Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/4D8wpt70MjftJtXJcRLwhLXEk2M.roa
File: 4D8wpt70MjftJtXJcRLwhLXEk2M.roa (raw, json)
Hash identifier: szw8eL327rhLjKbd3R5XughcMMMU2b8yrfU7dfmNj+Y=
Subject key identifier: E0:3F:30:A6:DE:F4:32:37:ED:26:D5:C9:71:12:F0:84:B5:C4:93:63
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 01853D9B70ECD4BC4B9A3B1FF4EA91FAAA5A
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/4D8wpt70MjftJtXJcRLwhLXEk2M.roa
Signing time: Fri 23 Dec 2022 06:11:15 +0000
ROA not before: Fri 23 Dec 2022 06:11:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134926
IP address blocks: 89.47.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3d:9b:70:ec:d4:bc:4b:9a:3b:1f:f4:ea:91:fa:aa:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Dec 23 06:11:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e03f30a6def43237ed26d5c97112f084b5c49363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:05:c0:f0:99:cf:38:a1:9e:f7:68:f0:fd:2a:
10:41:0a:a4:1b:c2:67:af:cf:37:2b:9d:4e:76:e4:
66:1a:41:91:d7:d1:77:5e:5f:27:90:56:3e:4f:f5:
93:a7:f1:6f:10:18:d7:45:0b:8e:15:14:e2:d0:55:
3d:8f:9e:aa:46:46:9a:33:55:58:fb:38:ac:51:e5:
bc:b8:db:95:38:b3:c4:87:92:c4:ab:9d:00:69:2a:
17:aa:da:49:4d:91:c8:20:75:80:bc:bd:a7:b9:ab:
f6:7b:37:7e:98:d7:c9:a7:41:3d:94:8b:47:1d:59:
46:3a:97:5a:99:2b:02:19:1e:82:d5:26:99:a3:3c:
c6:93:14:5a:8d:ea:6e:0c:b9:56:4b:b2:dd:ec:7d:
2a:5b:89:3e:b5:10:58:d2:2c:76:c0:a5:33:16:f2:
a2:6d:87:5b:04:8f:1a:56:f1:04:0f:f9:33:f9:41:
4c:c3:a1:7e:bc:69:8c:52:b5:a5:a1:f0:7b:c2:b4:
00:4a:1c:18:5c:d8:8a:06:f2:18:e4:a5:48:cd:db:
ac:90:6a:db:69:c9:1c:9e:d9:18:63:03:8e:eb:d1:
ef:41:87:49:dc:c0:86:3e:d2:6a:83:03:4b:18:f2:
34:43:77:f7:5d:4e:9c:9d:8b:3c:f9:27:1c:a4:3c:
2b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3F:30:A6:DE:F4:32:37:ED:26:D5:C9:71:12:F0:84:B5:C4:93:63
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/4D8wpt70MjftJtXJcRLwhLXEk2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:a8:a9:44:26:db:98:70:da:da:54:68:72:ac:6f:ab:fd:b5:
5e:e9:3f:d2:aa:53:05:24:4d:c0:87:e7:3a:cb:25:f8:f1:05:
32:d8:e4:20:3f:a5:ec:fc:11:92:ce:1a:51:92:e9:77:d2:ac:
6e:e5:7f:a8:36:14:13:f2:77:18:4c:0f:bd:0a:66:b0:e4:ac:
e9:5a:28:e0:ca:d6:bc:e3:36:8e:34:23:32:27:91:fa:f8:bb:
39:ee:2f:04:2d:26:33:ae:08:75:7e:70:5d:10:0d:e4:45:c8:
23:90:0a:07:bd:8b:8d:ea:bd:bd:24:a0:ea:d9:ef:cf:c1:55:
77:ce:31:6c:c1:da:2d:51:b3:9c:12:b3:5b:03:22:c7:ea:48:
d1:9e:10:e9:6d:af:ff:9d:03:af:98:e1:52:80:e3:4c:ec:7f:
9e:47:60:62:f1:a2:c1:31:e4:0c:17:53:79:9a:13:66:0f:86:
90:84:0a:b8:9f:30:81:0c:29:84:10:5c:df:84:d8:8a:ff:76:
64:18:7d:68:a3:b2:91:0a:df:bd:ce:0a:9d:99:12:0f:e9:6c:
1d:b9:fc:2c:6a:22:e9:7c:54:92:aa:fc:a9:09:30:31:67:e2:
15:d9:c6:bd:2b:f1:4c:b5:95:4f:53:9e:83:2a:0f:88:f3:df:
17:01:70:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU9m3Ds1LxLmjsf9OqR+qpaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjIxMjIzMDYxMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDNmMzBhNmRlZjQzMjM3ZWQyNmQ1Yzk3MTEyZjA4NGI1YzQ5MzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gXA8JnPOKGe92jw/SoQQQqkG8Jn
r883K51OduRmGkGR19F3Xl8nkFY+T/WTp/FvEBjXRQuOFRTi0FU9j56qRkaaM1VY
+zisUeW8uNuVOLPEh5LEq50AaSoXqtpJTZHIIHWAvL2nuav2ezd+mNfJp0E9lItH
HVlGOpdamSsCGR6C1SaZozzGkxRajepuDLlWS7Ld7H0qW4k+tRBY0ix2wKUzFvKi
bYdbBI8aVvEED/kz+UFMw6F+vGmMUrWlofB7wrQAShwYXNiKBvIY5KVIzduskGrb
ackcntkYYwOO69HvQYdJ3MCGPtJqgwNLGPI0Q3f3XU6cnYs8+SccpDwrdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOA/MKbe9DI37SbVyXES8IS1xJNjMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvNEQ4d3B0NzBNamZ0SnRYSmNSTHdoTFhFazJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS87MA0G
CSqGSIb3DQEBCwUAA4IBAQAMqKlEJtuYcNraVGhyrG+r/bVe6T/SqlMFJE3Ah+c6
yyX48QUy2OQgP6Xs/BGSzhpRkul30qxu5X+oNhQT8ncYTA+9Cmaw5KzpWijgyta8
4zaONCMyJ5H6+Ls57i8ELSYzrgh1fnBdEA3kRcgjkAoHvYuN6r29JKDq2e/PwVV3
zjFswdotUbOcErNbAyLH6kjRnhDpba//nQOvmOFSgONM7H+eR2Bi8aLBMeQMF1N5
mhNmD4aQhAq4nzCBDCmEEFzfhNiK/3ZkGH1oo7KRCt+9zgqdmRIP6WwdufwsaiLp
fFSSqvypCTAxZ+IV2ca9K/FMtZVPU56DKg+I898XAXAz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org