Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/S2s3TqZJJzm6jorg0Ld86TR-GaM.roa
File: S2s3TqZJJzm6jorg0Ld86TR-GaM.roa (raw, json)
Hash identifier: EyXQOmY/I7taSayQIvZIYxEUlh7t+nEKeqlOWx7eRU0=
Subject key identifier: 4B:6B:37:4E:A6:49:27:39:BA:8E:8A:E0:D0:B7:7C:E9:34:7E:19:A3
Certificate issuer: /CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Certificate serial: 35B0757E
Authority key identifier: 25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/S2s3TqZJJzm6jorg0Ld86TR-GaM.roa
Signing time: Sat 01 Jan 2022 04:58:11 +0000
ROA not before: Sat 01 Jan 2022 04:58:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198013
IP address blocks: 94.185.97.0/24 maxlen: 24
94.185.96.0/19 maxlen: 19
94.185.98.0/24 maxlen: 24
94.185.104.0/22 maxlen: 22
94.185.103.0/24 maxlen: 24
94.185.102.0/24 maxlen: 24
94.185.101.0/24 maxlen: 24
94.185.100.0/24 maxlen: 24
94.185.99.0/24 maxlen: 24
94.185.109.0/24 maxlen: 24
94.185.108.0/24 maxlen: 24
94.185.112.0/24 maxlen: 24
2a03:4580::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 900756862 (0x35b0757e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2588b1b560f998eccd3a6eff40543b59204d67b8
Validity
Not Before: Jan 1 04:58:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b6b374ea6492739ba8e8ae0d0b77ce9347e19a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:89:12:78:15:0a:bf:69:b7:f0:6e:c4:e8:
ef:d2:52:41:40:8a:6e:38:85:26:b6:3b:63:00:7d:
3f:f2:e3:8a:03:b2:0a:60:86:b7:eb:0d:67:11:cc:
8d:a1:ce:ac:8d:fb:4f:e1:04:81:e3:b7:48:63:00:
0f:69:18:5b:d2:77:ef:5c:e1:cd:6f:a0:da:6a:97:
a2:07:a3:15:47:7c:20:ba:aa:c7:a6:d7:ea:27:7f:
3b:88:87:de:49:b4:e0:f5:61:01:ec:41:cb:a4:17:
44:8f:15:9c:5c:90:c1:54:aa:4e:2c:58:11:be:f6:
78:0f:9e:d1:e2:89:d3:5b:e3:5d:03:70:c2:38:e5:
5e:25:04:ce:90:ba:93:a1:1f:2c:8a:a3:11:84:21:
2c:cb:7d:e9:7c:85:71:f8:c1:72:b7:4b:f5:eb:f1:
75:75:45:78:18:9e:de:3e:05:95:c7:b0:e7:57:50:
04:d5:d0:56:95:73:7f:ab:09:fb:b4:3a:2c:f6:ea:
8b:da:6f:ca:5d:79:07:14:d4:9b:c9:f5:fd:9f:cc:
b5:5d:af:1f:83:03:cd:a2:be:8b:3e:47:00:47:23:
72:09:ca:57:e9:6f:7a:54:96:ec:0b:58:c8:e6:54:
f6:d5:8c:a4:77:17:42:ce:19:1a:d4:67:92:ff:51:
59:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:6B:37:4E:A6:49:27:39:BA:8E:8A:E0:D0:B7:7C:E9:34:7E:19:A3
X509v3 Authority Key Identifier:
keyid:25:88:B1:B5:60:F9:98:EC:CD:3A:6E:FF:40:54:3B:59:20:4D:67:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/S2s3TqZJJzm6jorg0Ld86TR-GaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/18d6d5-6c86-42c1-84f1-99a0189888b5/1/JYixtWD5mOzNOm7_QFQ7WSBNZ7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.185.96.0/19
