Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/8be4af-62be-4180-bec9-f2b87f38b9dd/1/OM_nAi4B0bhFE1f4Wljcr9lHubA.roa
File: OM_nAi4B0bhFE1f4Wljcr9lHubA.roa (raw, json)
Hash identifier: I1voNzr82SgpSDWLl7NlLkokMJbJWQwKZT/w5gqE5/M=
Subject key identifier: 38:CF:E7:02:2E:01:D1:B8:45:13:57:F8:5A:58:DC:AF:D9:47:B9:B0
Certificate issuer: /CN=133897fc7a963f14215d58e1824144ab19fd5810
Certificate serial: 17DBFCB1
Authority key identifier: 13:38:97:FC:7A:96:3F:14:21:5D:58:E1:82:41:44:AB:19:FD:58:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EziX_HqWPxQhXVjhgkFEqxn9WBA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/8be4af-62be-4180-bec9-f2b87f38b9dd/1/OM_nAi4B0bhFE1f4Wljcr9lHubA.roa
Signing time: Sat 01 Jan 2022 00:54:35 +0000
ROA not before: Sat 01 Jan 2022 00:54:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47570
IP address blocks: 94.100.0.0/24 maxlen: 24
94.100.0.0/20 maxlen: 24
94.100.7.0/24 maxlen: 24
94.100.8.0/24 maxlen: 24
94.100.11.0/24 maxlen: 24
94.100.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 400293041 (0x17dbfcb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=133897fc7a963f14215d58e1824144ab19fd5810
Validity
Not Before: Jan 1 00:54:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=38cfe7022e01d1b8451357f85a58dcafd947b9b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:de:cf:e0:bc:5b:d2:73:3d:d6:8b:31:c1:c7:
4e:9f:bb:e3:3a:da:6f:63:5d:6b:c1:26:9b:cf:50:
cc:8f:f7:90:b2:f5:5a:c5:7b:a9:cb:28:e3:7e:56:
68:41:4e:52:ba:18:ed:cb:7d:0d:9d:64:ea:fd:bc:
31:22:fd:ed:10:0e:b2:cf:e8:7c:a1:85:41:8f:07:
5c:7a:38:b0:cc:16:39:10:e2:07:c1:32:34:fa:0f:
f2:d5:cd:b9:6e:0c:cc:90:ac:5b:e6:cd:64:0d:da:
05:2d:c3:55:05:ef:e4:f8:0d:7c:b6:35:a1:6b:24:
5d:7c:0f:4e:d6:a6:67:e3:a9:7c:e8:44:ec:5e:3d:
64:af:3b:09:e4:fb:8d:71:3b:6b:c6:f1:55:d9:0e:
f4:af:75:77:59:40:51:11:f5:59:f0:68:da:35:76:
3f:5b:44:aa:03:06:d6:9f:bf:7f:a1:e8:29:27:b8:
13:4f:16:b3:74:1d:51:66:42:ad:9b:b0:b6:e2:ba:
3b:6a:65:71:fe:fa:48:1d:a5:08:dc:ce:6a:72:7d:
c6:07:8b:47:87:92:23:04:66:4f:ab:f3:ab:ca:36:
6d:08:41:e5:ed:f3:71:d3:ce:6d:a1:83:57:16:88:
e3:84:24:03:b5:0a:7b:82:91:2c:07:14:f4:9d:a2:
d5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CF:E7:02:2E:01:D1:B8:45:13:57:F8:5A:58:DC:AF:D9:47:B9:B0
X509v3 Authority Key Identifier:
keyid:13:38:97:FC:7A:96:3F:14:21:5D:58:E1:82:41:44:AB:19:FD:58:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EziX_HqWPxQhXVjhgkFEqxn9WBA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/8be4af-62be-4180-bec9-f2b87f38b9dd/1/OM_nAi4B0bhFE1f4Wljcr9lHubA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/8be4af-62be-4180-bec9-f2b87f38b9dd/1/EziX_HqWPxQhXVjhgkFEqxn9WBA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.100.0.0/20
