Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/3XyF1XhuxCxRg0XN_HoKHefDZIY.roa
File: 3XyF1XhuxCxRg0XN_HoKHefDZIY.roa (raw, json)
Hash identifier: WkwkkZpBTMUlGtqR4oZ8IdceqP/MyZTP8Hz0F9hrLwA=
Subject key identifier: DD:7C:85:D5:78:6E:C4:2C:51:83:45:CD:FC:7A:0A:1D:E7:C3:64:86
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 01846B8CD7E1EA99F0A55750E8B3EA2B65B9
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/3XyF1XhuxCxRg0XN_HoKHefDZIY.roa
Signing time: Sat 12 Nov 2022 11:15:02 +0000
ROA not before: Sat 12 Nov 2022 11:15:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12679
IP address blocks: 45.151.98.0/24 maxlen: 24
45.151.97.0/24 maxlen: 24
94.137.72.0/24 maxlen: 24
94.137.74.0/24 maxlen: 24
94.137.90.0/24 maxlen: 24
94.137.89.0/24 maxlen: 24
94.137.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6b:8c:d7:e1:ea:99:f0:a5:57:50:e8:b3:ea:2b:65:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Nov 12 11:15:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd7c85d5786ec42c518345cdfc7a0a1de7c36486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:db:ae:4c:34:63:e8:c6:e2:43:5f:e1:f9:0b:
64:34:a1:12:e4:d1:e9:50:57:8c:10:31:e4:b3:ce:
d2:49:b5:82:6b:57:c8:3e:22:f5:83:91:27:cc:a5:
76:98:25:44:75:26:b1:5e:2b:92:05:87:75:64:63:
de:6d:1b:d9:20:b4:c3:48:f8:73:5f:7a:54:39:86:
a3:d0:67:e9:a2:89:59:03:be:76:37:1f:ca:3d:49:
0f:75:19:42:4a:c6:dc:dc:c3:9c:0d:13:e1:e6:01:
59:48:de:53:31:a5:df:03:93:c6:82:42:ec:5f:b2:
60:fd:b5:f6:7d:79:6a:e3:53:cd:d0:3d:4d:1e:02:
a1:6b:82:65:bc:be:53:63:3e:98:bb:c8:29:65:3b:
aa:df:31:e6:58:84:a4:b5:c6:ce:76:f9:a4:6e:70:
f4:bf:d5:49:fa:e7:fd:db:57:95:11:47:c9:f4:c5:
d3:a4:6c:78:1f:d4:38:bd:59:1e:92:b6:74:46:a7:
18:33:ac:30:8b:57:89:2e:bc:0c:e4:7e:0c:b6:47:
e8:3b:89:f7:c0:c7:c1:83:49:b3:f3:e1:c3:90:9a:
43:6c:75:5b:79:b2:ac:d6:a1:de:c3:e5:a7:85:fb:
98:99:44:ea:35:43:62:39:90:5b:5e:81:7c:25:de:
03:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:7C:85:D5:78:6E:C4:2C:51:83:45:CD:FC:7A:0A:1D:E7:C3:64:86
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/3XyF1XhuxCxRg0XN_HoKHefDZIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.97.0-45.151.98.255
94.137.72.0/24
94.137.74.0/24
94.137.89.0-94.137.90.255
94.137.93.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:fb:50:a3:cd:f1:c9:a7:ca:f9:09:59:74:fa:a5:01:8d:1d:
e9:3c:53:32:bf:31:b3:0e:e5:20:da:7b:28:67:9c:c6:fa:66:
37:5a:45:0f:45:12:79:fb:30:b8:e5:43:d9:f5:c6:a3:11:64:
e9:91:cc:3f:5b:ba:c0:f6:53:fd:26:45:4d:e2:0e:38:23:77:
b3:98:fa:a3:64:63:2a:81:15:fe:ab:6e:ab:b7:7a:43:49:2d:
c0:23:0b:af:71:27:b4:07:7b:5d:fe:09:ab:40:d3:44:f2:18:
c8:23:07:6e:da:5e:44:4a:af:5f:dd:73:e7:bf:d0:f6:f0:03:
51:b7:e9:5b:4a:50:ff:93:38:2f:e6:7b:ff:f4:dc:7f:b8:95:
66:19:f5:4b:31:b3:a7:d6:df:c1:e8:ce:66:f6:a8:e5:fa:de:
fc:56:72:f2:ac:dd:0f:00:c8:7d:a7:e9:91:05:97:6f:73:42:
3f:72:62:b3:20:38:d9:de:c7:5e:8f:e2:27:38:87:28:12:62:
65:1c:2f:e6:ed:1f:14:26:b1:e9:13:54:dd:fc:03:f3:24:95:
bf:79:a2:dc:35:a1:6c:8f:33:27:01:a5:ac:b4:a3:9c:67:f4:
94:75:41:75:98:64:b7:01:67:f6:8a:94:26:c7:00:0c:7f:56:
e5:60:2a:a7
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYRrjNfh6pnwpVdQ6LPqK2W5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjIxMTEyMTExNTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDdjODVkNTc4NmVjNDJjNTE4MzQ1Y2RmYzdhMGExZGU3YzM2NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqduuTDRj6MbiQ1/h+QtkNKES5NHp
UFeMEDHks87SSbWCa1fIPiL1g5EnzKV2mCVEdSaxXiuSBYd1ZGPebRvZILTDSPhz
X3pUOYaj0GfpoolZA752Nx/KPUkPdRlCSsbc3MOcDRPh5gFZSN5TMaXfA5PGgkLs
X7Jg/bX2fXlq41PN0D1NHgKha4JlvL5TYz6Yu8gpZTuq3zHmWISktcbOdvmkbnD0
v9VJ+uf921eVEUfJ9MXTpGx4H9Q4vVkekrZ0RqcYM6wwi1eJLrwM5H4MtkfoO4n3
wMfBg0mz8+HDkJpDbHVbebKs1qHew+WnhfuYmUTqNUNiOZBbXoF8Jd4DpwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFN18hdV4bsQsUYNFzfx6Ch3nw2SGMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvM1h5RjFYaHV4Q3hSZzBYTl9Ib0tIZWZEWklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAAtl2ED
BAAtl2IDBABeiUgDBABeiUowDAMEAF6JWQMEAF6JWgMEAF6JXTANBgkqhkiG9w0B
AQsFAAOCAQEAT/tQo83xyafK+QlZdPqlAY0d6TxTMr8xsw7lINp7KGecxvpmN1pF
D0USefswuOVD2fXGoxFk6ZHMP1u6wPZT/SZFTeIOOCN3s5j6o2RjKoEV/qtuq7d6
Q0ktwCMLr3EntAd7Xf4Jq0DTRPIYyCMHbtpeREqvX91z57/Q9vADUbfpW0pQ/5M4
L+Z7//Tcf7iVZhn1SzGzp9bfwejOZvao5fre/FZy8qzdDwDIfafpkQWXb3NCP3Ji
syA42d7HXo/iJziHKBJiZRwv5u0fFCax6RNU3fwD8ySVv3mi3DWhbI8zJwGlrLSj
nGf0lHVBdZhktwFn9oqUJscADH9W5WAqpw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:57 2023 by rpki-client on console.sobornost.net