Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/XqsAqz2lXU3l_-JXqhfSU3EqM-I.roa
File: XqsAqz2lXU3l_-JXqhfSU3EqM-I.roa (raw, json)
Hash identifier: e6qoj8GK3uWmPZun17r3zwWUu/bfUuTuJuDocQSD6nM=
Subject key identifier: 5E:AB:00:AB:3D:A5:5D:4D:E5:FF:E2:57:AA:17:D2:53:71:2A:33:E2
Certificate issuer: /CN=ac8a69ecb787cce9892dc65480463fb088b613df
Certificate serial: 33E6313E
Authority key identifier: AC:8A:69:EC:B7:87:CC:E9:89:2D:C6:54:80:46:3F:B0:88:B6:13:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rIpp7LeHzOmJLcZUgEY_sIi2E98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/XqsAqz2lXU3l_-JXqhfSU3EqM-I.roa
Signing time: Sat 01 Jan 2022 01:50:56 +0000
ROA not before: Sat 01 Jan 2022 01:50:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44946
IP address blocks: 93.94.135.0/24 maxlen: 24
194.187.64.0/22 maxlen: 24
195.49.152.0/22 maxlen: 24
185.59.200.0/22 maxlen: 24
93.94.128.0/21 maxlen: 24
2a02:158::/32 maxlen: 64
2a02:158:aa00::/39 maxlen: 39
2a02:158:fffe::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 870723902 (0x33e6313e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac8a69ecb787cce9892dc65480463fb088b613df
Validity
Not Before: Jan 1 01:50:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5eab00ab3da55d4de5ffe257aa17d253712a33e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e0:e7:19:79:05:0f:0f:a4:8b:5b:c0:82:b4:
05:1a:26:20:c2:eb:43:2b:81:98:f8:06:aa:64:f3:
de:ad:ce:3b:b1:5b:37:ad:29:b3:fa:60:ad:68:e8:
1e:26:69:ad:f4:fb:f1:bf:07:26:c8:08:5e:21:18:
05:6f:06:cf:60:a6:7c:f8:21:cd:ef:dd:7b:73:a0:
23:cc:18:b1:1e:23:b2:69:e1:54:ed:a2:16:8b:17:
c2:ab:1e:66:15:78:54:21:d1:7b:eb:8f:f0:73:81:
36:ab:ab:bb:53:e9:f7:30:9e:88:bc:e2:fc:bd:3f:
4d:c6:2a:13:e4:0d:50:48:7d:5c:b3:1d:b5:c0:94:
ff:8a:30:29:81:0c:8b:38:71:36:1a:65:88:5e:e6:
66:cb:e5:2a:4e:df:ae:07:ea:c3:b8:2f:3c:59:a8:
b6:d8:9c:c9:20:c2:c2:95:cd:86:1a:ee:6c:36:5b:
33:c1:fa:4d:ef:17:ad:87:3b:4d:2e:eb:5e:96:4d:
8d:c6:a3:74:67:6c:38:41:10:a0:96:6a:a4:d8:5f:
2a:3b:17:4e:95:07:43:8b:88:11:99:0b:dd:d7:c2:
a9:a5:cc:98:a0:ee:30:19:6c:3d:e7:c5:f8:1c:e8:
f5:02:94:5e:8d:92:39:32:e8:65:50:78:c9:de:7c:
d0:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:AB:00:AB:3D:A5:5D:4D:E5:FF:E2:57:AA:17:D2:53:71:2A:33:E2
X509v3 Authority Key Identifier:
keyid:AC:8A:69:EC:B7:87:CC:E9:89:2D:C6:54:80:46:3F:B0:88:B6:13:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rIpp7LeHzOmJLcZUgEY_sIi2E98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/XqsAqz2lXU3l_-JXqhfSU3EqM-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/87dadf-29d9-49d3-8ac6-4cc40ffd796d/1/rIpp7LeHzOmJLcZUgEY_sIi2E98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.128.0/21
