Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/aiIQQgV3XiD9XMCiTiBstqYQSjU.roa
File: aiIQQgV3XiD9XMCiTiBstqYQSjU.roa (raw, json)
Hash identifier: NARR4rBFuJSxBdYsAp3vG+i8NB6TPOwzQYpTpIbPFsc=
Subject key identifier: 6A:22:10:42:05:77:5E:20:FD:5C:C0:A2:4E:20:6C:B6:A6:10:4A:35
Certificate issuer: /CN=33954330349f57502a76ae6e99987efc3e3b8109
Certificate serial: 411F0F0C
Authority key identifier: 33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/aiIQQgV3XiD9XMCiTiBstqYQSjU.roa
Signing time: Fri 03 Jun 2022 06:23:20 +0000
ROA not before: Fri 03 Jun 2022 06:23:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209928
IP address blocks: 94.231.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1092554508 (0x411f0f0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33954330349f57502a76ae6e99987efc3e3b8109
Validity
Not Before: Jun 3 06:23:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a22104205775e20fd5cc0a24e206cb6a6104a35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f5:c9:fb:12:cb:f0:04:30:c9:39:2f:75:60:
ab:cb:9d:c7:8b:bd:64:21:29:8a:b7:78:f8:c5:3c:
24:6a:fe:0f:c6:23:9f:47:37:fa:9b:b5:8e:e8:2c:
98:d0:b6:a4:1d:93:84:80:c1:72:d4:d6:ec:ec:d1:
99:74:60:5f:1e:48:73:8a:47:1e:48:02:54:1b:c9:
40:5e:2f:97:1c:26:d9:5b:d0:5c:23:7f:57:87:e3:
0f:38:70:27:7b:bb:23:80:7f:55:e2:8d:f6:eb:ad:
8e:ad:94:56:af:aa:36:ce:5a:03:a0:52:18:b5:00:
40:68:55:0b:15:ff:7c:c8:72:1b:9c:50:d4:af:c6:
5f:aa:4f:8f:08:63:e1:e5:b4:a5:14:17:f5:86:8b:
19:49:79:6a:99:f0:3b:45:69:82:b7:2c:16:e4:ad:
f5:d4:77:24:a0:ee:79:e2:d0:28:96:b8:8a:f6:0b:
e1:1b:c7:9e:d0:5b:8b:ab:d2:02:e5:93:e9:7f:91:
6c:73:d2:6d:a2:53:0b:84:e8:1a:7a:09:ba:e3:a0:
86:24:1a:f2:7a:83:12:82:40:ba:2f:16:62:26:9b:
ad:f3:14:87:3c:d4:1f:fa:1d:59:dc:ac:c4:d9:3d:
5b:76:c4:22:76:38:71:c8:25:84:1d:9b:38:ff:ba:
f2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:22:10:42:05:77:5E:20:FD:5C:C0:A2:4E:20:6C:B6:A6:10:4A:35
X509v3 Authority Key Identifier:
keyid:33:95:43:30:34:9F:57:50:2A:76:AE:6E:99:98:7E:FC:3E:3B:81:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M5VDMDSfV1Aqdq5umZh-_D47gQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/aiIQQgV3XiD9XMCiTiBstqYQSjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/0f19e9-1b2b-4812-ab5a-fdf84f83a274/1/M5VDMDSfV1Aqdq5umZh-_D47gQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.40.0/21
Signature Algorithm: sha256WithRSAEncryption
25:4c:e6:17:cb:c3:54:91:b3:fb:86:67:ad:f4:32:68:b0:2c:
