Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/h94oLQQqPYCkPkibOORMxHk4N2k.roa
File: h94oLQQqPYCkPkibOORMxHk4N2k.roa (raw, json)
Hash identifier: SBo+rq5/SK4Uvm2R/i/pUUVkyWmeKhO820gfrWyFIOE=
Subject key identifier: 87:DE:28:2D:04:2A:3D:80:A4:3E:48:9B:38:E4:4C:C4:79:38:37:69
Certificate issuer: /CN=9ae7d661afca3d3370b8e634494d5246b83d585f
Certificate serial: 18D2324E
Authority key identifier: 9A:E7:D6:61:AF:CA:3D:33:70:B8:E6:34:49:4D:52:46:B8:3D:58:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mufWYa_KPTNwuOY0SU1SRrg9WF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/h94oLQQqPYCkPkibOORMxHk4N2k.roa
Signing time: Sat 01 Jan 2022 08:00:48 +0000
ROA not before: Sat 01 Jan 2022 08:00:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24951
IP address blocks: 89.45.84.0/22 maxlen: 22
185.39.228.0/22 maxlen: 22
2a01:4aa0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 416428622 (0x18d2324e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ae7d661afca3d3370b8e634494d5246b83d585f
Validity
Not Before: Jan 1 08:00:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87de282d042a3d80a43e489b38e44cc479383769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:14:8c:35:84:1c:c4:e3:5a:76:76:13:21:dc:
56:46:6e:d2:1b:86:14:16:a4:d9:a4:b6:97:aa:20:
66:60:b9:d1:02:40:5b:1a:a3:71:00:cd:b0:e2:25:
18:b7:7e:62:f0:d2:10:03:00:51:0a:37:7c:85:32:
c6:06:16:75:a5:72:39:75:7e:62:31:ac:38:ae:32:
76:10:3e:74:69:b6:f9:ae:2b:2a:c7:c4:9f:03:de:
6d:09:c5:00:fc:29:5a:82:f8:9b:b0:bc:e1:75:c0:
ff:d7:f1:44:a6:b3:77:10:a6:cd:1a:ac:c5:65:0d:
eb:f6:49:ab:47:bb:8d:81:48:5a:79:3b:5d:ea:a1:
69:3a:17:51:05:20:8a:eb:80:74:13:18:d8:10:54:
7a:ed:c5:f5:bc:d3:b2:82:30:cd:4e:63:e2:1a:47:
f5:b8:ff:8a:e8:97:66:61:df:3a:45:1a:55:ee:ae:
b7:0f:20:15:60:13:e4:68:49:da:d0:ac:ad:50:f0:
29:25:49:d5:fe:51:eb:54:8f:16:f0:cb:2e:99:fa:
f3:32:fe:76:13:38:09:e6:47:15:ad:ff:2e:aa:0a:
70:f8:7d:07:9c:6e:9f:56:64:b5:67:5d:63:5d:0a:
cd:f9:c6:18:97:91:af:62:16:72:80:83:1a:a0:0e:
37:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DE:28:2D:04:2A:3D:80:A4:3E:48:9B:38:E4:4C:C4:79:38:37:69
X509v3 Authority Key Identifier:
keyid:9A:E7:D6:61:AF:CA:3D:33:70:B8:E6:34:49:4D:52:46:B8:3D:58:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mufWYa_KPTNwuOY0SU1SRrg9WF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/h94oLQQqPYCkPkibOORMxHk4N2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e4705c-e6da-422e-859c-3b68a49dc042/1/mufWYa_KPTNwuOY0SU1SRrg9WF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.84.0/22
185.39.228.0/22
IPv6:
2a01:4aa0::/32
