Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9166b8-5e54-458d-9b32-557a7d11e2ae/1/AEmq3s-OnfxSpNgyGiUF2d4JFQk.roa
File: AEmq3s-OnfxSpNgyGiUF2d4JFQk.roa (raw, json)
Hash identifier: dNe+8ZK7J0dWEvHpEekIgRCAZgfuV+DiPpXrWE4pyB0=
Subject key identifier: 00:49:AA:DE:CF:8E:9D:FC:52:A4:D8:32:1A:25:05:D9:DE:09:15:09
Certificate issuer: /CN=338d42fbb3f43f56ddb8782e65490a23d85b72e1
Certificate serial: 0184A6A9CDB82C7E40D1BEF8AD85197A0465
Authority key identifier: 33:8D:42:FB:B3:F4:3F:56:DD:B8:78:2E:65:49:0A:23:D8:5B:72:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M41C-7P0P1bduHguZUkKI9hbcuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/9166b8-5e54-458d-9b32-557a7d11e2ae/1/AEmq3s-OnfxSpNgyGiUF2d4JFQk.roa
Signing time: Wed 23 Nov 2022 22:44:16 +0000
ROA not before: Wed 23 Nov 2022 22:44:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 45.95.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a6:a9:cd:b8:2c:7e:40:d1:be:f8:ad:85:19:7a:04:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=338d42fbb3f43f56ddb8782e65490a23d85b72e1
Validity
Not Before: Nov 23 22:44:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0049aadecf8e9dfc52a4d8321a2505d9de091509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:dc:2b:65:21:3e:4a:ee:1e:1d:13:fc:6b:0d:
e7:fa:ee:41:a5:f1:ec:d6:ec:dd:7c:14:42:ba:22:
ed:b3:cb:94:ad:2a:50:e8:5b:41:93:60:c5:74:68:
32:93:67:d1:ec:06:ef:94:a9:24:e7:6c:fd:2c:e4:
f3:a8:27:64:d5:2c:ce:33:10:bb:0e:90:c7:35:ba:
cb:01:b7:d7:f5:3b:7d:58:64:52:11:47:c7:d4:14:
4d:92:9c:8a:1a:8d:78:70:90:ed:17:18:9b:8c:fe:
4e:f9:3a:ed:8a:89:66:bf:15:07:cc:b3:79:44:c7:
db:52:2c:41:f9:ed:60:5d:18:00:43:20:96:c1:33:
ce:95:8b:0a:ac:1d:ca:21:af:0b:cb:97:94:76:7d:
4e:b5:01:f8:a8:83:d1:97:91:e9:6c:40:45:a9:d5:
13:58:75:bf:3a:6e:51:f3:38:ed:9e:c5:68:a2:4f:
7d:c0:d7:9c:35:9b:91:5b:99:20:f1:33:f2:a6:fd:
79:10:fb:69:28:48:6c:c6:ec:56:d0:61:87:bb:57:
d6:9f:d8:3e:5a:15:0b:06:83:40:b9:48:bf:8e:72:
03:66:79:e1:23:7e:9a:c8:a3:c4:c0:22:18:e7:c9:
4e:3a:63:39:88:8b:82:41:6f:dd:fc:f3:b2:20:22:
69:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:49:AA:DE:CF:8E:9D:FC:52:A4:D8:32:1A:25:05:D9:DE:09:15:09
X509v3 Authority Key Identifier:
keyid:33:8D:42:FB:B3:F4:3F:56:DD:B8:78:2E:65:49:0A:23:D8:5B:72:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M41C-7P0P1bduHguZUkKI9hbcuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9166b8-5e54-458d-9b32-557a7d11e2ae/1/AEmq3s-OnfxSpNgyGiUF2d4JFQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9166b8-5e54-458d-9b32-557a7d11e2ae/1/M41C-7P0P1bduHguZUkKI9hbcuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.94.0/24
