Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/49sKUBFbQktiM-EydKwmppMob1k.roa
File: 49sKUBFbQktiM-EydKwmppMob1k.roa (raw, json)
Hash identifier: N5lhn5V4/a+LfbCJUaBIXmvHjqZ5s9ZgslY8Ao2Xl7I=
Subject key identifier: E3:DB:0A:50:11:5B:42:4B:62:33:E1:32:74:AC:26:A6:93:28:6F:59
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 108F8D47
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/49sKUBFbQktiM-EydKwmppMob1k.roa
Signing time: Sat 01 Jan 2022 10:02:12 +0000
ROA not before: Sat 01 Jan 2022 10:02:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207429
IP address blocks: 95.173.182.0/24 maxlen: 24
89.252.144.0/24 maxlen: 24
89.252.151.0/24 maxlen: 24
89.252.152.0/24 maxlen: 24
89.252.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 277843271 (0x108f8d47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 1 10:02:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3db0a50115b424b6233e13274ac26a693286f59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2f:dc:2e:e1:df:28:40:17:a6:18:9d:ba:76:
44:32:6a:8f:7b:23:7d:65:f9:69:8c:cf:e5:0c:ef:
e1:fb:97:f6:16:84:b0:99:9d:fb:66:43:e3:46:65:
56:ac:e2:84:87:8f:65:92:1f:04:71:3e:47:a9:81:
8e:ca:da:23:35:cb:89:44:dc:71:c5:d8:6a:65:75:
f2:6d:31:13:c5:64:b9:e3:6a:02:9e:9e:80:d7:aa:
52:4a:b5:fa:5e:6d:a8:47:77:46:13:40:ca:60:b9:
14:09:2f:5a:01:fa:23:24:d3:d5:42:db:9d:7a:16:
fd:4f:f8:92:2a:bc:e5:fe:84:2e:02:65:36:c9:7e:
d6:54:ad:5e:64:33:ba:d0:2f:27:95:66:e1:74:92:
cb:e3:47:08:08:bc:61:d1:fc:3a:31:c1:e5:8c:51:
71:73:94:1a:4f:d4:5f:85:a6:6e:fa:34:56:e1:dc:
57:5d:36:8e:9a:9e:cc:97:7a:89:26:46:a1:61:37:
0b:c7:f0:25:bb:33:7d:52:ee:97:29:8f:70:dc:f6:
d8:9e:fc:4f:69:3a:34:d0:86:ba:41:6c:b6:a8:75:
c0:b8:67:5e:c4:79:dc:ba:e6:b8:15:0b:1e:db:96:
ef:00:33:4e:28:19:e1:23:e2:30:5e:d3:81:17:b4:
ee:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DB:0A:50:11:5B:42:4B:62:33:E1:32:74:AC:26:A6:93:28:6F:59
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/49sKUBFbQktiM-EydKwmppMob1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.144.0/24
89.252.151.0-89.252.152.255
89.252.154.0/24
95.173.182.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:ef:4d:8c:69:72:20:95:36:8e:9c:e4:99:02:c8:97:32:72:
b9:00:9d:49:26:fd:54:1d:e3:62:25:2d:8e:f9:e3:f6:bc:6d:
d8:ac:c3:cf:bb:a3:09:81:5f:97:ea:13:01:63:7a:c3:54:5a:
b1:6c:c6:47:ce:9c:d8:6d:35:59:e4:1c:d4:93:2b:5b:92:7d:
8e:f9:cf:ff:f1:76:c0:15:00:c9:ae:c2:40:56:e5:bf:23:02:
ef:a7:93:88:fa:29:7c:da:04:2f:9a:51:84:3a:f6:b0:fa:11:
00:aa:4d:07:cf:6e:db:dc:4b:2a:56:22:7c:a2:1d:0f:18:8f:
c3:5f:d4:63:12:9f:5d:1e:a5:9c:d5:33:1e:ec:c2:e9:2c:df:
ab:a3:6e:a7:5c:c8:ac:69:26:69:72:32:20:89:e5:d9:ce:c7:
cf:66:7e:eb:01:c3:ba:90:7e:ac:22:98:81:35:2f:d8:da:98:
03:f7:1e:57:63:a7:d1:e7:b9:b6:ef:38:05:f7:5a:28:9b:ee:
3e:94:13:74:00:06:53:fb:05:11:50:17:89:fd:8e:7d:d7:6d:
28:fb:23:c4:23:91:96:da:53:55:27:76:4c:ae:35:1b:c6:ab:
a6:25:0e:ae:19:32:3f:b1:da:23:c7:a7:96:e6:5c:bd:1d:64:
3e:9d:13:59
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEEI+NRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NWU0YWVkM2VmNzJiZWUzMTQxNjYwZDExNDllMTZkMDc5MjA1ZjNjMB4XDTIyMDEw
MTEwMDIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTNkYjBhNTAxMTVi
NDI0YjYyMzNlMTMyNzRhYzI2YTY5MzI4NmY1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4v3C7h3yhAF6YYnbp2RDJqj3sjfWX5aYzP5Qzv4fuX9haE
sJmd+2ZD40ZlVqzihIePZZIfBHE+R6mBjsraIzXLiUTcccXYamV18m0xE8VkueNq
Ap6egNeqUkq1+l5tqEd3RhNAymC5FAkvWgH6IyTT1ULbnXoW/U/4kiq85f6ELgJl
Nsl+1lStXmQzutAvJ5Vm4XSSy+NHCAi8YdH8OjHB5YxRcXOUGk/UX4Wmbvo0VuHc
V102jpqezJd6iSZGoWE3C8fwJbszfVLulymPcNz22J78T2k6NNCGukFstqh1wLhn
XsR53LrmuBULHtuW7wAzTigZ4SPiMF7TgRe07sECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTj2wpQEVtCS2Iz4TJ0rCamkyhvWTAfBgNVHSMEGDAWgBQl5K7T73K+4xQW
YNEUnhbQeSBfPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0plU3UwLTl5dnVNVUZtRFJGSjRXMEhrZ1h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjMzNmQwLTk0OTQtNDZkMy05ODYxLWVkM2UzOGY5NTc3Zi8x
LzQ5c0tVQkZiUWt0aU0tRXlkS3dtcHBNb2Ixay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjMzNmQwLTk0OTQtNDZkMy05ODYxLWVkM2UzOGY5NTc3Zi8xL0plU3UwLTl5dnVN
VUZtRFJGSjRXMEhrZ1h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAFn8kDAMAwQAWfyXAwQAWfyYAwQA
WfyaAwQAX622MA0GCSqGSIb3DQEBCwUAA4IBAQA8702MaXIglTaOnOSZAsiXMnK5
AJ1JJv1UHeNiJS2O+eP2vG3YrMPPu6MJgV+X6hMBY3rDVFqxbMZHzpzYbTVZ5BzU
kytbkn2O+c//8XbAFQDJrsJAVuW/IwLvp5OI+il82gQvmlGEOvaw+hEAqk0Hz27b
3EsqViJ8oh0PGI/DX9RjEp9dHqWc1TMe7MLpLN+ro26nXMisaSZpcjIgieXZzsfP
Zn7rAcO6kH6sIpiBNS/Y2pgD9x5XY6fR57m27zgF91oom+4+lBN0AAZT+wURUBeJ
/Y59120o+yPEI5GW2lNVJ3ZMrjUbxqumJQ6uGTI/sdojx6eW5ly9HWQ+nRNZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:51 2024 by rpki-client on console-fra.rpki-client.org