Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/mJsZwlIK1CuLR2Yf3yAv3fj3nIc.roa
File: mJsZwlIK1CuLR2Yf3yAv3fj3nIc.roa (raw, json)
Hash identifier: 5vlTwR4uLnSTNUW8TlakxJ8FmiNnzDC10G/QQY8ypR4=
Subject key identifier: 98:9B:19:C2:52:0A:D4:2B:8B:47:66:1F:DF:20:2F:DD:F8:F7:9C:87
Certificate issuer: /CN=583d76051017d0afa915fcfb790a00f4667b0a88
Certificate serial: 018302B299A30616538176E18E5FB7B6F70C
Authority key identifier: 58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/mJsZwlIK1CuLR2Yf3yAv3fj3nIc.roa
Signing time: Sat 03 Sep 2022 09:33:22 +0000
ROA not before: Sat 03 Sep 2022 09:33:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 94.184.0.0/19 maxlen: 24
94.184.32.0/21 maxlen: 24
94.184.44.0/24 maxlen: 24
94.184.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:02:b2:99:a3:06:16:53:81:76:e1:8e:5f:b7:b6:f7:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583d76051017d0afa915fcfb790a00f4667b0a88
Validity
Not Before: Sep 3 09:33:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=989b19c2520ad42b8b47661fdf202fddf8f79c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3d:25:ba:f8:e3:17:06:54:1b:51:14:1f:e3:
ac:fb:fc:4b:d7:3f:7c:ff:ed:03:ec:f2:b7:a8:40:
26:89:a6:e5:db:47:a3:4f:e4:1a:65:76:25:1f:08:
28:85:9a:b6:c7:48:d0:f8:b7:70:82:0d:45:93:32:
a3:90:c6:80:43:40:92:b7:38:da:5b:76:3f:32:12:
d6:05:27:23:f9:70:63:3b:d2:89:ac:34:64:24:ec:
4e:c4:42:2b:ea:89:8e:85:7c:26:0a:8a:29:cb:7e:
3c:0a:a0:90:81:c8:11:40:18:57:84:bb:a3:b7:5c:
cf:21:d4:a3:26:62:16:e3:43:32:12:20:89:e7:ff:
4e:39:0a:90:18:94:dc:83:1e:ba:88:5a:d4:17:4c:
4b:3d:b7:75:10:27:70:20:1b:2e:7b:88:91:5c:9d:
12:a1:75:9f:a0:3c:10:eb:07:28:f4:88:1e:f3:2f:
58:1d:63:d0:97:c6:f8:5d:0b:a5:56:44:03:c3:1c:
e4:e0:6e:3b:0d:c0:3e:1a:6c:17:c6:96:84:95:66:
26:41:2f:4e:ba:79:8f:65:f8:aa:a2:0a:c4:ad:47:
bf:12:61:0a:81:37:b4:7e:b8:fc:99:59:c3:8b:43:
46:51:4c:4e:60:98:c0:5d:a1:ae:ba:4d:b1:6c:ee:
0b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:9B:19:C2:52:0A:D4:2B:8B:47:66:1F:DF:20:2F:DD:F8:F7:9C:87
X509v3 Authority Key Identifier:
keyid:58:3D:76:05:10:17:D0:AF:A9:15:FC:FB:79:0A:00:F4:66:7B:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD12BRAX0K-pFfz7eQoA9GZ7Cog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/mJsZwlIK1CuLR2Yf3yAv3fj3nIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/4f1b27-326a-4679-a64b-da6153885f3b/1/WD12BRAX0K-pFfz7eQoA9GZ7Cog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.184.0.0-94.184.44.255