Signature Algorithm: sha256WithRSAEncryption
79:3f:6c:ce:f3:aa:28:cc:f2:ae:90:28:b2:b7:dd:4e:e5:93:
ba:73:11:6c:d0:ec:88:a5:29:d4:bc:cd:7f:c5:b8:46:d3:65:
a1:a4:fe:2c:50:78:a9:6b:0e:eb:d2:16:f3:43:97:20:da:f6:
80:64:db:c6:fa:24:98:04:6a:98:54:a5:48:df:6e:f2:98:2f:
df:64:e2:1b:05:2a:94:aa:39:bf:1f:ab:07:95:7b:43:92:a4:
b5:ab:90:a8:20:9d:06:f1:35:45:56:6b:a9:7d:d4:ad:10:b6:
da:e4:23:36:82:ae:40:c7:95:4d:5f:1f:3f:cb:69:8d:8b:7e:
4c:43:a5:49:2b:85:40:41:24:82:52:46:c8:f6:6c:da:10:6d:
8e:f3:a5:d0:b4:2b:9e:69:0e:10:52:64:50:36:64:79:14:9e:
f9:9a:83:70:c6:44:d6:e8:1b:40:4c:f2:b0:4c:6f:ab:c3:cb:
20:d3:fa:b4:dc:65:70:5f:d6:2d:fe:af:ce:06:ca:85:2e:3d:
ee:28:45:72:a4:86:0f:18:e4:19:13:e4:b1:d7:b2:83:5d:49:
a2:c7:59:02:b6:ed:cc:c2:eb:f0:75:c4:73:26:a6:e6:33:8c:
08:f2:f7:60:df:db:d0:86:d6:31:b7:f1:13:b6:96:21:22:1e:
a1:78:90:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSmqc24LH5A0b74rYUZegRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOGQ0MmZiYjNmNDNmNTZkZGI4NzgyZTY1NDkwYTIzZDg1
YjcyZTEwHhcNMjIxMTIzMjI0NDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDQ5YWFkZWNmOGU5ZGZjNTJhNGQ4MzIxYTI1MDVkOWRlMDkxNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtwrZSE+Su4eHRP8aw3n+u5BpfHs
1uzdfBRCuiLts8uUrSpQ6FtBk2DFdGgyk2fR7AbvlKkk52z9LOTzqCdk1SzOMxC7
DpDHNbrLAbfX9Tt9WGRSEUfH1BRNkpyKGo14cJDtFxibjP5O+TrtiolmvxUHzLN5
RMfbUixB+e1gXRgAQyCWwTPOlYsKrB3KIa8Ly5eUdn1OtQH4qIPRl5HpbEBFqdUT
WHW/Om5R8zjtnsVook99wNecNZuRW5kg8TPypv15EPtpKEhsxuxW0GGHu1fWn9g+
WhULBoNAuUi/jnIDZnnhI36ayKPEwCIY58lOOmM5iIuCQW/d/POyICJpiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABJqt7Pjp38UqTYMholBdneCRUJMB8GA1UdIwQY
MBaAFDONQvuz9D9W3bh4LmVJCiPYW3LhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTQxQy03UDBQMWJkdUhndVpVa0tJOWhiY3VFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85MTY2YjgtNWU1NC00NThkLTliMzIt
NTU3YTdkMTFlMmFlLzEvQUVtcTNzLU9uZnhTcE5neUdpVUYyZDRKRlFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85MTY2YjgtNWU1NC00NThkLTliMzItNTU3YTdkMTFlMmFl
LzEvTTQxQy03UDBQMWJkdUhndVpVa0tJOWhiY3VFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALV9eMA0G
CSqGSIb3DQEBCwUAA4IBAQB5P2zO86oozPKukCiyt91O5ZO6cxFs0OyIpSnUvM1/
xbhG02WhpP4sUHipaw7r0hbzQ5cg2vaAZNvG+iSYBGqYVKVI327ymC/fZOIbBSqU
qjm/H6sHlXtDkqS1q5CoIJ0G8TVFVmupfdStELba5CM2gq5Ax5VNXx8/y2mNi35M
Q6VJK4VAQSSCUkbI9mzaEG2O86XQtCueaQ4QUmRQNmR5FJ75moNwxkTW6BtATPKw
TG+rw8sg0/q03GVwX9Yt/q/OBsqFLj3uKEVypIYPGOQZE+Sx17KDXUmix1kCtu3M
wuvwdcRzJqbmM4wI8vdg39vQhtYxt/ETtpYhIh6heJBZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:04 2024 by rpki-client on console-fra.rpki-client.org