Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/zFd8Whur3wMGExOB6uriv-n-rq4.roa
File: zFd8Whur3wMGExOB6uriv-n-rq4.roa (raw, json)
Hash identifier: a3Jmv/VOO8EF2fvcIrqiSj1X9yxYcFlrPeH8LrI20f8=
Subject key identifier: CC:57:7C:5A:1B:AB:DF:03:06:13:13:81:EA:EA:E2:BF:E9:FE:AE:AE
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 1AFFB69C
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/zFd8Whur3wMGExOB6uriv-n-rq4.roa
Signing time: Sat 01 Jan 2022 13:05:43 +0000
ROA not before: Sat 01 Jan 2022 13:05:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47798
IP address blocks: 89.3.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 452966044 (0x1affb69c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 13:05:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc577c5a1babdf0306131381eaeae2bfe9feaeae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a0:a7:6e:b3:f2:d9:c6:e6:e3:4f:83:92:aa:
64:77:d0:2f:9f:ee:60:26:44:ae:48:07:7d:2b:66:
76:9d:de:bd:c0:7f:fb:10:85:18:5e:60:d2:b8:c7:
52:b4:27:05:87:ed:b9:18:24:38:c3:5e:67:a4:12:
78:32:a1:1c:b1:37:06:e9:a7:c4:7e:fa:79:a6:cb:
cf:cd:ff:ef:98:2a:bb:19:24:02:f6:e0:6a:9c:6e:
64:34:29:39:ca:20:11:9d:2e:3a:35:15:cf:85:84:
46:71:99:29:e2:c9:64:02:e4:46:0e:bc:81:90:b0:
61:1d:11:b6:5a:00:0e:e1:a2:a6:e2:ab:99:f5:15:
36:b0:ec:f4:42:80:b5:d1:32:ec:d6:53:fd:5a:b8:
0f:e2:45:38:6c:81:dd:20:78:24:38:1a:ba:ed:a3:
27:7b:c0:15:f8:f9:5b:fa:22:91:51:1e:d6:d9:5a:
73:fa:3a:e7:3a:57:c4:db:86:b0:51:59:70:90:f6:
b2:e7:ed:51:2a:fb:91:db:3e:3c:fa:d5:71:2b:a9:
d9:2d:ce:56:e0:bd:1b:c2:d8:87:15:8f:fd:0b:23:
17:50:58:56:74:93:da:ab:4c:aa:d5:10:f8:7f:7f:
18:b4:d7:9b:8c:93:90:d7:f8:9d:66:4a:fe:e3:db:
3d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:57:7C:5A:1B:AB:DF:03:06:13:13:81:EA:EA:E2:BF:E9:FE:AE:AE
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/zFd8Whur3wMGExOB6uriv-n-rq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.3.240.0/20
Signature Algorithm: sha256WithRSAEncryption
65:0e:63:a1:ad:fa:65:53:67:40:cb:15:92:6a:d2:37:e5:4e:
cd:a5:09:2a:a3:b0:d2:f6:89:2c:86:6c:03:8a:31:3f:83:5e:
b6:d6:d7:63:b0:ae:e4:bc:0e:91:a3:35:d0:54:0e:d2:0d:b4:
b2:f7:a7:16:df:ae:d7:9a:e5:7b:7c:d8:e8:8f:92:2c:90:f3:
38:98:56:8f:22:63:23:54:17:aa:ef:a5:83:9d:f7:72:80:4f:
40:7a:4c:52:c8:61:37:3e:aa:39:51:1d:c1:de:a7:72:91:d4:
bb:82:d8:da:63:f4:02:94:8d:e5:87:40:ac:2c:c3:72:45:b7:
e1:08:5e:e9:4a:19:e2:be:46:1c:f1:79:b5:08:88:75:5c:7e:
c0:f1:80:45:b3:9c:2c:89:50:4e:a1:fd:72:2e:b2:0c:e2:17:
9c:14:b7:4b:66:bb:80:4b:ff:f8:d6:6a:d4:fe:f9:05:77:bc:
1e:f7:6b:ff:13:d1:25:5d:6a:65:76:22:e5:29:53:17:19:20:
af:c0:81:43:3b:ff:53:87:01:aa:28:18:23:85:41:9e:46:0b:
c6:26:53:c6:35:e9:68:3c:6d:b7:3d:b1:3a:3a:92:f1:a7:74:
bd:c0:e4:d8:53:24:8b:cc:9b:fc:9f:61:69:d5:c9:94:40:1b:
70:8f:0e:89
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGv+2nDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGVmNWZiYmZjYTdhOTNjZmVlOTY1ZWViNmJkZWU2ZmI0M2M0MDNlMB4XDTIyMDEw
MTEzMDU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoY2M1NzdjNWExYmFi
ZGYwMzA2MTMxMzgxZWFlYWUyYmZlOWZlYWVhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+gp26z8tnG5uNPg5KqZHfQL5/uYCZErkgHfStmdp3evcB/
+xCFGF5g0rjHUrQnBYftuRgkOMNeZ6QSeDKhHLE3BumnxH76eabLz83/75gquxkk
AvbgapxuZDQpOcogEZ0uOjUVz4WERnGZKeLJZALkRg68gZCwYR0RtloADuGipuKr
mfUVNrDs9EKAtdEy7NZT/Vq4D+JFOGyB3SB4JDgauu2jJ3vAFfj5W/oikVEe1tla
c/o65zpXxNuGsFFZcJD2suftUSr7kds+PPrVcSup2S3OVuC9G8LYhxWP/QsjF1BY
VnST2qtMqtUQ+H9/GLTXm4yTkNf4nWZK/uPbPY8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTMV3xaG6vfAwYTE4Hq6uK/6f6urjAfBgNVHSMEGDAWgBSg71+7/KepPP7p
Ze62ve5vtDxAPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29POWZ1X3lucVR6LTZXWHV0cjN1YjdROFFENC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvZmU5MTVjLWJmNzAtNDYwMi04YTNjLTAyOTJiMDIwMTUwYS8x
L3pGZDhXaHVyM3dNR0V4T0I2dXJpdi1uLXJxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
ZmU5MTVjLWJmNzAtNDYwMi04YTNjLTAyOTJiMDIwMTUwYS8xL29POWZ1X3lucVR6
LTZXWHV0cjN1YjdROFFENC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFkD8DANBgkqhkiG9w0BAQsFAAOC
AQEAZQ5joa36ZVNnQMsVkmrSN+VOzaUJKqOw0vaJLIZsA4oxP4NettbXY7Cu5LwO
kaM10FQO0g20svenFt+u15rle3zY6I+SLJDzOJhWjyJjI1QXqu+lg533coBPQHpM
UshhNz6qOVEdwd6ncpHUu4LY2mP0ApSN5YdArCzDckW34Qhe6UoZ4r5GHPF5tQiI
dVx+wPGARbOcLIlQTqH9ci6yDOIXnBS3S2a7gEv/+NZq1P75BXe8Hvdr/xPRJV1q
ZXYi5SlTFxkgr8CBQzv/U4cBqigYI4VBnkYLxiZTxjXpaDxttz2xOjqS8ad0vcDk
2FMki8yb/J9hadXJlEAbcI8OiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:55 2024 by rpki-client on console-fra.rpki-client.org