Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/jxqZ58E9YKcprEJL320PD4noY3Q.roa
File: jxqZ58E9YKcprEJL320PD4noY3Q.roa (raw, json)
Hash identifier: bGovFaF14dbL6h1HBCTqqOqCbz5v229kwY6YGiASQ3c=
Subject key identifier: 8F:1A:99:E7:C1:3D:60:A7:29:AC:42:4B:DF:6D:0F:0F:89:E8:63:74
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 01852016FB1AE855998C09FCC49B0BF6DD73
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/jxqZ58E9YKcprEJL320PD4noY3Q.roa
Signing time: Sat 17 Dec 2022 12:37:34 +0000
ROA not before: Sat 17 Dec 2022 12:37:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57391
IP address blocks: 94.139.176.0/20 maxlen: 20
94.139.191.0/24 maxlen: 24
109.162.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:20:16:fb:1a:e8:55:99:8c:09:fc:c4:9b:0b:f6:dd:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Dec 17 12:37:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f1a99e7c13d60a729ac424bdf6d0f0f89e86374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b0:f1:f6:fd:35:7f:3c:67:49:54:a5:c7:0f:
65:06:c5:3e:7b:a3:af:62:f0:84:8f:f4:66:90:51:
2b:3e:6a:99:80:74:f7:6a:dd:8d:dd:0d:c7:0e:f1:
a8:ee:b7:2d:2c:d8:18:6f:ab:ec:2b:ac:f7:bb:37:
52:78:7e:9a:42:e1:02:e1:d5:66:54:66:a5:b8:75:
4a:6e:4c:95:72:2e:be:de:7f:2c:b3:2f:b5:79:ab:
70:cc:89:fa:62:9f:c5:0d:17:1f:a5:6a:8f:ca:34:
54:e9:d0:c2:95:60:f7:c8:1f:7e:f2:92:db:99:1c:
db:62:d6:d0:65:27:1a:49:ee:7b:5c:2c:77:63:87:
f5:60:05:e6:73:77:08:14:42:e5:3d:57:1b:8a:d3:
99:1c:4a:9b:a6:b1:68:d4:06:44:8a:33:a0:19:95:
59:f3:91:ea:9c:1e:66:71:74:13:f6:c0:63:38:4b:
bd:eb:53:11:76:41:ff:90:19:60:84:46:ed:a8:9d:
20:ee:73:88:b8:f4:2d:eb:6c:56:fa:71:b7:b3:a2:
0d:1b:dc:93:95:dd:4e:ad:fd:a9:cd:87:22:2e:b1:
2b:06:32:91:e4:c0:42:8a:e7:e9:25:a1:0b:57:d2:
19:0f:d9:29:27:8c:78:bf:1b:cd:ff:1c:1c:c1:9e:
46:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:1A:99:E7:C1:3D:60:A7:29:AC:42:4B:DF:6D:0F:0F:89:E8:63:74
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/jxqZ58E9YKcprEJL320PD4noY3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.176.0/20
109.162.254.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:fb:17:42:ec:e6:4e:ab:a4:08:90:58:8b:43:03:a7:5a:51:
80:3a:78:0c:94:8d:6a:5d:b3:67:99:db:b2:cf:1e:f3:88:09:
f4:64:aa:92:53:7d:d9:64:59:e4:29:2f:d2:be:68:1e:c2:be:
f3:31:77:17:1e:40:52:ff:ad:41:1d:3b:c1:d8:66:a9:ad:22:
e3:2f:60:22:41:3d:ca:2e:3f:03:5b:ee:11:06:f0:e1:2e:0d:
14:41:86:8b:ac:c6:04:e1:4f:2f:bf:4f:44:00:5d:00:40:2e:
7e:6a:f4:f1:21:e6:a0:8c:86:e7:80:e7:2c:fa:ce:3e:5e:f1:
95:ba:0b:10:4c:6c:f7:b4:0c:c5:2e:fe:84:39:23:17:9e:f0:
07:19:02:1c:6f:e1:09:33:44:8a:b8:63:f8:9b:d0:31:ca:d4:
1e:85:91:6f:57:a1:c5:eb:36:72:da:cb:f6:33:19:3e:30:de:
e4:4f:fb:fc:0e:5f:25:40:cf:15:98:8e:df:73:6a:f9:d5:4c:
bf:5f:71:37:e4:7c:f7:b0:c2:eb:90:d6:4e:8e:07:41:f0:d1:
86:00:00:64:00:eb:4b:ea:3b:e4:e8:10:8a:b0:1f:2b:6f:89:
3d:55:33:cf:36:f0:43:92:b2:f6:4e:a7:09:7d:f6:8d:a3:39:
e3:72:4d:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUgFvsa6FWZjAn8xJsL9t1zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjIxMjE3MTIzNzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjFhOTllN2MxM2Q2MGE3MjlhYzQyNGJkZjZkMGYwZjg5ZTg2Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbDx9v01fzxnSVSlxw9lBsU+e6Ov
YvCEj/RmkFErPmqZgHT3at2N3Q3HDvGo7rctLNgYb6vsK6z3uzdSeH6aQuEC4dVm
VGaluHVKbkyVci6+3n8ssy+1eatwzIn6Yp/FDRcfpWqPyjRU6dDClWD3yB9+8pLb
mRzbYtbQZScaSe57XCx3Y4f1YAXmc3cIFELlPVcbitOZHEqbprFo1AZEijOgGZVZ
85HqnB5mcXQT9sBjOEu961MRdkH/kBlghEbtqJ0g7nOIuPQt62xW+nG3s6ING9yT
ld1Orf2pzYciLrErBjKR5MBCiufpJaELV9IZD9kpJ4x4vxvN/xwcwZ5GYQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI8amefBPWCnKaxCS99tDw+J6GN0MB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvanhxWjU4RTlZS2NwckVKTDMyMFBENG5vWTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEXouwAwQB
baL+MA0GCSqGSIb3DQEBCwUAA4IBAQB6+xdC7OZOq6QIkFiLQwOnWlGAOngMlI1q
XbNnmduyzx7ziAn0ZKqSU33ZZFnkKS/Svmgewr7zMXcXHkBS/61BHTvB2GaprSLj
L2AiQT3KLj8DW+4RBvDhLg0UQYaLrMYE4U8vv09EAF0AQC5+avTxIeagjIbngOcs
+s4+XvGVugsQTGz3tAzFLv6EOSMXnvAHGQIcb+EJM0SKuGP4m9AxytQehZFvV6HF
6zZy2sv2Mxk+MN7kT/v8Dl8lQM8VmI7fc2r51Uy/X3E35Hz3sMLrkNZOjgdB8NGG
AABkAOtL6jvk6BCKsB8rb4k9VTPPNvBDkrL2TqcJffaNoznjck0i
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:04 2025 by rpki-client