Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/aScRfTdADbPp16pofVF-U3-Qe2g.roa
File: aScRfTdADbPp16pofVF-U3-Qe2g.roa (raw, json)
Hash identifier: HEpn7EQRLoSgzkiCEkJZS/6p7Q08Vb76JD4UWSgugf4=
Subject key identifier: 69:27:11:7D:37:40:0D:B3:E9:D7:AA:68:7D:51:7E:53:7F:90:7B:68
Certificate issuer: /CN=9ae7d661afca3d3370b8e634494d5246b83d585f
Certificate serial: 0185700278C5658574299BE3B07C56C866AF
Authority key identifier: 9A:E7:D6:61:AF:CA:3D:33:70:B8:E6:34:49:4D:52:46:B8:3D:58:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mufWYa_KPTNwuOY0SU1SRrg9WF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/aScRfTdADbPp16pofVF-U3-Qe2g.roa
Signing time: Mon 02 Jan 2023 01:04:48 +0000
ROA not before: Mon 02 Jan 2023 01:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42336
IP address blocks: 89.45.84.0/22 maxlen: 24
185.39.228.0/22 maxlen: 24
2a01:4aa0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:02:78:c5:65:85:74:29:9b:e3:b0:7c:56:c8:66:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ae7d661afca3d3370b8e634494d5246b83d585f
Validity
Not Before: Jan 2 01:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6927117d37400db3e9d7aa687d517e537f907b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:21:32:1f:c8:99:1c:42:da:f8:3f:a6:60:91:
96:66:1a:66:ea:70:f9:90:02:1d:60:72:d2:4e:dd:
65:fe:1b:bb:ea:af:01:38:3a:34:02:b3:b1:1e:cf:
d2:c3:0f:c0:26:cf:0a:96:68:7d:d4:5c:53:43:7c:
82:b2:0d:10:e3:6b:b4:a9:5c:cb:b3:3a:47:42:ec:
e7:57:3d:19:b6:6f:cf:fc:50:5e:89:99:af:1b:76:
67:d8:2f:c8:f0:82:65:09:a7:2f:bc:8f:05:81:e2:
f3:3d:b7:de:20:19:1e:ff:2e:26:f6:35:de:00:45:
ae:4d:10:8a:2a:6f:db:d8:f9:d4:08:4a:38:b8:a3:
3b:7a:76:3d:c5:f1:dd:73:e6:85:3a:1f:ba:23:7b:
ea:ac:4b:55:55:f1:ac:7b:38:08:72:70:95:8d:3f:
9d:43:c5:29:d0:c2:32:a5:98:02:d8:06:73:6f:eb:
7f:44:9e:80:6a:ca:38:ea:2f:3e:4c:4f:e2:53:94:
71:1c:c6:2a:86:4f:90:e8:94:f1:37:f3:51:e6:99:
d5:94:b6:8b:21:06:ea:f9:1c:d7:e4:20:40:61:fe:
2f:54:08:d8:a1:81:99:b0:0d:74:09:17:1a:70:c4:
5f:3d:df:3e:6d:88:87:5c:11:2a:fa:ef:c9:3e:1b:
70:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:27:11:7D:37:40:0D:B3:E9:D7:AA:68:7D:51:7E:53:7F:90:7B:68
X509v3 Authority Key Identifier:
keyid:9A:E7:D6:61:AF:CA:3D:33:70:B8:E6:34:49:4D:52:46:B8:3D:58:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mufWYa_KPTNwuOY0SU1SRrg9WF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/aScRfTdADbPp16pofVF-U3-Qe2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/mufWYa_KPTNwuOY0SU1SRrg9WF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.84.0/22
185.39.228.0/22
IPv6:
