Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/jLPO66Oi1RghRSK0shuR9gV-ekQ.roa
File: jLPO66Oi1RghRSK0shuR9gV-ekQ.roa (raw, json)
Hash identifier: i2PMsmmNH2mp2PrQHhWELzfPlqTkT/MzNd6b9+FKCsM=
Subject key identifier: 8C:B3:CE:EB:A3:A2:D5:18:21:45:22:B4:B2:1B:91:F6:05:7E:7A:44
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 018437A22E9717D7C8024CC4AE0E1D50C0F5
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/jLPO66Oi1RghRSK0shuR9gV-ekQ.roa
Signing time: Wed 02 Nov 2022 09:18:06 +0000
ROA not before: Wed 02 Nov 2022 09:18:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39826
IP address blocks: 94.250.32.0/23 maxlen: 23
94.250.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:a2:2e:97:17:d7:c8:02:4c:c4:ae:0e:1d:50:c0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Nov 2 09:18:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8cb3ceeba3a2d518214522b4b21b91f6057e7a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6b:05:cb:e5:a7:c6:21:75:56:07:d7:ae:59:
46:7e:d3:1f:9c:b7:21:ec:6e:69:21:b3:43:cf:ec:
76:65:25:e4:17:ee:66:08:e0:3f:a5:ee:a2:46:ba:
3e:9e:06:7d:94:a8:47:09:85:15:f5:24:cd:98:3a:
d8:11:29:62:9f:ff:44:45:04:29:a6:9a:6f:56:4c:
c1:ac:b8:35:14:b2:1c:7a:64:fa:a4:0c:1c:9c:77:
ee:2a:c4:32:9b:b4:81:b0:91:c4:78:f3:04:15:5f:
6a:37:5b:53:15:4c:e8:73:44:12:c9:e1:bc:c6:9f:
6c:f9:20:3d:ba:72:d5:da:a7:21:9b:6f:2f:8b:73:
c3:ab:82:fe:c5:83:4d:f2:18:35:52:d9:80:6b:22:
31:ca:fe:80:2d:5c:15:54:47:cc:bc:63:fe:c5:3c:
2a:f1:8d:ee:f7:11:52:b0:a5:86:53:09:21:56:52:
1b:be:74:10:42:42:84:5f:1a:bc:39:bc:f4:00:8b:
a2:c4:13:75:3f:fb:9e:87:46:bf:47:15:7e:27:7e:
ae:b9:a0:d2:57:fd:14:ad:93:7a:2a:32:de:33:f6:
ec:14:54:1f:24:c9:d5:61:10:be:02:b7:94:29:ad:
7d:d8:02:b9:5c:70:de:76:60:47:02:60:4e:06:84:
1f:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B3:CE:EB:A3:A2:D5:18:21:45:22:B4:B2:1B:91:F6:05:7E:7A:44
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/jLPO66Oi1RghRSK0shuR9gV-ekQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.32.0/23
Signature Algorithm: sha256WithRSAEncryption
90:a4:8c:c0:a0:36:8d:fe:d8:b6:f5:34:69:6e:78:43:02:21:
b0:7c:13:6b:bd:7c:5e:46:50:19:b7:51:e3:f4:f2:e3:7c:98:
94:81:e5:ee:d6:7e:af:95:83:fc:02:19:86:3b:77:c8:c6:08:
33:c6:4e:01:88:99:10:3d:df:e0:ea:d5:44:62:20:b3:50:4e:
10:c3:3d:d9:19:47:46:7a:3f:fb:0c:34:2e:be:55:02:d8:fa:
ab:ce:cf:68:ef:3a:f2:1f:11:c7:6f:b6:43:14:14:d8:ac:fd:
0c:06:43:dc:fa:84:d3:b5:72:42:0f:99:55:04:41:15:39:94:
d7:56:3f:10:ae:86:69:76:69:83:2b:2e:c2:83:48:1b:de:27:
46:89:5b:4c:7d:7a:e6:72:4a:e8:cc:b5:b2:28:32:4d:09:7a:
68:99:aa:a6:6c:0f:56:5c:55:e5:1d:1b:59:3b:f4:1a:91:ee:
ff:61:96:d0:e6:30:93:f4:5a:ec:78:4a:38:30:53:1d:a4:49:
e5:a0:dd:3a:73:b1:1b:cc:15:20:80:ad:94:fc:14:e1:e1:e5:
e2:4c:0e:96:b2:a9:40:0f:85:87:dc:e4:4e:95:7b:d2:b1:b8:
ce:05:80:fb:c1:1c:39:bd:21:41:2d:31:48:bc:57:2b:49:78:
42:e4:a8:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ3oi6XF9fIAkzErg4dUMD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjIxMTAyMDkxODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2IzY2VlYmEzYTJkNTE4MjE0NTIyYjRiMjFiOTFmNjA1N2U3YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGsFy+WnxiF1VgfXrllGftMfnLch
7G5pIbNDz+x2ZSXkF+5mCOA/pe6iRro+ngZ9lKhHCYUV9STNmDrYESlin/9ERQQp
pppvVkzBrLg1FLIcemT6pAwcnHfuKsQym7SBsJHEePMEFV9qN1tTFUzoc0QSyeG8
xp9s+SA9unLV2qchm28vi3PDq4L+xYNN8hg1UtmAayIxyv6ALVwVVEfMvGP+xTwq
8Y3u9xFSsKWGUwkhVlIbvnQQQkKEXxq8Obz0AIuixBN1P/ueh0a/RxV+J36uuaDS
V/0UrZN6KjLeM/bsFFQfJMnVYRC+AreUKa192AK5XHDedmBHAmBOBoQfNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIyzzuujotUYIUUitLIbkfYFfnpEMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvakxQTzY2T2kxUmdoUlNLMHNodVI5Z1YtZWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXvogMA0G
CSqGSIb3DQEBCwUAA4IBAQCQpIzAoDaN/ti29TRpbnhDAiGwfBNrvXxeRlAZt1Hj
9PLjfJiUgeXu1n6vlYP8AhmGO3fIxggzxk4BiJkQPd/g6tVEYiCzUE4Qwz3ZGUdG
ej/7DDQuvlUC2Pqrzs9o7zryHxHHb7ZDFBTYrP0MBkPc+oTTtXJCD5lVBEEVOZTX
Vj8QroZpdmmDKy7Cg0gb3idGiVtMfXrmckrozLWyKDJNCXpomaqmbA9WXFXlHRtZ
O/Qake7/YZbQ5jCT9FrseEo4MFMdpEnloN06c7EbzBUggK2U/BTh4eXiTA6WsqlA
D4WH3OROlXvSsbjOBYD7wRw5vSFBLTFIvFcrSXhC5Kgz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:58 2024 by rpki-client on console-fra.rpki-client.org