Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/4zxI6WVWaOotQfbz-qbNZ5Xtas0.roa
File: 4zxI6WVWaOotQfbz-qbNZ5Xtas0.roa (raw, json)
Hash identifier: DK8F5oW7SHQ0a2qg7xaHlHBZxco1VeM4JxNWUP5R3hs=
Subject key identifier: E3:3C:48:E9:65:56:68:EA:2D:41:F6:F3:FA:A6:CD:67:95:ED:6A:CD
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 059A36D4
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/4zxI6WVWaOotQfbz-qbNZ5Xtas0.roa
Signing time: Sat 01 Jan 2022 07:03:59 +0000
ROA not before: Sat 01 Jan 2022 07:03:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41573
IP address blocks: 89.40.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 93992660 (0x59a36d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 07:03:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e33c48e9655668ea2d41f6f3faa6cd6795ed6acd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b2:8b:6b:09:d6:41:d4:7f:eb:30:32:20:cb:
dc:2a:49:10:eb:03:70:52:2c:d5:3a:9c:28:9d:6d:
c2:31:e8:8e:0f:a7:75:69:15:f2:1a:74:72:2b:17:
e2:12:bf:96:08:d6:be:ff:27:dc:1b:49:24:18:5e:
67:53:5c:cd:2c:40:7b:4f:bf:eb:08:88:00:eb:05:
95:62:e4:59:aa:13:1a:e1:99:59:29:30:96:cd:1e:
b4:46:2a:8f:74:98:4f:6c:34:38:85:da:42:f2:78:
31:5d:98:f1:a7:d0:f1:cd:bb:2e:fb:ac:12:90:6e:
8e:92:8c:7f:0f:ac:51:85:53:f5:c7:3c:1c:60:9d:
c3:3b:53:ed:d3:2c:0c:ea:52:76:fe:e2:0f:81:af:
38:13:59:86:37:b4:1d:6f:c8:d7:ee:2c:a6:dd:6b:
4b:43:36:9c:58:48:19:8e:2d:f9:5d:ae:79:fd:a3:
53:73:60:d6:2e:8d:24:85:e9:9d:19:d4:ef:97:0c:
bc:4c:6b:8b:50:53:a3:90:86:52:0e:13:50:01:f7:
47:41:e9:fd:88:06:fc:a4:be:51:1f:42:1a:f0:1b:
dd:67:55:46:5d:2a:4b:9f:54:58:03:09:3c:20:92:
9f:62:dc:77:f6:80:2f:31:2d:43:23:a9:56:c5:8e:
3a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:3C:48:E9:65:56:68:EA:2D:41:F6:F3:FA:A6:CD:67:95:ED:6A:CD
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/4zxI6WVWaOotQfbz-qbNZ5Xtas0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.225.0/24
Signature Algorithm: sha256WithRSAEncryption
65:02:3f:4b:a1:a7:d3:57:12:c8:a9:fd:e5:21:99:a9:9b:d9:
76:be:0e:38:09:89:8d:1a:8d:55:64:44:cc:92:7c:f5:57:87:
f7:cb:86:da:9a:76:ca:f4:da:12:18:f4:a7:d2:a4:64:52:c5:
36:a1:4d:4b:0d:1f:f6:df:b3:3e:e6:7f:d7:e8:89:f9:df:a1:
f0:4e:a3:42:4a:c6:64:0f:93:a4:87:0d:95:bf:4e:fb:9a:77:
ca:fc:79:db:a4:4d:79:ac:f9:b6:c1:00:37:dd:7a:53:49:de:
15:ee:99:e5:0e:f6:2f:26:c3:92:8f:db:8a:b7:4c:69:9b:b3:
97:f7:f2:a9:a6:c2:80:4e:02:ac:22:e9:c2:9e:48:60:9b:2c:
72:0c:6d:1e:b1:42:1d:a0:71:01:47:6d:d5:f1:7b:1a:d5:61:
92:4d:0b:32:02:bd:5c:68:8a:aa:85:64:35:88:02:99:64:95:
0b:b9:7f:87:46:d3:4d:04:e9:a0:79:2a:1b:a0:b0:ff:66:46:
fe:bc:1e:1e:36:c4:ee:55:de:d3:e7:40:c7:51:22:13:18:4b:
79:b3:cb:bd:d0:14:cc:25:58:73:d9:bb:49:95:a9:2d:f4:39:
1e:0a:a1:6b:5a:c1:bc:b1:97:7e:f9:b0:ee:00:71:6e:21:e3:
7f:bd:54:bb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBZo21DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2VmNThkNGNmYTM1NTQzZjg0ODhhMjc1NmU2OTI0ZTY0N2I0NTg5MB4XDTIyMDEw
MTA3MDM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTMzYzQ4ZTk2NTU2
NjhlYTJkNDFmNmYzZmFhNmNkNjc5NWVkNmFjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJOyi2sJ1kHUf+swMiDL3CpJEOsDcFIs1TqcKJ1twjHojg+n
dWkV8hp0cisX4hK/lgjWvv8n3BtJJBheZ1NczSxAe0+/6wiIAOsFlWLkWaoTGuGZ
WSkwls0etEYqj3SYT2w0OIXaQvJ4MV2Y8afQ8c27LvusEpBujpKMfw+sUYVT9cc8
HGCdwztT7dMsDOpSdv7iD4GvOBNZhje0HW/I1+4spt1rS0M2nFhIGY4t+V2uef2j
U3Ng1i6NJIXpnRnU75cMvExri1BTo5CGUg4TUAH3R0Hp/YgG/KS+UR9CGvAb3WdV
Rl0qS59UWAMJPCCSn2Lcd/aALzEtQyOpVsWOOh8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTjPEjpZVZo6i1B9vP6ps1nle1qzTAfBgNVHSMEGDAWgBTc71jUz6NVQ/hI
iidW5pJOZHtFiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNPOVkxTS1qVlVQNFNJb25WdWFTVG1SN1JZay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8x
LzR6eEk2V1ZXYU9vdFFmYnotcWJOWjVYdGFzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8xLzNPOVkxTS1qVlVQ
NFNJb25WdWFTVG1SN1JZay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFko4TANBgkqhkiG9w0BAQsFAAOC
AQEAZQI/S6Gn01cSyKn95SGZqZvZdr4OOAmJjRqNVWREzJJ89VeH98uG2pp2yvTa
Ehj0p9KkZFLFNqFNSw0f9t+zPuZ/1+iJ+d+h8E6jQkrGZA+TpIcNlb9O+5p3yvx5
26RNeaz5tsEAN916U0neFe6Z5Q72LybDko/birdMaZuzl/fyqabCgE4CrCLpwp5I
YJsscgxtHrFCHaBxAUdt1fF7GtVhkk0LMgK9XGiKqoVkNYgCmWSVC7l/h0bTTQTp
oHkqG6Cw/2ZG/rweHjbE7lXe0+dAx1EiExhLebPLvdAUzCVYc9m7SZWpLfQ5Hgqh
a1rBvLGXfvmw7gBxbiHjf71Uuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org