2a01:4aa0::/32
Signature Algorithm: sha256WithRSAEncryption
0e:e3:46:d2:00:50:20:ac:61:53:f5:bb:11:bf:c9:49:cd:2d:
7e:0d:fe:f8:fc:c3:56:80:0f:f2:f5:8f:35:bb:49:d5:b4:53:
3a:1d:af:3b:51:ce:a0:96:6b:5d:e3:0f:3d:ed:38:ce:ca:b3:
a2:26:bc:29:b6:6c:32:e0:28:3b:9b:b8:d0:2b:b4:68:22:c0:
b5:36:db:22:0c:9b:1a:38:16:48:ff:46:33:fe:cb:1e:83:a8:
20:6e:a3:bb:0c:5d:63:66:5f:a4:d3:78:60:36:5b:1a:26:b9:
99:15:12:b0:63:32:cd:28:16:3d:69:24:b2:aa:7a:33:68:0e:
57:5e:f4:ed:48:ef:2e:cb:38:7a:ce:7c:38:32:77:bb:54:c0:
47:df:7a:e3:bb:7e:5f:43:bd:52:0e:92:6c:23:cf:ae:5a:77:
40:51:73:ee:dd:5d:4b:44:f3:ab:59:4d:04:40:b8:47:f7:aa:
be:be:4b:9d:c8:8c:96:49:60:a3:d4:bc:2b:a4:dc:49:49:91:
4d:c2:46:45:26:d6:25:84:8c:ff:1d:07:8c:a9:31:1c:13:df:
97:9c:dc:c8:74:e5:a6:fe:28:d0:ca:57:78:8e:a7:89:c0:a5:
98:15:db:7a:e9:95:b4:98:22:58:4b:e4:a3:19:b0:af:41:59:
86:e9:8d:51
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwAnjFZYV0KZvjsHxWyGavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZTdkNjYxYWZjYTNkMzM3MGI4ZTYzNDQ5NGQ1MjQ2Yjgz
ZDU4NWYwHhcNMjMwMTAyMDEwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTI3MTE3ZDM3NDAwZGIzZTlkN2FhNjg3ZDUxN2U1MzdmOTA3YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyEyH8iZHELa+D+mYJGWZhpm6nD5
kAIdYHLSTt1l/hu76q8BODo0ArOxHs/Sww/AJs8Klmh91FxTQ3yCsg0Q42u0qVzL
szpHQuznVz0Ztm/P/FBeiZmvG3Zn2C/I8IJlCacvvI8FgeLzPbfeIBke/y4m9jXe
AEWuTRCKKm/b2PnUCEo4uKM7enY9xfHdc+aFOh+6I3vqrEtVVfGsezgIcnCVjT+d
Q8Up0MIypZgC2AZzb+t/RJ6Aaso46i8+TE/iU5RxHMYqhk+Q6JTxN/NR5pnVlLaL
IQbq+RzX5CBAYf4vVAjYoYGZsA10CRcacMRfPd8+bYiHXBEq+u/JPhtwgQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGknEX03QA2z6deqaH1RflN/kHtoMB8GA1UdIwQY
MBaAFJrn1mGvyj0zcLjmNElNUka4PVhfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXVmV1lhX0tQVE53dU9ZMFNVMVNScmc5V0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNDcwNWMtZTZkYS00MjJlLTg1OWMt
M2I2OGE0OWRjMDQyLzEvYVNjUmZUZEFEYlBwMTZwb2ZWRi1VMy1RZTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lNDcwNWMtZTZkYS00MjJlLTg1OWMtM2I2OGE0OWRjMDQy
LzEvbXVmV1lhX0tQVE53dU9ZMFNVMVNScmc5V0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWS1UAwQC
uSfkMA0EAgACMAcDBQAqAUqgMA0GCSqGSIb3DQEBCwUAA4IBAQAO40bSAFAgrGFT
9bsRv8lJzS1+Df74/MNWgA/y9Y81u0nVtFM6Ha87Uc6glmtd4w897TjOyrOiJrwp
tmwy4Cg7m7jQK7RoIsC1NtsiDJsaOBZI/0Yz/sseg6ggbqO7DF1jZl+k03hgNlsa
JrmZFRKwYzLNKBY9aSSyqnozaA5XXvTtSO8uyzh6znw4Mne7VMBH33rju35fQ71S
DpJsI8+uWndAUXPu3V1LRPOrWU0EQLhH96q+vkudyIyWSWCj1LwrpNxJSZFNwkZF
JtYlhIz/HQeMqTEcE9+XnNzIdOWm/ijQyld4jqeJwKWYFdt66ZW0mCJYS+SjGbCv
QVmG6Y1R
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:44 2025 by rpki-client