Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/uZlWZ9SqAQdK9c_fMr_4V-gVyeE.roa
File: uZlWZ9SqAQdK9c_fMr_4V-gVyeE.roa (raw, json)
Hash identifier: 4bxDNuhUFIQpH/yP8QWkajmdWo9FZkpyX7mcWUKLO2o=
Subject key identifier: B9:99:56:67:D4:AA:01:07:4A:F5:CF:DF:32:BF:F8:57:E8:15:C9:E1
Certificate issuer: /CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Certificate serial: 01855854AC7F9D147DA2D48B3DE459E92FB7
Authority key identifier: 4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/uZlWZ9SqAQdK9c_fMr_4V-gVyeE.roa
Signing time: Wed 28 Dec 2022 10:43:42 +0000
ROA not before: Wed 28 Dec 2022 10:43:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34636
IP address blocks: 94.139.176.0/21 maxlen: 21
94.139.184.0/22 maxlen: 22
94.139.190.0/23 maxlen: 23
94.139.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:58:54:ac:7f:9d:14:7d:a2:d4:8b:3d:e4:59:e9:2f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd74fbbbae58dd0876d99e80ec82a11a4477f7e
Validity
Not Before: Dec 28 10:43:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9995667d4aa01074af5cfdf32bff857e815c9e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e6:db:be:25:06:cc:7b:36:6a:54:43:fe:98:
27:87:46:d1:66:80:01:6f:b6:65:14:4b:a5:92:87:
9d:b3:21:20:db:4f:9a:5b:01:bf:8b:07:80:e8:ea:
c3:1f:ab:f0:8c:f0:07:c0:e7:22:08:0c:89:9d:8b:
04:ee:11:51:42:f0:7d:97:9b:a1:20:47:f0:d5:af:
be:40:d4:fc:ab:32:f0:f9:b4:10:a4:2c:8c:fa:d2:
11:09:dc:2b:17:4b:18:ef:53:a8:38:77:67:f4:f8:
f7:95:05:35:0a:7d:81:82:c9:b2:55:0b:55:1d:a5:
0e:de:68:66:e1:b5:23:be:60:13:40:5a:c3:b7:a5:
ee:bf:a4:4b:36:60:1b:b7:f1:f2:dd:0c:41:7d:c4:
f0:a7:ab:1b:13:88:ab:e6:54:7c:06:18:ef:3a:8c:
64:60:87:b0:61:11:4f:80:11:89:19:10:96:57:02:
a7:8f:a8:f2:20:c7:5e:24:bf:4e:ad:76:84:d4:0e:
e9:1b:0a:b6:79:9f:b0:39:dc:a5:ef:01:74:f2:2e:
02:fb:b5:f1:2a:f8:aa:44:ff:87:bf:b7:63:96:d6:
3b:20:66:3f:25:0d:fe:14:de:4b:ef:3c:c6:d4:b4:
34:e6:b7:e7:b0:98:97:87:e3:9a:d7:48:fb:6d:29:
2e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:99:56:67:D4:AA:01:07:4A:F5:CF:DF:32:BF:F8:57:E8:15:C9:E1
X509v3 Authority Key Identifier:
keyid:4D:D7:4F:BB:BA:E5:8D:D0:87:6D:99:E8:0E:C8:2A:11:A4:47:7F:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TddPu7rljdCHbZnoDsgqEaRHf34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/uZlWZ9SqAQdK9c_fMr_4V-gVyeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/9f5f57-e828-4bcf-8d2b-8eab7f4fe77e/1/TddPu7rljdCHbZnoDsgqEaRHf34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.139.176.0-94.139.188.255
