Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/b429aa-0461-4136-90cd-52a7b925b224/1/xfr2ZmACJFu9YGotnX59LBNCDw0.roa
File: xfr2ZmACJFu9YGotnX59LBNCDw0.roa (raw, json)
Hash identifier: 6HV9yLhnfxyPdbCJWUB0QKiYDprHG3TZtakIgxyn5X0=
Subject key identifier: C5:FA:F6:66:60:02:24:5B:BD:60:6A:2D:9D:7E:7D:2C:13:42:0F:0D
Certificate issuer: /CN=04e604a45677be77313969ad17aec69ce97c43ce
Certificate serial: 054F7B88
Authority key identifier: 04:E6:04:A4:56:77:BE:77:31:39:69:AD:17:AE:C6:9C:E9:7C:43:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BOYEpFZ3vncxOWmtF67GnOl8Q84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/b429aa-0461-4136-90cd-52a7b925b224/1/xfr2ZmACJFu9YGotnX59LBNCDw0.roa
Signing time: Sat 01 Jan 2022 11:57:30 +0000
ROA not before: Sat 01 Jan 2022 11:57:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59767
IP address blocks: 212.89.32.0/20 maxlen: 20
45.135.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89095048 (0x54f7b88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04e604a45677be77313969ad17aec69ce97c43ce
Validity
Not Before: Jan 1 11:57:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5faf6666002245bbd606a2d9d7e7d2c13420f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f4:4f:87:a4:cb:d3:2d:e1:b1:2c:8f:bf:8d:
2f:5a:02:62:45:f6:bc:09:63:1f:e0:c6:be:cb:b2:
bc:ff:d8:c0:2e:9c:4c:52:22:bb:fe:d2:92:aa:52:
fa:90:c0:12:08:ad:c1:e7:ab:4f:b3:a9:53:4a:4e:
3c:82:c6:88:b8:20:03:32:64:59:b8:1c:3d:6b:59:
96:93:af:6a:ba:80:33:64:1b:cf:70:84:7a:a6:3c:
73:27:81:16:10:ca:02:2b:0a:f4:3f:fa:4f:c7:f0:
27:87:57:32:e0:7b:0f:6b:f6:53:4d:d8:61:11:6a:
da:68:2b:68:fa:ca:dd:0a:e1:f1:ea:55:c5:02:fc:
f0:39:fe:e8:06:a6:39:21:3d:65:d4:2b:31:66:98:
f6:8b:15:dc:aa:bb:66:53:34:0f:43:48:97:57:06:
6e:cf:9e:b1:9e:f4:c9:75:ac:cd:01:e1:02:2a:6c:
fc:8f:82:b9:89:02:0f:0a:04:e9:62:eb:8f:c8:5c:
86:e6:9f:dd:88:c6:b6:bd:0f:35:b5:6e:a7:14:c1:
7f:28:ed:f0:1a:94:3a:0e:e5:84:a8:66:59:6e:01:
36:1f:f7:0a:70:e3:37:c2:9a:f0:8e:a4:fc:9e:fc:
02:3e:f3:08:d2:24:5f:57:7c:23:a7:11:dd:8e:1d:
7f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FA:F6:66:60:02:24:5B:BD:60:6A:2D:9D:7E:7D:2C:13:42:0F:0D
X509v3 Authority Key Identifier:
keyid:04:E6:04:A4:56:77:BE:77:31:39:69:AD:17:AE:C6:9C:E9:7C:43:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BOYEpFZ3vncxOWmtF67GnOl8Q84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b429aa-0461-4136-90cd-52a7b925b224/1/xfr2ZmACJFu9YGotnX59LBNCDw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/b429aa-0461-4136-90cd-52a7b925b224/1/BOYEpFZ3vncxOWmtF67GnOl8Q84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.156.0/22
