Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/AMa8rlyoIs2vnF27yA6_bAN-6dg.roa
File: AMa8rlyoIs2vnF27yA6_bAN-6dg.roa (raw, json)
Hash identifier: ghyXdraAPy/flXX1BbFgHwRwMRtej5r6PGpDLttrjdQ=
Subject key identifier: 00:C6:BC:AE:5C:A8:22:CD:AF:9C:5D:BB:C8:0E:BF:6C:03:7E:E9:D8
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 083C0961
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/AMa8rlyoIs2vnF27yA6_bAN-6dg.roa
Signing time: Thu 20 Jan 2022 21:53:50 +0000
ROA not before: Thu 20 Jan 2022 21:53:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48347
IP address blocks: 93.95.98.0/23 maxlen: 23
93.95.96.0/24 maxlen: 24
93.95.97.0/24 maxlen: 24
93.95.100.0/22 maxlen: 22
185.41.185.0/24 maxlen: 24
185.41.186.0/24 maxlen: 24
185.41.187.0/24 maxlen: 24
37.228.88.0/22 maxlen: 22
37.228.94.0/24 maxlen: 24
37.228.93.0/24 maxlen: 24
37.228.92.0/24 maxlen: 24
2a00:f440::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138152289 (0x83c0961)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 20 21:53:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00c6bcae5ca822cdaf9c5dbbc80ebf6c037ee9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1b:59:c3:45:22:93:a7:7a:b3:17:49:a9:01:
43:9e:38:e6:5a:e7:74:59:10:ed:68:5c:3c:a5:22:
55:99:12:9e:c5:a4:93:28:48:97:e2:ae:d6:dc:da:
96:d9:fb:50:7f:12:de:26:2e:c3:bc:f0:61:4b:78:
ce:e5:ab:00:6c:6d:ed:e5:13:7a:dd:44:3d:2a:36:
c2:e6:20:67:2e:64:ff:88:9f:45:d2:46:2b:ec:f6:
59:26:5a:c7:38:45:a1:90:07:df:54:a0:1d:98:0f:
ad:a0:5c:b3:b8:ca:c0:a3:31:ef:c4:5c:74:d4:ee:
00:eb:56:8d:18:e3:31:ce:61:96:e4:de:9e:37:0f:
1f:48:54:d9:0a:df:83:db:30:4b:1d:55:0c:84:5e:
35:23:4f:02:19:68:3f:b1:15:cf:96:df:e4:ed:25:
c5:92:f5:5f:64:c6:12:7c:63:52:8a:06:bf:3b:3f:
8f:d8:87:2b:1d:f3:dc:c1:2c:fd:d2:1f:c1:3b:9f:
6a:5e:ab:1b:1e:a3:1e:11:14:13:18:28:16:bd:25:
68:40:0d:85:c0:b5:1d:71:54:fd:38:d3:66:11:05:
a2:2f:99:83:b9:44:a2:74:fa:47:aa:dc:74:95:6c:
54:70:fc:6b:a2:57:6b:57:34:f6:4f:c0:4a:69:76:
d3:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C6:BC:AE:5C:A8:22:CD:AF:9C:5D:BB:C8:0E:BF:6C:03:7E:E9:D8
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/AMa8rlyoIs2vnF27yA6_bAN-6dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.88.0-37.228.94.255
93.95.96.0/21
185.41.185.0-185.41.187.255
IPv6:
2a00:f440::/32
Signature Algorithm: sha256WithRSAEncryption
1c:8a:39:a5:2e:61:b3:19:bb:dd:24:4a:6a:7c:8a:c5:3b:a7:
94:7a:38:9e:f9:e2:3b:cb:ad:f4:1c:20:e1:bb:a9:b9:ea:6d:
