Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/8LgDkiVXRtHoksGmZD-Mr_URybk.roa
File: 8LgDkiVXRtHoksGmZD-Mr_URybk.roa (raw, json)
Hash identifier: 68H9ibkWjcynXBeKBb1VSnGLSinFzPdywSNshjL1J4M=
Subject key identifier: F0:B8:03:92:25:57:46:D1:E8:92:C1:A6:64:3F:8C:AF:F5:11:C9:B9
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 0184379C71DA32E21512F030280D25556098
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/8LgDkiVXRtHoksGmZD-Mr_URybk.roa
Signing time: Wed 02 Nov 2022 09:11:50 +0000
ROA not before: Wed 02 Nov 2022 09:11:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42571
IP address blocks: 94.250.82.0/23 maxlen: 23
94.250.80.0/23 maxlen: 23
94.250.96.0/20 maxlen: 20
94.250.112.0/22 maxlen: 22
94.250.64.0/24 maxlen: 24
94.250.68.0/22 maxlen: 22
94.250.67.0/24 maxlen: 24
94.250.65.0/24 maxlen: 24
94.250.66.0/24 maxlen: 24
94.250.72.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:37:9c:71:da:32:e2:15:12:f0:30:28:0d:25:55:60:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Nov 2 09:11:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0b80392255746d1e892c1a6643f8caff511c9b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bc:47:74:0f:6d:dc:ee:a4:3f:9c:f0:88:73:
5b:ba:f1:ec:dc:94:be:02:5a:02:99:c6:a1:bd:4e:
42:88:b3:f2:2b:d9:d3:18:d2:d4:4d:3a:7c:2c:a6:
2b:aa:fb:0e:2d:cb:35:8f:a1:a0:06:df:c4:94:53:
fa:0f:c2:ca:dc:a1:c1:73:c2:fb:75:94:e4:66:c0:
b5:20:d5:19:4d:2d:3b:de:e3:07:c0:f1:34:6a:51:
c6:67:43:cb:5b:eb:81:45:3d:39:2d:a0:7d:d7:8d:
d6:b9:00:72:5a:f1:5d:c1:41:ba:a2:18:75:74:20:
b2:09:a1:64:53:da:76:8f:bc:d1:97:67:5c:23:81:
81:c3:a4:e1:6f:55:89:65:95:33:30:52:a8:5b:cc:
d7:13:cd:32:46:fd:7e:77:be:21:87:29:b0:69:4e:
46:bd:ca:54:a3:c8:23:54:98:3f:2e:08:bf:4d:b5:
66:d5:15:2f:a1:04:58:db:a1:fb:52:84:a5:44:11:
68:bb:a0:1b:93:96:12:1e:33:67:64:70:1e:f9:6a:
ac:7a:30:42:07:a9:78:2f:d8:6b:0f:44:c1:9f:5c:
de:23:0f:3e:e3:12:6d:25:1a:f5:29:14:fa:09:bd:
c6:6a:72:50:31:a7:62:d4:47:e8:e0:4d:3d:fa:19:
f3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B8:03:92:25:57:46:D1:E8:92:C1:A6:64:3F:8C:AF:F5:11:C9:B9
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/8LgDkiVXRtHoksGmZD-Mr_URybk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.64.0-94.250.83.255
94.250.96.0-94.250.115.255
Signature Algorithm: sha256WithRSAEncryption
28:a8:5c:49:ce:26:4f:ab:29:8b:e1:19:ad:39:d0:52:78:49:
db:6b:7f:6c:2d:e6:d8:31:70:a3:9f:28:40:81:15:8d:5d:37:
bb:09:03:6c:9a:8a:18:43:21:d5:f3:28:ba:43:6f:bc:33:17:
16:ed:08:33:66:44:89:1d:77:99:57:c6:56:f9:f7:61:69:86:
1e:04:f8:0e:c0:c4:e9:e1:e5:32:ca:1f:ed:64:93:3d:ad:0b:
4f:c1:26:6f:db:8e:f0:88:fe:01:51:10:24:e7:17:cb:7b:e4:
86:ec:7e:80:c8:95:1e:08:9f:5d:d2:da:99:f7:af:f4:6e:f2:
ca:86:82:2f:cd:ca:b3:9b:43:4d:bc:2a:9b:f7:c6:b0:4d:ea:
de:eb:23:73:ca:7d:56:49:71:68:92:a8:ef:95:a3:ad:e7:a4:
5a:06:e3:d5:a9:51:e0:34:52:4e:47:07:b1:fd:db:3e:e5:0f:
6c:69:ff:a2:f2:a2:f4:45:80:99:14:a4:a7:e2:4a:ab:8b:77:
d1:64:99:76:b5:bf:e8:c0:8b:d0:16:c3:6e:9b:9b:57:39:95:
4c:0a:79:cc:4c:af:2e:78:b5:3f:e3:b4:28:7d:9c:78:f1:29:
11:40:53:f0:f7:36:42:4a:d5:12:06:3e:f1:2b:63:42:64:57:
e6:98:26:8e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYQ3nHHaMuIVEvAwKA0lVWCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjIxMTAyMDkxMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGI4MDM5MjI1NTc0NmQxZTg5MmMxYTY2NDNmOGNhZmY1MTFjOWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLxHdA9t3O6kP5zwiHNbuvHs3JS+
AloCmcahvU5CiLPyK9nTGNLUTTp8LKYrqvsOLcs1j6GgBt/ElFP6D8LK3KHBc8L7
dZTkZsC1INUZTS073uMHwPE0alHGZ0PLW+uBRT05LaB9143WuQByWvFdwUG6ohh1
dCCyCaFkU9p2j7zRl2dcI4GBw6Thb1WJZZUzMFKoW8zXE80yRv1+d74hhymwaU5G
vcpUo8gjVJg/Lgi/TbVm1RUvoQRY26H7UoSlRBFou6Abk5YSHjNnZHAe+WqsejBC
B6l4L9hrD0TBn1zeIw8+4xJtJRr1KRT6Cb3GanJQMadi1Efo4E09+hnzpQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPC4A5IlV0bR6JLBpmQ/jK/1Ecm5MB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvOExnRGtpVlhSdEhva3NHbVpELU1yX1VSeWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAZe+kAD
BAJe+lAwDAMEBV76YAMEAl76cDANBgkqhkiG9w0BAQsFAAOCAQEAKKhcSc4mT6sp
i+EZrTnQUnhJ22t/bC3m2DFwo58oQIEVjV03uwkDbJqKGEMh1fMoukNvvDMXFu0I
M2ZEiR13mVfGVvn3YWmGHgT4DsDE6eHlMsof7WSTPa0LT8Emb9uO8Ij+AVEQJOcX
y3vkhux+gMiVHgifXdLamfev9G7yyoaCL83Ks5tDTbwqm/fGsE3q3usjc8p9Vklx
aJKo75WjreekWgbj1alR4DRSTkcHsf3bPuUPbGn/ovKi9EWAmRSkp+JKq4t30WSZ
drW/6MCL0BbDbpubVzmVTAp5zEyvLni1P+O0KH2cePEpEUBT8Pc2QkrVEgY+8Stj
QmRX5pgmjg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:40 2023 by rpki-client on console.sobornost.net