Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/Srt_Av_R97K2TKDLKFQDdo673AU.roa
File: Srt_Av_R97K2TKDLKFQDdo673AU.roa (raw, json)
Hash identifier: 4DdP0alm7ENgKCvsvjdUPWWPyKkM62hTfPPt36C0s+g=
Subject key identifier: 4A:BB:7F:02:FF:D1:F7:B2:B6:4C:A0:CB:28:54:03:76:8E:BB:DC:05
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 0184379C737AA065420127EE863897258425
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/Srt_Av_R97K2TKDLKFQDdo673AU.roa
Signing time: Wed 02 Nov 2022 09:11:50 +0000
ROA not before: Wed 02 Nov 2022 09:11:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198252
IP address blocks: 94.250.38.0/24 maxlen: 24
94.250.37.0/24 maxlen: 24
94.250.44.0/22 maxlen: 22
94.250.40.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:9c:73:7a:a0:65:42:01:27:ee:86:38:97:25:84:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Nov 2 09:11:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4abb7f02ffd1f7b2b64ca0cb285403768ebbdc05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c3:34:dc:d2:2e:85:fe:3b:02:dd:2f:3b:36:
c6:58:d0:4c:55:37:5e:69:c9:f9:79:60:f5:08:9c:
20:06:96:8b:da:d1:87:aa:d9:ef:07:9e:64:ba:93:
9b:a8:d0:62:f0:8f:e6:ff:1c:99:fd:e7:3d:c0:8f:
5a:5b:63:fb:d8:9f:a6:46:ae:27:6e:18:9c:a8:fe:
8f:6d:f2:d7:4a:3b:99:db:00:17:bf:a5:d1:2d:a0:
d8:0f:a9:91:34:ba:04:e6:8c:f5:8c:3c:0e:d6:f9:
7b:01:d1:11:07:dd:88:85:6f:8a:48:91:97:8c:bc:
f6:21:fa:48:c2:2a:f8:3a:af:2f:7c:5d:9f:ed:7f:
0e:2d:d1:c7:10:f1:79:26:32:28:42:6f:90:02:07:
7b:f9:7f:4c:65:55:ab:96:f5:a3:67:b5:ef:bb:43:
e9:be:44:3f:b2:82:4c:66:4c:55:c5:87:c9:ba:20:
41:b8:7e:b9:14:5a:aa:52:98:36:4c:5f:a8:c9:fd:
8d:0b:d9:42:18:35:ed:d3:b6:0d:61:15:83:2b:cf:
54:4c:ba:ed:e3:2e:cb:17:c7:44:cb:25:32:00:db:
1d:ce:9a:49:30:c7:42:25:f6:25:ab:85:7c:e5:fa:
fc:69:20:98:ca:18:3c:83:10:2c:88:c9:ce:28:d5:
55:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:BB:7F:02:FF:D1:F7:B2:B6:4C:A0:CB:28:54:03:76:8E:BB:DC:05
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/Srt_Av_R97K2TKDLKFQDdo673AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.37.0-94.250.38.255
94.250.40.0/23
94.250.44.0/22
Signature Algorithm: sha256WithRSAEncryption
75:c7:e0:9d:2d:47:d9:05:ca:d7:50:0a:7d:94:3f:64:a9:8a:
9f:41:84:df:9a:7d:dc:61:04:d3:08:80:7c:ec:14:25:fa:11:
b7:97:65:36:59:54:15:90:28:45:24:11:3f:a1:29:e3:ec:90:
5c:bf:0d:7d:53:f3:8c:42:5c:ce:76:01:90:b7:ed:47:3c:97:
0b:d0:ab:21:1d:5d:b0:2a:9c:9c:ac:15:f4:41:6f:8d:e4:fb:
5b:82:78:2e:2a:3c:a4:16:c6:02:6b:a0:28:77:61:78:19:ab:
f2:89:ab:d1:d5:67:b7:e6:de:46:f3:58:4f:71:1c:4d:0c:21:
96:35:be:18:40:2a:12:c1:76:d1:f2:a6:65:80:46:f3:4a:13:
b4:b2:bf:2e:1e:02:d5:7a:61:d7:28:9f:53:de:54:cf:76:d5:
9c:b9:c1:fa:8c:c0:8f:e5:6e:ea:1e:39:c7:64:30:7a:a7:4a:
a0:79:73:bc:88:9e:76:7d:f8:af:ba:73:ad:80:35:f6:e2:6e:
a8:76:43:80:76:89:5f:19:68:af:6e:e2:2f:c0:5a:b9:ae:4e:
52:dc:1c:e6:a2:95:07:21:4f:2b:8a:a8:dd:b3:75:cd:46:5e:
e6:25:b8:a2:72:7d:40:8d:7f:66:58:53:1d:85:8b:5d:cb:a4:
7a:b3:49:59
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYQ3nHN6oGVCASfuhjiXJYQlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjIxMTAyMDkxMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWJiN2YwMmZmZDFmN2IyYjY0Y2EwY2IyODU0MDM3NjhlYmJkYzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAicM03NIuhf47At0vOzbGWNBMVTde
acn5eWD1CJwgBpaL2tGHqtnvB55kupObqNBi8I/m/xyZ/ec9wI9aW2P72J+mRq4n
bhicqP6PbfLXSjuZ2wAXv6XRLaDYD6mRNLoE5oz1jDwO1vl7AdERB92IhW+KSJGX
jLz2IfpIwir4Oq8vfF2f7X8OLdHHEPF5JjIoQm+QAgd7+X9MZVWrlvWjZ7Xvu0Pp
vkQ/soJMZkxVxYfJuiBBuH65FFqqUpg2TF+oyf2NC9lCGDXt07YNYRWDK89UTLrt
4y7LF8dEyyUyANsdzppJMMdCJfYlq4V85fr8aSCYyhg8gxAsiMnOKNVVoQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEq7fwL/0feytkygyyhUA3aOu9wFMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvU3J0X0F2X1I5N0syVEtETEtGUURkbzY3M0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABe+iUD
BABe+iYDBAFe+igDBAJe+iwwDQYJKoZIhvcNAQELBQADggEBAHXH4J0tR9kFytdQ
Cn2UP2Spip9BhN+afdxhBNMIgHzsFCX6EbeXZTZZVBWQKEUkET+hKePskFy/DX1T
84xCXM52AZC37Uc8lwvQqyEdXbAqnJysFfRBb43k+1uCeC4qPKQWxgJroCh3YXgZ
q/KJq9HVZ7fm3kbzWE9xHE0MIZY1vhhAKhLBdtHypmWARvNKE7Syvy4eAtV6Ydco
n1PeVM921Zy5wfqMwI/lbuoeOcdkMHqnSqB5c7yInnZ9+K+6c62ANfbibqh2Q4B2
iV8ZaK9u4i/AWrmuTlLcHOailQchTyuKqN2zdc1GXuYluKJyfUCNf2ZYUx2Fi13L
pHqzSVk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:16:28 2024 by rpki-client on console-ams.rpki-client.org