94.139.190.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:90:7a:bc:75:84:e1:bd:7e:0a:56:8d:ce:d2:86:48:91:00:
96:e8:c2:d9:df:45:26:8b:4f:fd:bb:2c:66:14:f7:dd:a6:0d:
a6:27:99:ea:3e:9e:d3:45:93:45:59:12:39:55:ab:21:9a:80:
1b:0d:a7:68:cc:6d:55:c3:24:1d:6d:b4:7a:c0:a0:b6:ed:7d:
be:7e:db:a2:70:ad:cc:29:10:ac:13:88:0f:91:23:8c:70:56:
ef:d3:e8:69:0f:f4:77:52:37:0d:63:97:ba:4c:44:c8:fc:0f:
67:6d:b3:a9:34:ef:03:cc:df:bd:a1:23:cb:4b:d2:52:9a:e6:
42:5a:61:78:10:97:1d:5b:c4:e9:76:11:d2:c1:9a:10:9e:54:
35:60:35:8c:e3:e8:8c:1c:aa:b7:9e:5d:2b:59:fe:32:f4:94:
fc:f6:28:6b:2f:56:be:86:59:ca:00:86:7d:fa:71:12:82:05:
a4:7e:fd:8e:7d:e2:1f:41:03:47:6c:55:32:6f:a9:62:47:79:
16:7b:5c:ed:8e:f0:57:8b:69:a7:6a:94:35:d3:c8:1e:42:37:
e1:43:03:e4:ad:63:8e:7a:2a:49:87:44:67:94:1c:f1:82:9a:
4f:ce:cc:17:61:3c:b2:2b:56:5d:ff:4e:02:30:48:95:e7:3b:
fb:6f:37:64
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVYVKx/nRR9otSLPeRZ6S+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDc0ZmJiYmFlNThkZDA4NzZkOTllODBlYzgyYTExYTQ0
NzdmN2UwHhcNMjIxMjI4MTA0MzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTk5NTY2N2Q0YWEwMTA3NGFmNWNmZGYzMmJmZjg1N2U4MTVjOWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlebbviUGzHs2alRD/pgnh0bRZoAB
b7ZlFEulkoedsyEg20+aWwG/iweA6OrDH6vwjPAHwOciCAyJnYsE7hFRQvB9l5uh
IEfw1a++QNT8qzLw+bQQpCyM+tIRCdwrF0sY71OoOHdn9Pj3lQU1Cn2BgsmyVQtV
HaUO3mhm4bUjvmATQFrDt6Xuv6RLNmAbt/Hy3QxBfcTwp6sbE4ir5lR8BhjvOoxk
YIewYRFPgBGJGRCWVwKnj6jyIMdeJL9OrXaE1A7pGwq2eZ+wOdyl7wF08i4C+7Xx
KviqRP+Hv7djltY7IGY/JQ3+FN5L7zzG1LQ05rfnsJiXh+Oa10j7bSku7wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLmZVmfUqgEHSvXP3zK/+FfoFcnhMB8GA1UdIwQY
MBaAFE3XT7u65Y3Qh22Z6A7IKhGkR39+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmIt
OGVhYjdmNGZlNzdlLzEvdVpsV1o5U3FBUWRLOWNfZk1yXzRWLWdWeWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85ZjVmNTctZTgyOC00YmNmLThkMmItOGVhYjdmNGZlNzdl
LzEvVGRkUHU3cmxqZENIYlpub0RzZ3FFYVJIZjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBARei7AD
BABei7wDBAFei74wDQYJKoZIhvcNAQELBQADggEBAHuQerx1hOG9fgpWjc7ShkiR
AJbowtnfRSaLT/27LGYU992mDaYnmeo+ntNFk0VZEjlVqyGagBsNp2jMbVXDJB1t
tHrAoLbtfb5+26JwrcwpEKwTiA+RI4xwVu/T6GkP9HdSNw1jl7pMRMj8D2dts6k0
7wPM372hI8tL0lKa5kJaYXgQlx1bxOl2EdLBmhCeVDVgNYzj6IwcqreeXStZ/jL0
lPz2KGsvVr6GWcoAhn36cRKCBaR+/Y594h9BA0dsVTJvqWJHeRZ7XO2O8FeLaadq
lDXTyB5CN+FDA+StY456KkmHRGeUHPGCmk/OzBdhPLIrVl3/TgIwSJXnO/tvN2Q=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:11:51 2025 by rpki-client