Signature Algorithm: sha256WithRSAEncryption
57:d7:9c:18:50:10:8e:8e:11:4b:64:13:12:b6:d9:97:58:9f:
12:54:64:5f:15:30:6d:f1:50:0d:4a:b5:2d:3f:74:84:8c:29:
bc:7a:84:92:33:2a:0b:31:54:65:9c:e2:43:5e:d9:92:c2:e2:
dc:8f:36:f2:be:e7:19:ad:b9:2e:42:05:98:9a:44:c6:c2:13:
f9:9e:c6:70:93:f6:c5:2b:0e:0a:76:98:e0:28:94:3b:29:ad:
4f:89:f7:99:35:45:86:ee:f6:ff:d1:64:3c:f9:f1:2f:b1:84:
bb:34:cb:90:24:91:0f:73:38:37:35:b5:19:44:7a:97:6a:26:
11:69:62:29:50:cb:e3:ba:94:c0:6b:60:ae:fc:73:0a:e9:2d:
60:7e:8a:e2:56:47:fb:c7:16:6c:bc:14:f7:6b:af:f7:55:15:
36:b1:e9:5c:2e:d3:c9:0c:03:04:71:e8:fa:89:f6:b8:91:70:
a3:3a:75:82:61:95:19:c5:28:f5:75:ca:16:79:a5:6e:5d:7d:
2b:77:3f:2e:41:a5:97:f5:f2:4b:e6:7b:d5:3f:f3:a4:43:fe:
5d:76:44:87:1d:53:fd:87:59:1c:6c:63:ed:26:ae:2a:91:3d:
5a:0f:b4:c8:cd:2d:fa:93:c2:93:29:81:a4:ac:e7:3a:a0:78:
d5:8c:05:64
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF9v8sTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MzM4OTdmYzdhOTYzZjE0MjE1ZDU4ZTE4MjQxNDRhYjE5ZmQ1ODEwMB4XDTIyMDEw
MTAwNTQzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzhjZmU3MDIyZTAx
ZDFiODQ1MTM1N2Y4NWE1OGRjYWZkOTQ3YjliMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOPez+C8W9JzPdaLMcHHTp+74zrab2Nda8Emm89QzI/3kLL1
WsV7qcso435WaEFOUroY7ct9DZ1k6v28MSL97RAOss/ofKGFQY8HXHo4sMwWORDi
B8EyNPoP8tXNuW4MzJCsW+bNZA3aBS3DVQXv5PgNfLY1oWskXXwPTtamZ+OpfOhE
7F49ZK87CeT7jXE7a8bxVdkO9K91d1lAURH1WfBo2jV2P1tEqgMG1p+/f6HoKSe4
E08Ws3QdUWZCrZuwtuK6O2plcf76SB2lCNzOanJ9xgeLR4eSIwRmT6vzq8o2bQhB
5e3zcdPObaGDVxaI44QkA7UKe4KRLAcU9J2i1X0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ4z+cCLgHRuEUTV/haWNyv2Ue5sDAfBgNVHSMEGDAWgBQTOJf8epY/FCFd
WOGCQUSrGf1YEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0V6aVhfSHFXUHhRaFhWamhna0ZFcXhuOVdCQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvOGJlNGFmLTYyYmUtNDE4MC1iZWM5LWYyYjg3ZjM4YjlkZC8x
L09NX25BaTRCMGJoRkUxZjRXbGpjcjlsSHViQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
OGJlNGFmLTYyYmUtNDE4MC1iZWM5LWYyYjg3ZjM4YjlkZC8xL0V6aVhfSHFXUHhR
aFhWamhna0ZFcXhuOVdCQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBF5kADANBgkqhkiG9w0BAQsFAAOC
AQEAV9ecGFAQjo4RS2QTErbZl1ifElRkXxUwbfFQDUq1LT90hIwpvHqEkjMqCzFU
ZZziQ17ZksLi3I828r7nGa25LkIFmJpExsIT+Z7GcJP2xSsOCnaY4CiUOymtT4n3
mTVFhu72/9FkPPnxL7GEuzTLkCSRD3M4NzW1GUR6l2omEWliKVDL47qUwGtgrvxz
CuktYH6K4lZH+8cWbLwU92uv91UVNrHpXC7TyQwDBHHo+on2uJFwozp1gmGVGcUo
9XXKFnmlbl19K3c/LkGll/XyS+Z71T/zpEP+XXZEhx1T/YdZHGxj7SauKpE9Wg+0
yM0t+pPCkymBpKznOqB41YwFZA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:02 2023 by rpki-client on console-ams.rpki-client.org