212.89.32.0/20
Signature Algorithm: sha256WithRSAEncryption
74:c8:37:42:8c:af:8a:ae:fb:ea:da:d1:1a:f6:e2:71:f2:b7:
08:71:92:7a:44:80:79:42:fb:0a:cb:69:22:df:73:6c:35:89:
de:20:df:e5:ed:a8:9f:84:d4:ad:b0:a5:a3:37:4e:16:dd:75:
1f:67:a4:46:0d:b2:57:88:f9:46:2f:74:09:37:0c:da:85:f1:
e0:e4:ff:e8:83:6c:0c:15:01:46:69:8b:56:cb:93:99:29:d0:
e2:dc:27:2d:14:b2:21:a0:f8:15:59:23:f2:d6:1e:0c:4d:ed:
b4:3e:58:79:47:c0:c0:68:47:f6:88:22:12:d8:94:e8:d7:39:
a6:3a:1d:16:d2:6f:be:ac:fd:84:c1:1b:1a:4b:28:a3:49:c7:
a0:11:e3:28:1f:af:61:29:61:ea:f3:b2:0f:c6:f9:d4:ba:b4:
7b:15:a1:3e:7f:d0:6e:f6:be:56:eb:ca:bb:d9:ae:0f:67:e8:
2f:53:52:93:e5:fd:3c:06:93:70:d1:67:f1:e0:73:0f:0d:03:
b4:d6:7b:53:dd:08:46:86:9d:ea:88:3f:c2:a1:ea:b7:3f:c4:
de:55:d2:93:e3:0a:49:62:01:61:b4:4c:4c:92:cb:01:54:9c:
38:23:d6:66:ae:06:3b:5f:86:2c:18:b7:25:2d:ce:41:0b:ef:
80:ba:c9:40
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBU97iDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGU2MDRhNDU2NzdiZTc3MzEzOTY5YWQxN2FlYzY5Y2U5N2M0M2NlMB4XDTIyMDEw
MTExNTczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVmYWY2NjY2MDAy
MjQ1YmJkNjA2YTJkOWQ3ZTdkMmMxMzQyMGYwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJb0T4eky9Mt4bEsj7+NL1oCYkX2vAljH+DGvsuyvP/YwC6c
TFIiu/7SkqpS+pDAEgitweerT7OpU0pOPILGiLggAzJkWbgcPWtZlpOvarqAM2Qb
z3CEeqY8cyeBFhDKAisK9D/6T8fwJ4dXMuB7D2v2U03YYRFq2mgraPrK3Qrh8epV
xQL88Dn+6AamOSE9ZdQrMWaY9osV3Kq7ZlM0D0NIl1cGbs+esZ70yXWszQHhAips
/I+CuYkCDwoE6WLrj8hchuaf3YjGtr0PNbVupxTBfyjt8BqUOg7lhKhmWW4BNh/3
CnDjN8Ka8I6k/J78Aj7zCNIkX1d8I6cR3Y4df1kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTF+vZmYAIkW71gai2dfn0sE0IPDTAfBgNVHSMEGDAWgBQE5gSkVne+dzE5
aa0Xrsac6XxDzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JPWUVwRlozdm5jeE9XbXRGNjdHbk9sOFE4NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvYjQyOWFhLTA0NjEtNDEzNi05MGNkLTUyYTdiOTI1YjIyNC8x
L3hmcjJabUFDSkZ1OVlHb3RuWDU5TEJOQ0R3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
YjQyOWFhLTA0NjEtNDEzNi05MGNkLTUyYTdiOTI1YjIyNC8xL0JPWUVwRlozdm5j
eE9XbXRGNjdHbk9sOFE4NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAi2HnAMEBNRZIDANBgkqhkiG9w0B
AQsFAAOCAQEAdMg3Qoyviq776trRGvbicfK3CHGSekSAeUL7CstpIt9zbDWJ3iDf
5e2on4TUrbClozdOFt11H2ekRg2yV4j5Ri90CTcM2oXx4OT/6INsDBUBRmmLVsuT
mSnQ4twnLRSyIaD4FVkj8tYeDE3ttD5YeUfAwGhH9ogiEtiU6Nc5pjodFtJvvqz9
hMEbGksoo0nHoBHjKB+vYSlh6vOyD8b51Lq0exWhPn/Qbva+VuvKu9muD2foL1NS
k+X9PAaTcNFn8eBzDw0DtNZ7U90IRoad6og/wqHqtz/E3lXSk+MKSWIBYbRMTJLL
AVScOCPWZq4GO1+GLBi3JS3OQQvvgLrJQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:36 2024 by rpki-client on console-ams.rpki-client.org