Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/nYoe-JiFVHe5jk_TOkXDRv7Wjzw.roa
File: nYoe-JiFVHe5jk_TOkXDRv7Wjzw.roa (raw, json)
Hash identifier: MC5e2vRAh2R/JAJP6noDm1xqiUwioHzXd33IUd+x6Xw=
Subject key identifier: 9D:8A:1E:F8:98:85:54:77:B9:8E:4F:D3:3A:45:C3:46:FE:D6:8F:3C
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0183EC27C2546BBB8EE128B27D0E5122077C
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/nYoe-JiFVHe5jk_TOkXDRv7Wjzw.roa
Signing time: Tue 18 Oct 2022 17:32:52 +0000
ROA not before: Tue 18 Oct 2022 17:32:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203523
IP address blocks: 93.119.104.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
93.119.106.0/24 maxlen: 24
93.119.107.0/24 maxlen: 24
188.240.210.0/24 maxlen: 24
188.240.221.0/24 maxlen: 24
89.33.194.0/24 maxlen: 24
89.33.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ec:27:c2:54:6b:bb:8e:e1:28:b2:7d:0e:51:22:07:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 18 17:32:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d8a1ef898855477b98e4fd33a45c346fed68f3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6a:48:39:b7:08:71:91:2d:cf:d9:61:27:87:
8a:d8:51:45:f5:c9:b0:9c:88:48:ea:24:d9:92:49:
68:51:ad:02:3f:57:9e:9f:0f:bf:c3:6d:20:c5:2d:
34:04:77:14:82:8e:4e:24:f2:33:86:93:c7:95:3e:
c5:69:89:3f:e5:70:42:53:3a:dc:39:8d:b5:e4:7d:
d8:30:49:82:12:c9:da:a5:96:7c:dc:23:08:ec:4e:
a4:26:1c:b8:32:d3:53:96:d1:98:98:2b:ac:48:5f:
8e:3e:52:43:70:fa:d4:24:8e:73:dd:35:58:f5:bc:
fb:4f:d1:74:22:6c:5f:f0:4a:f9:47:e1:67:aa:be:
d8:12:4f:98:2d:63:ed:92:a5:e5:90:96:63:19:13:
9d:85:98:96:79:c0:ba:22:1e:f5:f5:b4:c0:d4:ca:
19:8d:e4:31:76:73:ac:f0:6b:09:52:2b:ba:02:8d:
e7:b2:a2:b3:83:34:21:9e:11:48:c1:67:c5:52:cd:
42:a3:4d:ec:7e:9b:b9:bc:a7:a4:9d:81:66:92:c2:
01:fe:7a:92:74:3c:1f:2a:c6:00:9f:72:64:6f:eb:
16:ac:be:9f:ff:af:67:30:db:7f:42:ed:8b:07:18:
1a:5b:58:cd:48:bd:f1:0e:eb:ba:3b:7b:84:4d:f7:
f4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:8A:1E:F8:98:85:54:77:B9:8E:4F:D3:3A:45:C3:46:FE:D6:8F:3C
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/nYoe-JiFVHe5jk_TOkXDRv7Wjzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.194.0/23
93.119.104.0/22
188.240.210.0/24
188.240.221.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:79:4f:5b:89:5a:ea:66:94:81:fc:db:b0:fa:25:3f:b8:7c:
a1:e6:88:03:91:f1:25:79:0f:94:ee:91:5b:83:86:5d:60:ec:
45:1d:be:8b:3f:08:f6:64:5f:91:1a:ca:4e:83:fc:77:9d:24:
ab:2b:54:23:19:51:84:b8:4a:03:b2:8d:d3:52:d1:f5:a5:54:
46:83:ac:5d:9c:18:42:68:d3:e7:ae:39:52:fc:7d:a2:09:f3:
79:26:73:42:14:2b:18:30:de:d6:e5:43:ca:d0:97:89:78:84:
5b:77:5a:16:5d:82:de:b3:7e:25:08:3f:82:bd:f8:f3:9f:7b:
24:ce:43:af:89:cf:64:bd:49:fb:f3:b0:8f:fc:69:f5:bc:ec:
5e:ef:e4:7a:d7:e2:4e:1b:99:bc:0f:09:36:77:8b:58:66:9f:
33:39:32:3f:a7:17:44:44:94:83:e3:bf:01:b6:f9:f6:d3:09:
3e:f0:92:e9:d6:fb:71:c9:f7:1d:cf:29:94:ee:5f:10:bd:c6:
f4:ae:c3:cf:1a:1c:61:b9:d7:18:c1:c4:8c:d2:9c:cc:15:5d:
b4:97:47:2e:1d:cf:62:d3:66:83:ad:b6:97:d7:4e:9f:2e:de:
1b:b1:8e:6a:67:10:eb:09:44:26:cf:ed:c9:24:eb:04:fa:98:
50:30:4e:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPsJ8JUa7uO4SiyfQ5RIgd8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjIxMDE4MTczMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDhhMWVmODk4ODU1NDc3Yjk4ZTRmZDMzYTQ1YzM0NmZlZDY4ZjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmpIObcIcZEtz9lhJ4eK2FFF9cmw
nIhI6iTZkkloUa0CP1eenw+/w20gxS00BHcUgo5OJPIzhpPHlT7FaYk/5XBCUzrc
OY215H3YMEmCEsnapZZ83CMI7E6kJhy4MtNTltGYmCusSF+OPlJDcPrUJI5z3TVY
9bz7T9F0Imxf8Er5R+Fnqr7YEk+YLWPtkqXlkJZjGROdhZiWecC6Ih719bTA1MoZ
jeQxdnOs8GsJUiu6Ao3nsqKzgzQhnhFIwWfFUs1Co03sfpu5vKeknYFmksIB/nqS
dDwfKsYAn3Jkb+sWrL6f/69nMNt/Qu2LBxgaW1jNSL3xDuu6O3uETff0yQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ2KHviYhVR3uY5P0zpFw0b+1o88MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvbllvZS1KaUZWSGU1amtfVE9rWERSdjdXanp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWSHCAwQC
XXdoAwQAvPDSAwQAvPDdMA0GCSqGSIb3DQEBCwUAA4IBAQBqeU9biVrqZpSB/Nuw
+iU/uHyh5ogDkfEleQ+U7pFbg4ZdYOxFHb6LPwj2ZF+RGspOg/x3nSSrK1QjGVGE
uEoDso3TUtH1pVRGg6xdnBhCaNPnrjlS/H2iCfN5JnNCFCsYMN7W5UPK0JeJeIRb
d1oWXYLes34lCD+Cvfjzn3skzkOvic9kvUn787CP/Gn1vOxe7+R61+JOG5m8Dwk2
d4tYZp8zOTI/pxdERJSD478Btvn20wk+8JLp1vtxyfcdzymU7l8Qvcb0rsPPGhxh
udcYwcSM0pzMFV20l0cuHc9i02aDrbaX106fLt4bsY5qZxDrCUQmz+3JJOsE+phQ
ME4V
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:56 2023 by rpki-client on console-ams.rpki-client.org