48:a6:90:b7:9a:fc:7b:c2:c6:b2:c6:a4:dc:83:
d4:f0:bf:b7:44:4a:f2:e9:88:53:76:c3:3c:4b:22:
ea:63:66:b6:ff:48:d9:03:09:1c:a0:5f:3f:41:59:
91:e6:d7:d7:c1:c9:71:f9:b9:98:26:75:05:12:fe:
ae:d9:b9:56:8a:a1:b3:94:11:a8:f3:82:53:03:31:
03:88:9a:61:48:de:80:1d:4c:59:cb:64:49:73:e0:
80:df:65:00:ea:27:41:83:7d:ea:f9:a5:90:ae:bb:
0b:c8:e2:5f:11:14:42:6e:e1:46:e4:57:7a:82:c3:
39:38:44:ea:81:cd:bf:6d:fc:95:2c:b0:50:52:1d:
8f:72:d5:56:65:37:1a:53:06:1c:20:0a:14:b5:c5:
ee:06:91:8e:94:bd:d5:c1:4d:d3:1b:63:77:15:e0:
d6:d3:33:36:a9:e9:22:1b:53:ad:1d:74:6d:0d:0e:
09:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:1C:78:6B:3F:5F:58:FD:F2:3C:8F:96:97:19:BC:D5:51:F9:4D:83
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/eRx4az9fWP3yPI-Wlxm81VH5TYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.66.0-84.232.68.255
84.232.94.0/24
88.148.8.0/23
Signature Algorithm: sha256WithRSAEncryption
20:e5:fa:ae:3b:9a:bc:d7:28:83:8a:56:13:cd:0e:7b:12:07:
3f:f9:14:48:1a:9a:41:75:e5:ea:1f:c1:0a:78:13:ee:60:b8:
18:65:5b:97:e9:9f:3e:c5:22:77:3e:9f:6d:15:66:74:9c:8d:
1e:d5:26:ef:43:b0:dc:27:2a:c1:76:7a:8b:ae:80:0c:0f:b8:
11:94:a6:52:78:d8:97:ed:22:3b:c3:79:96:45:85:8d:9b:a5:
81:66:d9:99:d5:98:af:b4:91:9d:e4:0f:31:cc:c0:d2:e9:5d:
da:4a:fc:1d:a5:c9:e8:64:4c:95:9a:fe:81:81:e0:d8:c7:9d:
bf:62:44:c7:5a:12:a5:e6:0f:df:b7:ae:d4:dc:93:b2:60:94:
a1:ae:e0:b0:4b:8b:c0:16:40:8a:5c:54:18:de:fb:5c:1d:f9:
2b:20:f8:dd:51:d6:97:c6:7f:80:b3:4f:ce:0f:a6:47:29:f9:
3e:89:f1:ca:66:18:25:26:ac:a1:e4:68:c7:f4:b6:b5:6f:c6:
46:ed:8e:31:30:ae:91:2e:cb:5b:be:21:f3:89:ad:94:c4:5c:
56:d8:12:1f:e6:a3:fc:ce:2d:ab:a3:e3:34:22:6d:93:1b:00:
1f:b7:dc:cb:27:96:9e:18:04:8a:cc:07:15:25:bf:b8:25:28:
1f:4b:67:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECYtjoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzkxYzc4NmIzZjVm
NThmZGYyM2M4Zjk2OTcxOWJjZDU1MWY5NGQ4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO25KHk8sQRA3hD5ovmHmmDJaNJ/Vmk1jHnNLNriGorQZNph
5Z9FXRbA9MBVc6DYS0662hpaD5KM4+IiYyXfwcNgxulOXuFaU/ojQEimkLea/HvC
xrLGpNyD1PC/t0RK8umIU3bDPEsi6mNmtv9I2QMJHKBfP0FZkebX18HJcfm5mCZ1
BRL+rtm5Voqhs5QRqPOCUwMxA4iaYUjegB1MWctkSXPggN9lAOonQYN96vmlkK67
C8jiXxEUQm7hRuRXeoLDOThE6oHNv238lSywUFIdj3LVVmU3GlMGHCAKFLXF7gaR
jpS91cFN0xtjdxXg1tMzNqnpIhtTrR10bQ0OCXUCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBR5HHhrP19Y/fI8j5aXGbzVUflNgzAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L2VSeDRhejlmV1AzeVBJLVdseG04MVZINVRZTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQBVOhCAwQAVOhEAwQAVOheAwQB
WJQIMA0GCSqGSIb3DQEBCwUAA4IBAQAg5fquO5q81yiDilYTzQ57Egc/+RRIGppB
deXqH8EKeBPuYLgYZVuX6Z8+xSJ3Pp9tFWZ0nI0e1SbvQ7DcJyrBdnqLroAMD7gR
lKZSeNiX7SI7w3mWRYWNm6WBZtmZ1ZivtJGd5A8xzMDS6V3aSvwdpcnoZEyVmv6B
geDYx52/YkTHWhKl5g/ft67U3JOyYJShruCwS4vAFkCKXFQY3vtcHfkrIPjdUdaX
xn+As0/OD6ZHKfk+ifHKZhglJqyh5GjH9La1b8ZG7Y4xMK6RLstbviHzia2UxFxW
2BIf5qP8zi2ro+M0Im2TGwAft9zLJ5aeGASKzAcVJb+4JSgfS2cy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:02 2023 by rpki-client on console-ams.rpki-client.org