Signature Algorithm: sha256WithRSAEncryption
aa:0b:3b:39:a3:6d:3c:1f:f6:0d:e4:7b:5f:e1:d8:4e:ce:42:
38:20:fa:fb:f7:98:e8:39:7d:ad:33:e7:eb:cd:39:11:90:09:
8b:b3:d5:75:f1:3d:9d:ea:a5:b9:b7:5f:3e:92:f0:c2:21:03:
e9:cc:ff:e3:90:f8:4a:a9:1b:88:77:c0:8a:28:1f:14:69:af:
34:0d:05:d6:c7:cc:1d:c1:00:8d:85:c8:fd:17:bb:75:10:27:
c1:80:09:8c:06:2b:bd:b5:76:30:fb:6e:7e:3b:ef:c1:16:c3:
00:ef:67:2a:3f:35:1a:47:4d:b2:9f:39:f8:0e:16:00:d4:cb:
df:00:2d:ff:4f:f3:97:e2:ab:5b:ee:73:36:1c:81:80:90:aa:
49:ce:b5:fe:c2:fd:1c:49:2f:d2:fd:9c:f7:d5:22:4d:99:37:
8b:6f:88:7d:d5:36:d0:09:79:b0:01:96:3a:06:9a:83:06:ff:
14:46:2b:04:c5:ad:d1:4a:8e:8b:39:ac:8b:50:56:6d:c2:4f:
db:e5:a0:87:47:5b:6d:03:20:80:58:a2:67:a5:49:b9:6e:33:
b4:ba:31:d9:24:b2:25:03:e9:50:c2:71:c1:5f:35:86:58:ab:
c1:e1:d8:3f:4e:42:12:7a:ec:fe:6e:96:22:0e:a3:b3:66:98:
e5:2a:da:20
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYMCspmjBhZTgXbhjl+3tvcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2Q3NjA1MTAxN2QwYWZhOTE1ZmNmYjc5MGEwMGY0NjY3
YjBhODgwHhcNMjIwOTAzMDkzMzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODliMTljMjUyMGFkNDJiOGI0NzY2MWZkZjIwMmZkZGY4Zjc5Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuj0luvjjFwZUG1EUH+Os+/xL1z98
/+0D7PK3qEAmiabl20ejT+QaZXYlHwgohZq2x0jQ+Ldwgg1FkzKjkMaAQ0CStzja
W3Y/MhLWBScj+XBjO9KJrDRkJOxOxEIr6omOhXwmCoopy348CqCQgcgRQBhXhLuj
t1zPIdSjJmIW40MyEiCJ5/9OOQqQGJTcgx66iFrUF0xLPbd1ECdwIBsue4iRXJ0S
oXWfoDwQ6wco9Ige8y9YHWPQl8b4XQulVkQDwxzk4G47DcA+GmwXxpaElWYmQS9O
unmPZfiqogrErUe/EmEKgTe0frj8mVnDi0NGUUxOYJjAXaGuuk2xbO4LFQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFJibGcJSCtQri0dmH98gL93495yHMB8GA1UdIwQY
MBaAFFg9dgUQF9CvqRX8+3kKAPRmewqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGIt
ZGE2MTUzODg1ZjNiLzEvbUpzWndsSUsxQ3VMUjJZZjN5QXYzZmozbkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC80ZjFiMjctMzI2YS00Njc5LWE2NGItZGE2MTUzODg1ZjNi
LzEvV0QxMkJSQVgwSy1wRmZ6N2VRb0E5R1o3Q29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwNeuAME
AF64LDANBgkqhkiG9w0BAQsFAAOCAQEAqgs7OaNtPB/2DeR7X+HYTs5COCD6+/eY
6Dl9rTPn6805EZAJi7PVdfE9neqlubdfPpLwwiED6cz/45D4SqkbiHfAiigfFGmv
NA0F1sfMHcEAjYXI/Re7dRAnwYAJjAYrvbV2MPtufjvvwRbDAO9nKj81GkdNsp85
+A4WANTL3wAt/0/zl+KrW+5zNhyBgJCqSc61/sL9HEkv0v2c99UiTZk3i2+IfdU2
0Al5sAGWOgaagwb/FEYrBMWt0UqOizmsi1BWbcJP2+Wgh0dbbQMggFiiZ6VJuW4z
tLox2SSyJQPpUMJxwV81hlirweHYP05CEnrs/m6WIg6js2aY5SraIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:22 2024 by rpki-client on console-fra.rpki-client.org