185.59.200.0/22
194.187.64.0/22
195.49.152.0/22
IPv6:
2a02:158::/32
Signature Algorithm: sha256WithRSAEncryption
0d:e7:f6:dd:e2:e7:27:80:5c:b8:c7:34:15:47:54:f8:f7:8c:
3b:e4:10:01:8e:a9:9b:01:5d:e8:da:53:fd:24:cb:a1:ee:2f:
dc:57:53:2f:83:bb:47:67:e1:1a:3d:93:96:fc:f7:e5:fa:b5:
9f:2f:dc:cf:ec:0c:41:88:22:e5:4a:e7:2f:fa:22:16:da:d9:
77:92:02:2d:d9:d0:4d:4d:fe:e9:31:fa:da:f4:53:9f:b9:0e:
99:2c:b1:57:1e:f9:5a:b7:bd:49:46:34:bf:41:3f:fc:fa:55:
35:41:2a:41:a4:ef:b5:62:e3:7e:ed:07:d1:cd:cf:46:51:d8:
52:26:bd:f8:69:23:42:4e:f8:8c:eb:bd:25:bb:81:eb:0c:93:
37:5b:39:51:bd:25:9e:f9:40:b7:7e:bd:5d:e7:17:6e:2e:98:
7a:40:49:29:24:24:cc:6d:7d:63:bd:8a:3d:05:ab:20:38:5b:
67:e9:1d:8c:85:ce:37:de:c7:2f:5b:79:be:f5:7c:68:69:96:
91:7d:91:f1:1a:b2:97:99:5e:01:59:db:7e:83:a6:18:85:0e:
cc:38:f5:16:a5:9b:40:9d:73:81:68:8c:00:48:91:99:7a:cd:
be:89:3c:91:9e:3b:6c:0d:d3:75:61:fe:38:be:b7:9f:80:02:
d1:c2:22:63
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEM+YxPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YzhhNjllY2I3ODdjY2U5ODkyZGM2NTQ4MDQ2M2ZiMDg4YjYxM2RmMB4XDTIyMDEw
MTAxNTA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWVhYjAwYWIzZGE1
NWQ0ZGU1ZmZlMjU3YWExN2QyNTM3MTJhMzNlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvg5xl5BQ8PpItbwIK0BRomIMLrQyuBmPgGqmTz3q3OO7Fb
N60ps/pgrWjoHiZprfT78b8HJsgIXiEYBW8Gz2CmfPghze/de3OgI8wYsR4jsmnh
VO2iFosXwqseZhV4VCHRe+uP8HOBNquru1Pp9zCeiLzi/L0/TcYqE+QNUEh9XLMd
tcCU/4owKYEMizhxNhpliF7mZsvlKk7frgfqw7gvPFmotticySDCwpXNhhrubDZb
M8H6Te8XrYc7TS7rXpZNjcajdGdsOEEQoJZqpNhfKjsXTpUHQ4uIEZkL3dfCqaXM
mKDuMBlsPefF+Bzo9QKUXo2SOTLoZVB4yd580K0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBReqwCrPaVdTeX/4leqF9JTcSoz4jAfBgNVHSMEGDAWgBSsimnst4fM6Ykt
xlSARj+wiLYT3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JJcHA3TGVIek9tSkxjWlVnRVlfc0lpMkU5OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvODdkYWRmLTI5ZDktNDlkMy04YWM2LTRjYzQwZmZkNzk2ZC8x
L1hxc0FxejJsWFUzbF8tSlhxaGZTVTNFcU0tSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
ODdkYWRmLTI5ZDktNDlkMy04YWM2LTRjYzQwZmZkNzk2ZC8xL3JJcHA3TGVIek9t
SkxjWlVnRVlfc0lpMkU5OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA11egAMEArk7yAMEAsK7QAMEAsMx
mDANBAIAAjAHAwUAKgIBWDANBgkqhkiG9w0BAQsFAAOCAQEADef23eLnJ4BcuMc0
FUdU+PeMO+QQAY6pmwFd6NpT/STLoe4v3FdTL4O7R2fhGj2Tlvz35fq1ny/cz+wM
QYgi5UrnL/oiFtrZd5ICLdnQTU3+6TH62vRTn7kOmSyxVx75Wre9SUY0v0E//PpV
NUEqQaTvtWLjfu0H0c3PRlHYUia9+GkjQk74jOu9JbuB6wyTN1s5Ub0lnvlAt369
XecXbi6YekBJKSQkzG19Y72KPQWrIDhbZ+kdjIXON97HL1t5vvV8aGmWkX2R8Rqy
l5leAVnbfoOmGIUOzDj1FqWbQJ1zgWiMAEiRmXrNvok8kZ47bA3TdWH+OL63n4AC
0cIiYw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:08 2024 by rpki-client on console-ams.rpki-client.org