Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4af898-21cb-4d8d-a63f-1dc967d56409/1/afGxGpaB-PRxOySDhfXMLIQCuSc.roa
File: afGxGpaB-PRxOySDhfXMLIQCuSc.roa (raw, json)
Hash identifier: SIWqWJgDc3N5ElAfviOKVSa+HxR3gmIrfmm+q4XpOlA=
Subject key identifier: 69:F1:B1:1A:96:81:F8:F4:71:3B:24:83:85:F5:CC:2C:84:02:B9:27
Certificate issuer: /CN=4956f3084d9310efa1bc07ef31f934b2941f103e
Certificate serial: 018572B43DB4AEAEBD54DC3672064DECE6C6
Authority key identifier: 49:56:F3:08:4D:93:10:EF:A1:BC:07:EF:31:F9:34:B2:94:1F:10:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVbzCE2TEO-hvAfvMfk0spQfED4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/4af898-21cb-4d8d-a63f-1dc967d56409/1/afGxGpaB-PRxOySDhfXMLIQCuSc.roa
Signing time: Mon 02 Jan 2023 13:38:12 +0000
ROA not before: Mon 02 Jan 2023 13:38:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6798
IP address blocks: 194.177.128.0/19 maxlen: 19
94.136.96.0/20 maxlen: 20
2a00:12e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:3d:b4:ae:ae:bd:54:dc:36:72:06:4d:ec:e6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4956f3084d9310efa1bc07ef31f934b2941f103e
Validity
Not Before: Jan 2 13:38:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69f1b11a9681f8f4713b248385f5cc2c8402b927
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8b:f4:09:c6:c4:8f:89:da:3f:1e:8f:09:6a:
66:a0:9d:a4:b7:0c:02:2c:73:a0:23:00:28:e1:8d:
5e:0c:35:06:4a:f7:93:48:31:f5:8f:58:61:08:04:
55:24:e6:85:3b:a2:1d:a8:95:54:86:a1:e6:d4:f1:
e6:c4:fc:79:78:12:d7:79:a4:0c:1c:00:0d:a6:91:
95:62:a1:05:92:ce:d6:70:f6:5c:37:ed:16:ac:26:
74:a2:09:66:26:b7:db:43:74:1e:09:57:57:5b:f8:
ee:75:d6:1d:ea:9b:c0:25:72:8b:50:db:ca:41:aa:
d6:c7:4e:69:ec:ec:f8:4d:8c:30:e9:50:13:af:f5:
27:ce:22:2e:93:cc:be:86:a6:7d:8e:e9:a3:60:68:
df:fe:b5:97:33:d9:54:c8:c6:5b:85:7e:b7:ad:95:
9c:73:51:3c:56:8d:b9:0a:6d:80:a1:ee:76:ee:4c:
d4:5a:c2:7b:1d:88:9b:a5:11:55:7e:be:75:6e:2d:
b4:5e:3f:fa:29:2a:d4:54:e0:b4:34:fb:ab:85:aa:
d9:6b:2c:be:1f:05:6a:44:24:53:39:12:39:1b:40:
d6:a9:b7:24:7f:22:9d:4b:22:e5:87:29:e9:19:9c:
1d:18:d2:68:7a:e6:fc:c1:cb:80:6b:53:d5:8e:c9:
b7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F1:B1:1A:96:81:F8:F4:71:3B:24:83:85:F5:CC:2C:84:02:B9:27
X509v3 Authority Key Identifier:
keyid:49:56:F3:08:4D:93:10:EF:A1:BC:07:EF:31:F9:34:B2:94:1F:10:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVbzCE2TEO-hvAfvMfk0spQfED4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4af898-21cb-4d8d-a63f-1dc967d56409/1/afGxGpaB-PRxOySDhfXMLIQCuSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4af898-21cb-4d8d-a63f-1dc967d56409/1/SVbzCE2TEO-hvAfvMfk0spQfED4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.136.96.0/20
