Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/4YqSR2F2QkM797eyl7DWqxP1DUQ.roa
File: 4YqSR2F2QkM797eyl7DWqxP1DUQ.roa (raw, json)
Hash identifier: oZ3reKwqQSujWNXEWRCOeKWuLRGD8JAkoCUI5O0JRlo=
Subject key identifier: E1:8A:92:47:61:76:42:43:3B:F7:B7:B2:97:B0:D6:AB:13:F5:0D:44
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 05DCE978
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/4YqSR2F2QkM797eyl7DWqxP1DUQ.roa
Signing time: Thu 10 Feb 2022 13:08:01 +0000
ROA not before: Thu 10 Feb 2022 13:08:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 93.152.207.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98363768 (0x5dce978)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 10 13:08:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e18a9247617642433bf7b7b297b0d6ab13f50d44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a3:6d:7f:8b:cb:ea:d1:80:e2:3e:05:24:2e:
f9:c5:a4:50:9b:e4:26:ce:46:8a:ed:8f:b5:de:42:
29:dc:78:44:41:48:63:e0:8c:1c:91:4d:ee:3b:9e:
62:cd:6f:e9:aa:f8:8f:30:40:0f:56:0a:ab:81:b7:
84:b5:97:68:23:86:74:1e:49:59:df:60:02:29:b2:
67:7d:e7:c2:17:92:62:4a:7a:f2:d8:17:70:2f:e1:
7b:58:64:fb:34:32:fb:11:d2:e6:25:7e:44:59:d1:
8b:99:04:9f:14:74:1a:d2:34:23:80:b3:36:0c:2f:
ed:70:60:86:04:23:d3:b4:85:9c:dc:67:77:61:0a:
b7:4e:89:d9:6d:95:d6:74:07:90:f5:ca:6a:84:ff:
1a:7f:1d:28:6a:66:ef:0c:a3:2a:2f:f3:d9:2d:2d:
9e:a8:01:ae:ef:e9:89:85:fa:e1:19:25:a6:9a:3c:
c2:f5:cb:e6:99:6e:c2:c6:57:7d:7d:6d:ee:74:71:
fe:fb:b4:f2:4f:07:8f:b8:36:53:65:59:33:5e:92:
c6:f4:68:6a:86:49:f9:94:7f:3c:90:e9:ab:42:d2:
c0:5a:75:dd:36:a7:4e:be:3d:a1:0a:06:ed:08:39:
85:e4:a3:22:9b:f4:73:87:db:b9:15:38:ef:0f:c5:
9c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:8A:92:47:61:76:42:43:3B:F7:B7:B2:97:B0:D6:AB:13:F5:0D:44
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/4YqSR2F2QkM797eyl7DWqxP1DUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.207.0/24
93.152.211.0/24
93.152.217.0/24
93.152.219.0/24
93.152.222.0/24
94.190.195.0/24
212.102.105.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:0d:a1:54:05:b5:8e:1e:a0:57:06:d7:36:5d:50:6a:fa:d3:
b1:97:69:00:f7:88:2d:80:e8:8b:db:5a:33:75:81:23:0c:27:
77:bd:f5:87:4d:b3:64:8f:d1:6f:57:9e:9a:bb:cb:fa:4d:d4:
52:f8:e5:95:96:11:c9:75:5d:e4:0e:0c:0d:e0:fc:dc:2c:de:
d4:94:11:b0:6d:56:05:d6:80:25:3b:e1:2b:c7:14:ad:5c:aa:
a4:41:ac:b8:e0:be:92:95:96:71:5e:98:08:d5:46:33:ea:65:
66:81:32:b0:88:86:25:75:ce:3d:87:7a:1b:ba:20:e0:dc:56:
40:d4:60:2d:87:d4:70:0d:4c:c0:63:89:6e:cf:f9:3e:25:40:
34:ae:cf:a1:3d:bd:b2:2e:c8:01:99:d7:45:5d:13:84:0d:87:
d7:1c:69:df:10:01:ef:f1:af:16:c4:a3:52:67:0d:fc:46:f0:
3b:55:42:b7:de:52:0e:0e:bf:51:27:31:14:6f:cd:5e:31:07:
9b:d7:16:61:ec:b4:ae:51:31:7d:c7:1b:7f:19:b5:af:45:24:
c4:5e:1e:0a:3a:fb:f9:f3:9b:f2:e6:95:24:e9:40:26:0f:47:
ac:0d:a6:36:15:eb:cc:91:a2:d1:97:a2:cb:7e:e4:09:e3:e5:
4f:48:99:23
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEBdzpeDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDIx
MDEzMDgwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE4YTkyNDc2MTc2
NDI0MzNiZjdiN2IyOTdiMGQ2YWIxM2Y1MGQ0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6jbX+Ly+rRgOI+BSQu+cWkUJvkJs5Giu2Ptd5CKdx4REFI
Y+CMHJFN7jueYs1v6ar4jzBAD1YKq4G3hLWXaCOGdB5JWd9gAimyZ33nwheSYkp6
8tgXcC/he1hk+zQy+xHS5iV+RFnRi5kEnxR0GtI0I4CzNgwv7XBghgQj07SFnNxn
d2EKt06J2W2V1nQHkPXKaoT/Gn8dKGpm7wyjKi/z2S0tnqgBru/piYX64Rklppo8
wvXL5pluwsZXfX1t7nRx/vu08k8Hj7g2U2VZM16SxvRoaoZJ+ZR/PJDpq0LSwFp1
3TanTr49oQoG7Qg5heSjIpv0c4fbuRU47w/FnMcCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBThipJHYXZCQzv3t7KXsNarE/UNRDAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
LzRZcVNSMkYyUWtNNzk3ZXlsN0RXcXhQMURVUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAF2YzwMEAF2Y0wMEAF2Y2QMEAF2Y
2wMEAF2Y3gMEAF6+wwMEANRmaTANBgkqhkiG9w0BAQsFAAOCAQEApw2hVAW1jh6g
VwbXNl1QavrTsZdpAPeILYDoi9taM3WBIwwnd731h02zZI/Rb1eemrvL+k3UUvjl
lZYRyXVd5A4MDeD83Cze1JQRsG1WBdaAJTvhK8cUrVyqpEGsuOC+kpWWcV6YCNVG
M+plZoEysIiGJXXOPYd6G7og4NxWQNRgLYfUcA1MwGOJbs/5PiVANK7PoT29si7I
AZnXRV0ThA2H1xxp3xAB7/GvFsSjUmcN/EbwO1VCt95SDg6/UScxFG/NXjEHm9cW
Yey0rlExfccbfxm1r0UkxF4eCjr7+fOb8uaVJOlAJg9HrA2mNhXrzJGi0Zeiy37k
CePlT0iZIw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:58 2023 by rpki-client on console-ams.rpki-client.org