Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/ZYvWd_WXdRjjyF_Ke7qam64mK-k.roa
File: ZYvWd_WXdRjjyF_Ke7qam64mK-k.roa (raw, json)
Hash identifier: wflSgL9puSi6yWhSPU2cQ2px5KAbL/ZjZGYUVLuKfB0=
Subject key identifier: 65:8B:D6:77:F5:97:75:18:E3:C8:5F:CA:7B:BA:9A:9B:AE:26:2B:E9
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 1AFDEF14
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/ZYvWd_WXdRjjyF_Ke7qam64mK-k.roa
Signing time: Sat 01 Jan 2022 13:05:42 +0000
ROA not before: Sat 01 Jan 2022 13:05:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21502
IP address blocks: 89.157.88.0/21 maxlen: 21
89.157.96.0/19 maxlen: 19
2a00:6200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 452849428 (0x1afdef14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 13:05:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=658bd677f5977518e3c85fca7bba9a9bae262be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:9a:f3:70:96:69:e0:12:a7:29:c1:83:c3:5d:
b3:a5:18:fb:39:9e:4e:1f:c5:f6:df:23:9d:19:b0:
63:9b:81:f0:0d:93:15:8c:19:1c:cb:cd:24:49:25:
69:8b:e3:f4:d8:ce:9b:2a:74:cd:ef:42:75:39:94:
88:7a:ff:48:9e:dd:ba:e4:6d:b4:05:7d:47:f7:f9:
02:9d:eb:00:04:43:af:30:7d:86:c3:27:fd:bd:60:
20:c5:47:55:93:61:48:88:7f:cd:e9:e5:a1:a2:6a:
05:16:6b:bc:07:ed:12:2e:cf:c5:1e:2c:b1:1b:b2:
ac:27:9c:45:1a:75:96:d6:d9:bb:d4:bc:e8:aa:9b:
b5:a3:30:84:34:bb:3d:e5:a3:f4:54:6f:72:17:de:
c8:39:0d:2a:6b:1d:a5:0f:85:66:b0:fe:6c:8a:f4:
4c:25:9a:3e:cd:e3:99:12:22:b7:d1:44:a4:39:e5:
6c:fc:5c:57:30:7d:23:83:c1:53:53:14:e1:a3:4a:
24:8c:7a:58:bb:40:64:1d:94:21:75:6b:53:71:1b:
ed:df:69:77:0c:1a:2e:d8:71:7f:dc:e3:ba:68:81:
d0:e4:41:be:5e:95:11:12:82:41:ce:0b:2b:46:27:
31:a7:60:31:42:b6:67:b4:d6:7a:74:50:20:37:56:
05:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8B:D6:77:F5:97:75:18:E3:C8:5F:CA:7B:BA:9A:9B:AE:26:2B:E9
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/ZYvWd_WXdRjjyF_Ke7qam64mK-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.157.88.0-89.157.127.255
IPv6:
2a00:6200::/29
Signature Algorithm: sha256WithRSAEncryption
7c:a0:32:ee:ea:e4:28:80:29:e2:8e:07:6b:e5:c5:8e:9d:58:
83:04:2c:18:7f:5f:7e:a9:93:dd:9f:c7:63:5f:26:3b:d6:a7:
22:ab:f2:0b:4a:65:63:c1:42:ff:62:7f:eb:f9:f9:43:81:77:
f6:97:d5:80:d6:15:22:de:b1:59:2f:23:0d:26:98:e9:ba:39:
0b:71:c7:ed:8c:77:09:74:73:b6:82:44:cd:92:ef:38:63:f6:
ef:bf:0b:48:f2:d0:11:de:44:ca:e8:b3:e4:60:90:87:09:00:
30:f7:4e:be:16:cb:26:65:70:94:35:00:7f:34:f3:24:02:0d:
c0:c0:84:97:e2:90:d9:df:5c:cb:64:01:52:68:32:56:23:3d:
0b:e0:b9:51:c0:9a:c1:c7:35:a7:82:5b:17:00:39:6d:c0:f7:
3d:fb:47:cb:38:a3:57:eb:b9:19:c3:25:eb:b0:23:0b:ad:d6:
11:7a:de:6d:c8:86:f8:07:5b:76:28:e0:58:da:af:82:21:c9:
f6:8e:f4:78:87:79:fb:17:6a:68:88:67:4c:3a:d9:eb:8d:0f:
68:40:9b:65:35:89:3f:38:7e:a3:d1:95:85:0d:23:fa:31:70:
27:82:cc:a5:3f:b9:64:b0:1a:5e:4e:d5:e4:fa:a6:81:69:36:
29:bf:8f:76
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEGv3vFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGVmNWZiYmZjYTdhOTNjZmVlOTY1ZWViNmJkZWU2ZmI0M2M0MDNlMB4XDTIyMDEw
MTEzMDU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjU4YmQ2NzdmNTk3
NzUxOGUzYzg1ZmNhN2JiYTlhOWJhZTI2MmJlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKya83CWaeASpynBg8Nds6UY+zmeTh/F9t8jnRmwY5uB8A2T
FYwZHMvNJEklaYvj9NjOmyp0ze9CdTmUiHr/SJ7duuRttAV9R/f5Ap3rAARDrzB9
hsMn/b1gIMVHVZNhSIh/zenloaJqBRZrvAftEi7PxR4ssRuyrCecRRp1ltbZu9S8
6KqbtaMwhDS7PeWj9FRvchfeyDkNKmsdpQ+FZrD+bIr0TCWaPs3jmRIit9FEpDnl
bPxcVzB9I4PBU1MU4aNKJIx6WLtAZB2UIXVrU3Eb7d9pdwwaLthxf9zjumiB0ORB
vl6VERKCQc4LK0YnMadgMUK2Z7TWenRQIDdWBY0CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBRli9Z39Zd1GOPIX8p7upqbriYr6TAfBgNVHSMEGDAWgBSg71+7/KepPP7p
Ze62ve5vtDxAPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29POWZ1X3lucVR6LTZXWHV0cjN1YjdROFFENC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvZmU5MTVjLWJmNzAtNDYwMi04YTNjLTAyOTJiMDIwMTUwYS8x
L1pZdldkX1dYZFJqanlGX0tlN3FhbTY0bUstay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
ZmU5MTVjLWJmNzAtNDYwMi04YTNjLTAyOTJiMDIwMTUwYS8xL29POWZ1X3lucVR6
LTZXWHV0cjN1YjdROFFENC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwFAQCAAEwDjAMAwQDWZ1YAwQHWZ0AMA0EAgACMAcD
BQMqAGIAMA0GCSqGSIb3DQEBCwUAA4IBAQB8oDLu6uQogCnijgdr5cWOnViDBCwY
f19+qZPdn8djXyY71qciq/ILSmVjwUL/Yn/r+flDgXf2l9WA1hUi3rFZLyMNJpjp
ujkLccftjHcJdHO2gkTNku84Y/bvvwtI8tAR3kTK6LPkYJCHCQAw906+FssmZXCU
NQB/NPMkAg3AwISX4pDZ31zLZAFSaDJWIz0L4LlRwJrBxzWnglsXADltwPc9+0fL
OKNX67kZwyXrsCMLrdYRet5tyIb4B1t2KOBY2q+CIcn2jvR4h3n7F2poiGdMOtnr
jQ9oQJtlNYk/OH6j0ZWFDSP6MXAngsylP7lksBpeTtXk+qaBaTYpv492
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:55 2024 by rpki-client on console-fra.rpki-client.org