Signature Algorithm: sha256WithRSAEncryption
98:1b:b6:8d:13:dd:81:c2:58:98:7f:8e:26:ac:57:76:d0:a7:
c5:af:78:37:56:1e:4c:77:50:2e:a1:db:c1:43:cc:d1:ff:69:
c8:35:c9:a3:6d:e9:db:c8:9f:58:9e:68:1d:11:b3:9a:81:97:
3d:3b:ae:1d:57:e9:8e:41:73:db:49:87:f8:3f:b7:67:3e:b4:
63:ca:85:f2:d2:33:b2:67:7d:3d:06:53:a1:73:c7:88:99:94:
91:6d:f3:01:11:1c:0f:c7:60:65:55:da:92:08:9b:ae:c2:72:
2f:4b:dd:f8:f8:8d:4c:e4:38:1a:f5:16:d1:42:fc:1a:f9:20:
8f:ea:42:8b:86:a3:3f:43:d6:0b:16:97:56:a9:3f:e8:4c:3c:
bf:c0:2a:4f:0f:7d:21:79:aa:74:97:03:7e:19:23:0b:20:37:
74:bd:6d:36:c1:24:a7:af:7b:b8:3f:de:0f:88:2f:48:fa:8c:
fe:64:06:08:30:3a:90:b5:95:b6:92:45:cf:34:25:4e:80:23:
a8:e5:38:6e:09:b2:20:c8:8e:fc:47:89:6d:c1:b4:9e:97:61:
76:f6:95:16:3c:d3:ed:ee:66:29:b3:75:e2:56:ca:18:07:1d:
29:77:3d:75:ff:ee:dc:1c:3d:be:21:fd:2d:dc:da:d4:da:7c:
b9:be:ee:fd
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGNIyTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YWU3ZDY2MWFmY2EzZDMzNzBiOGU2MzQ0OTRkNTI0NmI4M2Q1ODVmMB4XDTIyMDEw
MTA4MDA0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdkZTI4MmQwNDJh
M2Q4MGE0M2U0ODliMzhlNDRjYzQ3OTM4Mzc2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4UjDWEHMTjWnZ2EyHcVkZu0huGFBak2aS2l6ogZmC50QJA
WxqjcQDNsOIlGLd+YvDSEAMAUQo3fIUyxgYWdaVyOXV+YjGsOK4ydhA+dGm2+a4r
KsfEnwPebQnFAPwpWoL4m7C84XXA/9fxRKazdxCmzRqsxWUN6/ZJq0e7jYFIWnk7
XeqhaToXUQUgiuuAdBMY2BBUeu3F9bzTsoIwzU5j4hpH9bj/iuiXZmHfOkUaVe6u
tw8gFWAT5GhJ2tCsrVDwKSVJ1f5R61SPFvDLLpn68zL+dhM4CeZHFa3/LqoKcPh9
B5xun1ZktWddY10KzfnGGJeRr2IWcoCDGqAON7sCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSH3igtBCo9gKQ+SJs45EzEeTg3aTAfBgNVHSMEGDAWgBSa59Zhr8o9M3C4
5jRJTVJGuD1YXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L211ZldZYV9LUFROd3VPWTBTVTFTUnJnOVdGOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjcvZTQ3MDVjLWU2ZGEtNDIyZS04NTljLTNiNjhhNDlkYzA0Mi8x
L2g5NG9MUVFxUFlDa1BraWJPT1JNeEhrNE4yay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjcv
ZTQ3MDVjLWU2ZGEtNDIyZS04NTljLTNiNjhhNDlkYzA0Mi8xL211ZldZYV9LUFRO
d3VPWTBTVTFTUnJnOVdGOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlktVAMEArkn5DANBAIAAjAHAwUA
KgFKoDANBgkqhkiG9w0BAQsFAAOCAQEAmBu2jRPdgcJYmH+OJqxXdtCnxa94N1Ye
THdQLqHbwUPM0f9pyDXJo23p28ifWJ5oHRGzmoGXPTuuHVfpjkFz20mH+D+3Zz60
Y8qF8tIzsmd9PQZToXPHiJmUkW3zAREcD8dgZVXakgibrsJyL0vd+PiNTOQ4GvUW
0UL8Gvkgj+pCi4ajP0PWCxaXVqk/6Ew8v8AqTw99IXmqdJcDfhkjCyA3dL1tNsEk
p697uD/eD4gvSPqM/mQGCDA6kLWVtpJFzzQlToAjqOU4bgmyIMiO/EeJbcG0npdh
dvaVFjzT7e5mKbN14lbKGAcdKXc9df/u3Bw9viH9Ldza1Np8ub7u/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:06 2024 by rpki-client on console-fra.rpki-client.org