4b:0e:87:02:75:89:06:a5:4d:41:a8:b3:56:7c:27:a7:42:13:
74:f9:06:ec:f0:4b:27:99:cd:e3:e3:96:6f:1d:47:90:50:79:
48:b9:d1:95:d0:1d:f2:12:e0:f1:6e:67:04:8b:bc:1e:b7:52:
de:3a:9c:17:9b:e3:d0:75:76:c2:1e:dd:c4:d3:7c:64:f3:59:
96:c2:99:67:f9:01:09:c8:1b:c4:65:ae:c1:df:fd:2a:fa:37:
d3:64:1d:c1:b0:05:a4:76:ab:c0:99:81:07:12:f2:90:d0:e4:
3c:21:4b:cb:e2:cc:8f:d6:ee:62:10:bc:5c:21:08:09:5b:61:
5e:28:54:cb:a3:b5:00:fa:68:80:e3:c1:a7:83:5f:90:7b:1d:
be:21:b8:05:d6:2c:56:73:9d:1c:a0:60:0a:62:49:e4:2b:d7:
4d:05:b7:a1:19:cf:01:27:44:42:0a:29:8f:69:eb:23:d9:19:
9f:a1:db:24:c3:85:4c:c9:e8:bf:72:53:e4:dd:74:5a:ec:8b:
c5:f5:82:3f:c4:e8:ab:82:c8:70:03:33:38:f8:c3:e3:d1:16:
b3:b5:2f:1f:b0:5c:b5:31:05:d8:73:3a:b3:ba:92:6b:2d:47:
d8:a5:2c:46
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEQR8PDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Mzk1NDMzMDM0OWY1NzUwMmE3NmFlNmU5OTk4N2VmYzNlM2I4MTA5MB4XDTIyMDYw
MzA2MjMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmEyMjEwNDIwNTc3
NWUyMGZkNWNjMGEyNGUyMDZjYjZhNjEwNGEzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAML1yfsSy/AEMMk5L3Vgq8udx4u9ZCEpird4+MU8JGr+D8Yj
n0c3+pu1jugsmNC2pB2ThIDBctTW7OzRmXRgXx5Ic4pHHkgCVBvJQF4vlxwm2VvQ
XCN/V4fjDzhwJ3u7I4B/VeKN9uutjq2UVq+qNs5aA6BSGLUAQGhVCxX/fMhyG5xQ
1K/GX6pPjwhj4eW0pRQX9YaLGUl5apnwO0VpgrcsFuSt9dR3JKDueeLQKJa4ivYL
4RvHntBbi6vSAuWT6X+RbHPSbaJTC4ToGnoJuuOghiQa8nqDEoJAui8WYiabrfMU
hzzUH/odWdysxNk9W3bEInY4ccglhB2bOP+68jMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRqIhBCBXdeIP1cwKJOIGy2phBKNTAfBgNVHSMEGDAWgBQzlUMwNJ9XUCp2
rm6ZmH78PjuBCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L001VkRNRFNmVjFBcWRxNXVtWmgtX0Q0N2dRay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvMGYxOWU5LTFiMmItNDgxMi1hYjVhLWZkZjg0ZjgzYTI3NC8x
L2FpSVFRZ1YzWGlEOVhNQ2lUaUJzdHFZUVNqVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
MGYxOWU5LTFiMmItNDgxMi1hYjVhLWZkZjg0ZjgzYTI3NC8xL001VkRNRFNmVjFB
cWRxNXVtWmgtX0Q0N2dRay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA17nKDANBgkqhkiG9w0BAQsFAAOC
AQEAJUzmF8vDVJGz+4ZnrfQyaLAsSw6HAnWJBqVNQaizVnwnp0ITdPkG7PBLJ5nN
4+OWbx1HkFB5SLnRldAd8hLg8W5nBIu8HrdS3jqcF5vj0HV2wh7dxNN8ZPNZlsKZ
Z/kBCcgbxGWuwd/9Kvo302QdwbAFpHarwJmBBxLykNDkPCFLy+LMj9buYhC8XCEI
CVthXihUy6O1APpogOPBp4NfkHsdviG4BdYsVnOdHKBgCmJJ5CvXTQW3oRnPASdE
Qgopj2nrI9kZn6HbJMOFTMnov3JT5N10WuyLxfWCP8Toq4LIcAMzOPjD49EWs7Uv
H7BctTEF2HM6s7qSay1H2KUsRg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:52 2023 by rpki-client on console-ams.rpki-client.org