Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/AXXf37k_w5qnREPPcNAg15Uocys.roa
File: AXXf37k_w5qnREPPcNAg15Uocys.roa (raw, json)
Hash identifier: QsTdH1rcn2IJZzMoUbpdOg4f/PsPoPSqM4NTRqpyCtg=
Subject key identifier: 01:75:DF:DF:B9:3F:C3:9A:A7:44:43:CF:70:D0:20:D7:95:28:73:2B
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 01856F9E0512470C3678FA8C69BA761D1FA1
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/AXXf37k_w5qnREPPcNAg15Uocys.roa
Signing time: Sun 01 Jan 2023 23:15:04 +0000
ROA not before: Sun 01 Jan 2023 23:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48347
IP address blocks: 93.95.98.0/23 maxlen: 23
93.95.96.0/24 maxlen: 24
93.95.97.0/24 maxlen: 24
93.95.100.0/22 maxlen: 22
185.41.185.0/24 maxlen: 24
185.41.186.0/24 maxlen: 24
185.41.187.0/24 maxlen: 24
37.228.88.0/22 maxlen: 22
37.228.94.0/24 maxlen: 24
37.228.93.0/24 maxlen: 24
37.228.92.0/24 maxlen: 24
2a00:f440::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:9e:05:12:47:0c:36:78:fa:8c:69:ba:76:1d:1f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 1 23:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0175dfdfb93fc39aa74443cf70d020d79528732b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:77:01:c0:89:e3:95:e0:33:f9:70:6c:1e:bd:
26:1a:0d:b8:8f:02:68:c4:d2:9f:2e:06:a3:b6:b7:
cb:65:12:a0:4a:23:f4:2f:68:fa:93:5d:ef:7a:34:
e1:0e:35:ad:32:7f:27:0d:9d:f7:3c:23:8e:46:0e:
f6:bc:ed:09:dc:27:39:41:27:86:94:c2:1f:7c:8d:
92:37:41:c5:c0:79:f8:97:de:77:3c:02:57:2e:16:
f6:a0:b7:0f:af:90:aa:cf:7e:e7:43:d8:fa:90:54:
45:e7:35:43:33:d0:68:1a:a9:1d:a3:37:dd:8b:29:
de:75:33:4d:b6:7c:1a:03:f5:2d:4f:c1:e8:1e:16:
b6:56:7e:9d:1c:85:47:64:3f:91:9c:28:12:f8:be:
fd:17:92:da:26:7b:5d:e4:3d:d5:d1:ef:ab:91:a8:
be:9a:b0:de:9a:64:0f:67:38:c6:32:4b:87:47:97:
50:43:a0:00:56:3e:b5:4b:28:5a:3c:c5:f1:98:d8:
78:b5:ff:13:bc:80:9f:7e:7b:f3:05:79:25:e4:d2:
4f:2f:fa:84:fa:d6:94:d4:a1:d4:ca:15:10:2a:05:
27:87:d5:bc:fc:89:34:bb:d2:98:97:8f:d9:bc:68:
77:b5:2d:44:63:03:59:a6:14:5d:ce:32:57:e1:3d:
6e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:75:DF:DF:B9:3F:C3:9A:A7:44:43:CF:70:D0:20:D7:95:28:73:2B
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/AXXf37k_w5qnREPPcNAg15Uocys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.88.0-37.228.94.255
93.95.96.0/21
185.41.185.0-185.41.187.255
IPv6:
2a00:f440::/32
Signature Algorithm: sha256WithRSAEncryption
6c:5b:f8:78:41:4b:48:03:50:1d:91:85:eb:e2:45:c8:6b:64:
2a:75:da:0b:fc:e8:fd:2a:1d:f9:41:a5:78:cf:1e:13:90:ff:
da:55:a7:e2:26:ad:14:60:64:4c:1f:43:e7:0c:bd:c1:91:1b:
c3:e3:a6:92:27:7c:7a:b4:45:11:08:ba:fb:5b:77:63:17:3f:
08:e9:f4:c9:d8:67:45:f1:cd:1f:09:30:1c:95:45:40:0a:75:
1e:b6:fd:4c:bb:fc:ad:0e:d0:a6:ed:3c:7a:a5:fc:e0:d0:2e:
a8:34:58:f2:fe:c8:01:9c:52:38:b1:f0:90:d7:50:c2:52:eb:
55:92:0a:4d:76:b2:0a:16:75:f4:36:59:03:1d:58:f4:49:24:
fd:eb:c9:cf:82:44:a0:c7:3f:d2:15:51:e9:32:dd:a7:c8:33:
36:91:7c:03:ce:e5:22:67:e9:3f:05:88:86:d3:94:46:35:8b:
8b:90:da:b2:94:29:19:75:5a:63:64:8d:5a:5a:68:23:2f:dd:
ba:f8:0c:82:c6:ee:44:0e:13:b0:e6:34:55:cb:7f:1a:54:e7:
e9:a2:91:10:cb:cb:bc:58:da:ba:e6:09:6e:68:26:6e:2a:fc:
3a:72:1e:75:eb:01:26:77:69:80:9c:e7:26:f1:36:73:b2:d4:
06:24:ff:ed
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVvngUSRww2ePqMabp2HR+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjMwMTAxMjMxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTc1ZGZkZmI5M2ZjMzlhYTc0NDQzY2Y3MGQwMjBkNzk1Mjg3MzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3cBwInjleAz+XBsHr0mGg24jwJo
xNKfLgajtrfLZRKgSiP0L2j6k13vejThDjWtMn8nDZ33PCOORg72vO0J3Cc5QSeG
lMIffI2SN0HFwHn4l953PAJXLhb2oLcPr5Cqz37nQ9j6kFRF5zVDM9BoGqkdozfd
iynedTNNtnwaA/UtT8HoHha2Vn6dHIVHZD+RnCgS+L79F5LaJntd5D3V0e+rkai+
mrDemmQPZzjGMkuHR5dQQ6AAVj61SyhaPMXxmNh4tf8TvICffnvzBXkl5NJPL/qE
+taU1KHUyhUQKgUnh9W8/Ik0u9KYl4/ZvGh3tS1EYwNZphRdzjJX4T1ugQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFAF139+5P8Oap0RDz3DQINeVKHMrMB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvQVhYZjM3a193NXFuUkVQUGNOQWcxNVVvY3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAMl5FgD
BAAl5F4DBANdX2AwDAMEALkpuQMEArkpuDANBAIAAjAHAwUAKgD0QDANBgkqhkiG
9w0BAQsFAAOCAQEAbFv4eEFLSANQHZGF6+JFyGtkKnXaC/zo/Sod+UGleM8eE5D/
2lWn4iatFGBkTB9D5wy9wZEbw+Omkid8erRFEQi6+1t3Yxc/COn0ydhnRfHNHwkw
HJVFQAp1Hrb9TLv8rQ7Qpu08eqX84NAuqDRY8v7IAZxSOLHwkNdQwlLrVZIKTXay
ChZ19DZZAx1Y9Ekk/evJz4JEoMc/0hVR6TLdp8gzNpF8A87lImfpPwWIhtOURjWL
i5DaspQpGXVaY2SNWlpoIy/duvgMgsbuRA4TsOY0Vct/GlTn6aKREMvLvFjauuYJ
bmgmbir8OnIedesBJndpgJznJvE2c7LUBiT/7Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:06 2025 by rpki-client