IPv6:
2a03:4580::/32
Signature Algorithm: sha256WithRSAEncryption
6a:c5:3b:88:99:1c:f2:8f:d0:06:45:b6:2e:6b:09:74:12:3d:
c0:b6:9b:b5:c4:68:58:20:5a:4f:2f:e4:7d:68:a9:c5:e8:27:
10:69:42:6f:e0:c1:54:a8:14:f3:7d:ce:65:e8:be:3b:19:57:
c5:34:fd:14:81:eb:37:15:d2:d5:b9:e1:4d:83:44:d7:a8:8b:
61:9e:34:84:49:89:86:c0:20:e4:f9:97:c5:3a:a8:50:20:eb:
df:4c:96:fa:bf:07:03:d9:5d:35:e6:24:7c:8f:66:e9:94:9d:
3a:05:a3:cb:2a:50:4b:81:c1:3d:d6:58:7f:08:1a:17:ca:ce:
45:fd:c3:af:f6:06:c9:ee:9f:f0:96:a6:a4:e0:b4:b8:0d:43:
36:68:8b:02:83:ba:50:dc:c0:ac:3b:7e:4d:f3:68:df:e4:bf:
07:4e:7f:71:bc:43:4f:ca:e1:49:36:c4:fa:91:e2:43:cb:cc:
f2:99:f1:10:93:b0:15:82:cb:f5:9c:89:28:82:91:8f:ab:3c:
a0:7b:16:e7:06:08:29:c2:14:ad:e4:a1:db:8d:6d:8d:f3:c4:
ac:01:dc:2d:4a:96:8a:7a:1d:6a:cb:fd:ed:8f:48:9a:ea:d7:
df:30:47:68:31:c6:cd:6c:77:48:f8:ff:39:8f:d8:f2:53:96:
70:e2:7a:37
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENbB1fjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NTg4YjFiNTYwZjk5OGVjY2QzYTZlZmY0MDU0M2I1OTIwNGQ2N2I4MB4XDTIyMDEw
MTA0NTgxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI2YjM3NGVhNjQ5
MjczOWJhOGU4YWUwZDBiNzdjZTkzNDdlMTlhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKL2iRJ4FQq/abfwbsTo79JSQUCKbjiFJrY7YwB9P/LjigOy
CmCGt+sNZxHMjaHOrI37T+EEgeO3SGMAD2kYW9J371zhzW+g2mqXogejFUd8ILqq
x6bX6id/O4iH3km04PVhAexBy6QXRI8VnFyQwVSqTixYEb72eA+e0eKJ01vjXQNw
wjjlXiUEzpC6k6EfLIqjEYQhLMt96XyFcfjBcrdL9evxdXVFeBie3j4Flcew51dQ
BNXQVpVzf6sJ+7Q6LPbqi9pvyl15BxTUm8n1/Z/MtV2vH4MDzaK+iz5HAEcjcgnK
V+lvelSW7AtYyOZU9tWMpHcXQs4ZGtRnkv9RWUUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRLazdOpkknObqOiuDQt3zpNH4ZozAfBgNVHSMEGDAWgBQliLG1YPmY7M06
bv9AVDtZIE1nuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pZaXh0V0Q1bU96Tk9tN19RRlE3V1NCTlo3Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvMThkNmQ1LTZjODYtNDJjMS04NGYxLTk5YTAxODk4ODhiNS8x
L1MyczNUcVpKSnptNmpvcmcwTGQ4NlRSLUdhTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
MThkNmQ1LTZjODYtNDJjMS04NGYxLTk5YTAxODk4ODhiNS8xL0pZaXh0V0Q1bU96
Tk9tN19RRlE3V1NCTlo3Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEBV65YDANBAIAAjAHAwUAKgNFgDAN
BgkqhkiG9w0BAQsFAAOCAQEAasU7iJkc8o/QBkW2LmsJdBI9wLabtcRoWCBaTy/k
fWipxegnEGlCb+DBVKgU833OZei+OxlXxTT9FIHrNxXS1bnhTYNE16iLYZ40hEmJ
hsAg5PmXxTqoUCDr30yW+r8HA9ldNeYkfI9m6ZSdOgWjyypQS4HBPdZYfwgaF8rO
Rf3Dr/YGye6f8JampOC0uA1DNmiLAoO6UNzArDt+TfNo3+S/B05/cbxDT8rhSTbE
+pHiQ8vM8pnxEJOwFYLL9ZyJKIKRj6s8oHsW5wYIKcIUreSh241tjfPErAHcLUqW
inodasv97Y9ImurX3zBHaDHGzWx3SPj/OY/Y8lOWcOJ6Nw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:06 2023 by rpki-client on console-fra.rpki-client.org