194.177.128.0/19
IPv6:
2a00:12e0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:ce:9d:74:1c:43:e4:37:65:ba:c4:29:e0:95:40:37:6a:0e:
f8:65:40:b0:8c:ec:aa:82:00:2c:3c:27:d1:82:f8:87:8f:d0:
4e:f5:24:ba:a9:9e:9a:25:44:11:47:f4:06:b4:67:0d:ab:00:
f6:c6:36:e6:5b:64:e1:9f:dd:1b:0c:1f:84:28:70:79:4f:e2:
28:82:d6:2e:66:9d:0a:ea:49:00:fe:b7:e5:f7:f7:e0:00:1f:
82:5f:bf:a5:8f:06:3d:87:3d:a5:a0:91:a0:62:39:42:9c:bf:
16:8e:b3:a3:2a:2f:0f:20:2c:d0:c8:94:76:02:90:04:e7:ed:
4b:08:0f:33:4b:ba:c5:00:fe:c1:69:8b:aa:e8:52:7c:18:a5:
1c:c9:ba:f3:97:7f:4c:50:ac:45:6b:c4:20:23:30:97:59:54:
d3:52:5f:0f:1c:d3:fe:58:8f:83:68:00:db:e0:35:8a:38:74:
91:eb:c2:bc:3a:1b:1d:36:51:05:a4:6e:03:cb:8d:61:fc:84:
bf:a1:a6:d1:a5:c9:d3:b0:18:fd:18:9a:94:2f:0b:6a:7d:71:
cf:95:07:01:07:57:d2:73:79:d4:ef:50:ac:0e:70:8e:ae:22:
b3:e4:ac:2f:fe:b6:82:15:2e:94:ce:79:df:b4:93:c5:37:ae:
a0:c3:bc:81
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVytD20rq69VNw2cgZN7ObGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NTZmMzA4NGQ5MzEwZWZhMWJjMDdlZjMxZjkzNGIyOTQx
ZjEwM2UwHhcNMjMwMTAyMTMzODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWYxYjExYTk2ODFmOGY0NzEzYjI0ODM4NWY1Y2MyYzg0MDJiOTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4v0CcbEj4naPx6PCWpmoJ2ktwwC
LHOgIwAo4Y1eDDUGSveTSDH1j1hhCARVJOaFO6IdqJVUhqHm1PHmxPx5eBLXeaQM
HAANppGVYqEFks7WcPZcN+0WrCZ0oglmJrfbQ3QeCVdXW/juddYd6pvAJXKLUNvK
QarWx05p7Oz4TYww6VATr/UnziIuk8y+hqZ9jumjYGjf/rWXM9lUyMZbhX63rZWc
c1E8Vo25Cm2Aoe527kzUWsJ7HYibpRFVfr51bi20Xj/6KSrUVOC0NPurharZayy+
HwVqRCRTORI5G0DWqbckfyKdSyLlhynpGZwdGNJoeub8wcuAa1PVjsm3BQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGnxsRqWgfj0cTskg4X1zCyEArknMB8GA1UdIwQY
MBaAFElW8whNkxDvobwH7zH5NLKUHxA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1ZiekNFMlRFTy1odkFmdk1mazBzcFFmRUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My80YWY4OTgtMjFjYi00ZDhkLWE2M2Yt
MWRjOTY3ZDU2NDA5LzEvYWZHeEdwYUItUFJ4T3lTRGhmWE1MSVFDdVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My80YWY4OTgtMjFjYi00ZDhkLWE2M2YtMWRjOTY3ZDU2NDA5
LzEvU1ZiekNFMlRFTy1odkFmdk1mazBzcFFmRUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEXohgAwQF
wrGAMA0EAgACMAcDBQAqABLgMA0GCSqGSIb3DQEBCwUAA4IBAQBezp10HEPkN2W6
xCnglUA3ag74ZUCwjOyqggAsPCfRgviHj9BO9SS6qZ6aJUQRR/QGtGcNqwD2xjbm
W2Thn90bDB+EKHB5T+IogtYuZp0K6kkA/rfl9/fgAB+CX7+ljwY9hz2loJGgYjlC
nL8WjrOjKi8PICzQyJR2ApAE5+1LCA8zS7rFAP7BaYuq6FJ8GKUcybrzl39MUKxF
a8QgIzCXWVTTUl8PHNP+WI+DaADb4DWKOHSR68K8OhsdNlEFpG4Dy41h/IS/oabR
pcnTsBj9GJqULwtqfXHPlQcBB1fSc3nU71CsDnCOriKz5Kwv/raCFS6UznnftJPF
N66gw7yB
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:38 2025 by rpki-client