96:bd:a6:ce:5c:21:32:a9:8d:cf:2e:db:5d:12:9b:57:d7:2f:
6f:cd:45:bd:cf:a6:6e:6e:10:05:fc:bc:3b:6f:6c:5e:0f:41:
cb:ef:e3:05:de:41:a6:9b:f0:2e:b7:57:3e:7f:95:b2:58:4c:
b0:cd:3d:1f:68:cc:98:93:03:16:16:16:3c:a8:64:6d:49:95:
d7:40:59:9f:41:4b:53:b0:2f:05:97:85:4c:f0:d4:1c:9a:d7:
42:23:83:83:de:f3:e1:c7:2e:40:3c:74:49:2c:32:0a:6b:fd:
6e:27:3a:e8:ba:67:95:84:bc:f7:2e:11:95:47:53:97:bd:84:
67:e8:09:d9:19:61:13:83:38:ef:1b:80:d2:01:1d:7e:b9:b4:
3e:b9:c4:b4:6e:81:09:9d:52:cd:86:22:99:a5:2f:ed:8e:00:
d1:46:29:36:32:18:07:f2:57:7b:3e:8b:46:c4:9f:16:6c:55:
09:cf:f2:ad:b2:16:72:c7:34:ff:d8:f6:93:e3:53:d8:c7:36:
bf:c9:42:a6:d5:b3:21:f9:44:28:f6:4b:e0:c7:4c:45:c4:ea:
71:b1:c5:a8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIECDwJYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODkxYzQ0ODg2OTllNmQwMjRlMzljYzRkNjFlZWVhYmQzODAxMGZhMB4XDTIyMDEy
MDIxNTM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBjNmJjYWU1Y2E4
MjJjZGFmOWM1ZGJiYzgwZWJmNmMwMzdlZTlkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsbWcNFIpOnerMXSakBQ5445lrndFkQ7WhcPKUiVZkSnsWk
kyhIl+Ku1tzaltn7UH8S3iYuw7zwYUt4zuWrAGxt7eUTet1EPSo2wuYgZy5k/4if
RdJGK+z2WSZaxzhFoZAH31SgHZgPraBcs7jKwKMx78RcdNTuAOtWjRjjMc5hluTe
njcPH0hU2Qrfg9swSx1VDIReNSNPAhloP7EVz5bf5O0lxZL1X2TGEnxjUooGvzs/
j9iHKx3z3MEs/dIfwTufal6rGx6jHhEUExgoFr0laEANhcC1HXFU/TjTZhEFoi+Z
g7lEonT6R6rcdJVsVHD8a6JXa1c09k/ASml20ycCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBQAxryuXKgiza+cXbvIDr9sA37p2DAfBgNVHSMEGDAWgBSYkcRIhpnm0CTj
nMTWHu6r04AQ+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21KSEVTSWFaNXRBazQ1ekUxaDd1cTlPQUVQby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDdkZjAwLTg0NjgtNGMzOS1iZTk1LWUxMGE2MDU5NmMyNi8x
L0FNYThybHlvSXMydm5GMjd5QTZfYkFOLTZkZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDdkZjAwLTg0NjgtNGMzOS1iZTk1LWUxMGE2MDU5NmMyNi8xL21KSEVTSWFaNXRB
azQ1ekUxaDd1cTlPQUVQby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwKAQCAAEwIjAMAwQDJeRYAwQAJeReAwQDXV9gMAwD
BAC5KbkDBAK5KbgwDQQCAAIwBwMFACoA9EAwDQYJKoZIhvcNAQELBQADggEBAByK
OaUuYbMZu90kSmp8isU7p5R6OJ754jvLrfQcIOG7qbnqbZa9ps5cITKpjc8u210S
m1fXL2/NRb3Ppm5uEAX8vDtvbF4PQcvv4wXeQaab8C63Vz5/lbJYTLDNPR9ozJiT
AxYWFjyoZG1JlddAWZ9BS1OwLwWXhUzw1Bya10Ijg4Pe8+HHLkA8dEksMgpr/W4n
Oui6Z5WEvPcuEZVHU5e9hGfoCdkZYRODOO8bgNIBHX65tD65xLRugQmdUs2GIpml
L+2OANFGKTYyGAfyV3s+i0bEnxZsVQnP8q2yFnLHNP/Y9pPjU9jHNr/JQqbVsyH5
RCj2S+DHTEXE6nGxxag=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:31 2025 by rpki-client