Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/cKDnJDYIwsjZgY9tUjFPU_QDsSQ.roa
File: cKDnJDYIwsjZgY9tUjFPU_QDsSQ.roa (raw, json)
Hash identifier: vfUSKRy/wRJ2goBZANdedeqxIEwBW3xAo95FYUJYJok=
Subject key identifier: 70:A0:E7:24:36:08:C2:C8:D9:81:8F:6D:52:31:4F:53:F4:03:B1:24
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 01855892EC014EB42B73D21012DF9B5AE64C
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/cKDnJDYIwsjZgY9tUjFPU_QDsSQ.roa
Signing time: Wed 28 Dec 2022 11:51:41 +0000
ROA not before: Wed 28 Dec 2022 11:51:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57391
IP address blocks: 94.139.176.0/20 maxlen: 20
94.139.191.0/24 maxlen: 24
109.162.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:58:92:ec:01:4e:b4:2b:73:d2:10:12:df:9b:5a:e6:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Dec 28 11:51:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70a0e7243608c2c8d9818f6d52314f53f403b124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:a4:16:c8:49:84:23:ad:67:5b:d6:dd:8f:fc:
38:a7:a9:9c:fd:22:f5:7f:04:0f:d5:a4:c4:59:0f:
5c:c6:f1:72:f4:4f:38:f7:a0:63:3c:b6:c5:1e:77:
4a:ae:ef:73:fa:f1:03:42:98:17:b2:4c:3d:74:8a:
35:70:28:38:d3:f1:8a:65:c2:1a:b4:28:5e:11:c6:
06:2c:c6:0e:9a:1b:e0:38:6b:34:4b:fe:18:29:0b:
08:5c:fc:8c:ed:4f:f6:c5:b2:07:3c:33:54:03:66:
04:b3:cf:34:70:df:68:e6:ed:24:59:6a:cd:7d:05:
9a:97:b5:2f:37:1d:13:78:26:94:c7:10:39:95:08:
44:b1:f8:be:ba:3b:a0:2e:e4:21:92:c5:6b:8a:dc:
52:a3:34:bf:b1:33:08:da:30:b7:a4:6b:0d:d4:27:
4d:ad:3f:54:d2:ee:c7:a5:3b:09:fa:b3:a6:78:1e:
1c:1f:e1:76:69:a1:16:76:fd:e9:45:ab:8d:8d:05:
c5:91:48:33:c2:36:92:a6:ad:a5:9a:b5:d4:76:4e:
f0:d8:9d:ca:4b:47:55:8f:0a:d0:8a:da:99:75:4c:
d2:74:e1:8a:e3:14:59:30:05:2f:b9:0a:e4:e7:76:
4a:4b:e4:fa:61:d6:49:1b:7e:1e:e9:cf:b6:80:f5:
83:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A0:E7:24:36:08:C2:C8:D9:81:8F:6D:52:31:4F:53:F4:03:B1:24
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/cKDnJDYIwsjZgY9tUjFPU_QDsSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.176.0/20
109.162.254.0/23
Signature Algorithm: sha256WithRSAEncryption
04:cf:f1:4c:c0:a2:94:69:60:ef:a9:32:18:77:d8:17:6f:53:
79:cc:d5:83:e5:1f:01:d3:19:d9:8b:86:5f:69:cb:cd:21:c9:
6f:bb:99:75:2e:43:85:f4:a1:4b:76:19:de:83:9f:93:be:54:
99:6e:2f:bd:cd:30:06:bd:d2:3d:71:c4:bf:5f:fc:c3:07:45:
72:2d:0c:33:47:97:09:0f:38:0b:9c:92:fe:5c:55:c4:f1:4e:
41:52:8a:ca:7b:dc:ac:b1:b9:78:12:d3:eb:be:8b:70:bd:ba:
94:20:94:d5:8e:7a:62:34:78:00:42:c0:82:0d:cd:df:29:68:
b1:6d:68:50:e0:d2:e1:06:bf:46:07:e3:3b:af:68:97:9a:eb:
01:d7:82:02:ba:46:39:f6:04:f8:d0:7c:f0:ba:d9:73:f2:1d:
c6:df:84:af:74:8a:c9:03:82:9d:5c:8d:7c:e1:60:af:a3:a9:
09:eb:07:b3:af:3f:33:5b:e5:da:8f:fa:72:be:0d:5f:26:f0:
89:7e:c2:0f:aa:af:21:eb:16:58:d6:72:97:64:d9:d6:ab:c3:
fb:49:bf:b8:8b:9f:90:b3:6d:2c:7c:d1:97:d8:ea:83:ab:13:
ba:2d:ca:54:a7:4b:77:15:7d:cc:7f:03:6c:e4:32:b8:70:c5:
f7:11:d1:89
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVYkuwBTrQrc9IQEt+bWuZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjIxMjI4MTE1MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGEwZTcyNDM2MDhjMmM4ZDk4MThmNmQ1MjMxNGY1M2Y0MDNiMTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76QWyEmEI61nW9bdj/w4p6mc/SL1
fwQP1aTEWQ9cxvFy9E8496BjPLbFHndKru9z+vEDQpgXskw9dIo1cCg40/GKZcIa
tCheEcYGLMYOmhvgOGs0S/4YKQsIXPyM7U/2xbIHPDNUA2YEs880cN9o5u0kWWrN
fQWal7UvNx0TeCaUxxA5lQhEsfi+ujugLuQhksVritxSozS/sTMI2jC3pGsN1CdN
rT9U0u7HpTsJ+rOmeB4cH+F2aaEWdv3pRauNjQXFkUgzwjaSpq2lmrXUdk7w2J3K
S0dVjwrQitqZdUzSdOGK4xRZMAUvuQrk53ZKS+T6YdZJG34e6c+2gPWDEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHCg5yQ2CMLI2YGPbVIxT1P0A7EkMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvY0tEbkpEWUl3c2paZ1k5dFVqRlBVX1FEc1NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXouwAwQB
baL+MA0GCSqGSIb3DQEBCwUAA4IBAQAEz/FMwKKUaWDvqTIYd9gXb1N5zNWD5R8B
0xnZi4ZfacvNIclvu5l1LkOF9KFLdhneg5+TvlSZbi+9zTAGvdI9ccS/X/zDB0Vy
LQwzR5cJDzgLnJL+XFXE8U5BUorKe9yssbl4EtPrvotwvbqUIJTVjnpiNHgAQsCC
Dc3fKWixbWhQ4NLhBr9GB+M7r2iXmusB14ICukY59gT40Hzwutlz8h3G34SvdIrJ
A4KdXI184WCvo6kJ6wezrz8zW+Xaj/pyvg1fJvCJfsIPqq8h6xZY1nKXZNnWq8P7
Sb+4i5+Qs20sfNGX2OqDqxO6LcpUp0t3FX3MfwNs5DK4cMX3EdGJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:21 2024 by rpki-client on console-fra.rpki-client.org