Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/IT4qx3-FrCd61xoiQb_Z_tFCC6Q.roa
File: IT4qx3-FrCd61xoiQb_Z_tFCC6Q.roa (raw, json)
Hash identifier: kmu2JOBxjG/BzBjhrQZ2jEWQM/OldhBLIr1287PNRU8=
Subject key identifier: 21:3E:2A:C7:7F:85:AC:27:7A:D7:1A:22:41:BF:D9:FE:D1:42:0B:A4
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0181F68043C39220CF978C8F55E8D665B73B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/IT4qx3-FrCd61xoiQb_Z_tFCC6Q.roa
Signing time: Wed 13 Jul 2022 07:40:09 +0000
ROA not before: Wed 13 Jul 2022 07:40:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205220
IP address blocks: 89.185.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f6:80:43:c3:92:20:cf:97:8c:8f:55:e8:d6:65:b7:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jul 13 07:40:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=213e2ac77f85ac277ad71a2241bfd9fed1420ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:22:0d:97:fa:7d:a4:a9:85:e3:f1:fb:73:84:
86:6b:c4:48:ab:25:6c:0a:5b:4f:30:4f:6c:0b:4e:
3f:89:9b:ff:5f:82:9d:39:ab:94:28:0a:b8:41:3a:
36:af:fd:87:c9:3b:09:71:29:43:81:4d:85:17:08:
39:2d:68:6a:1c:a1:2a:cc:04:cd:98:37:c9:2c:e1:
88:e1:0b:b5:33:59:55:c0:80:f3:47:01:9f:7b:4c:
0c:89:e9:20:4d:1f:a6:37:83:09:11:53:c9:24:1c:
9f:a5:6f:84:4d:a0:15:16:b5:3d:e5:c1:15:61:85:
f7:32:b4:f5:ee:8e:1e:f1:9f:12:3a:41:d6:1a:4b:
8f:cd:60:6e:a0:ce:30:3b:ff:dd:c2:82:e8:d2:46:
f4:ef:2e:ac:1e:a7:af:b3:6d:59:67:5e:ae:5f:41:
a0:97:c5:e6:96:9d:4d:7c:63:2f:53:99:33:44:47:
64:21:6c:7e:58:f4:11:e2:ae:d2:95:f2:b8:fa:b5:
9a:6e:9e:59:0b:0d:cc:51:aa:2a:a5:75:dc:d8:56:
0f:1a:1b:46:2d:ed:cf:82:39:c3:30:1e:ee:7c:03:
97:92:d8:01:d6:f3:7e:c7:22:7a:c9:f8:1f:1d:cc:
bb:21:13:ef:d4:b4:fd:1c:a8:f5:58:db:25:5b:30:
ee:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3E:2A:C7:7F:85:AC:27:7A:D7:1A:22:41:BF:D9:FE:D1:42:0B:A4
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/IT4qx3-FrCd61xoiQb_Z_tFCC6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.0.0/22
Signature Algorithm: sha256WithRSAEncryption
69:3f:bb:56:d5:64:f9:d0:b5:f6:87:51:24:b5:2d:97:95:fd:
88:ba:a7:ca:98:a3:66:3d:ec:b9:3d:89:07:1d:55:92:99:9c:
fd:19:ef:b5:32:44:46:0a:44:cc:5b:ec:e4:f7:c8:c9:5b:a8:
a5:fb:ac:25:e7:6e:1e:b0:21:3b:e3:0c:95:9b:43:9b:ed:68:
d6:58:b0:14:cc:13:42:73:66:ed:b3:8b:db:f7:1f:04:fe:be:
ac:29:ca:14:44:47:8e:27:41:9f:e8:d7:d5:10:7a:e1:ba:1d:
3d:44:68:0c:74:ba:f0:be:66:b8:4f:c0:63:79:a8:17:8e:5e:
2a:18:ef:f9:a2:66:b8:4e:73:5b:e7:49:6f:83:5f:ec:2d:c9:
12:db:48:01:2f:c2:a1:89:12:8c:29:a0:81:9b:86:4b:7c:8e:
66:4a:c6:75:69:54:36:66:ea:b0:d0:b2:62:40:fe:f1:15:f7:
44:00:ba:d8:a7:d9:ae:b0:ce:54:b5:f5:c0:61:41:88:7d:c4:
e4:4f:60:66:9d:a9:a2:46:d4:a9:1d:50:da:dc:e6:a2:f2:3b:
ea:5e:80:d6:b5:bb:a0:33:a2:8d:90:a2:82:6e:c8:1a:3b:80:
a3:a1:b5:62:e6:ee:a4:23:4d:d2:ff:3d:67:6e:d4:17:f9:73:
6d:d4:46:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYH2gEPDkiDPl4yPVejWZbc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIwNzEzMDc0MDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTNlMmFjNzdmODVhYzI3N2FkNzFhMjI0MWJmZDlmZWQxNDIwYmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSINl/p9pKmF4/H7c4SGa8RIqyVs
CltPME9sC04/iZv/X4KdOauUKAq4QTo2r/2HyTsJcSlDgU2FFwg5LWhqHKEqzATN
mDfJLOGI4Qu1M1lVwIDzRwGfe0wMiekgTR+mN4MJEVPJJByfpW+ETaAVFrU95cEV
YYX3MrT17o4e8Z8SOkHWGkuPzWBuoM4wO//dwoLo0kb07y6sHqevs21ZZ16uX0Gg
l8Xmlp1NfGMvU5kzREdkIWx+WPQR4q7SlfK4+rWabp5ZCw3MUaoqpXXc2FYPGhtG
Le3PgjnDMB7ufAOXktgB1vN+xyJ6yfgfHcy7IRPv1LT9HKj1WNslWzDu5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCE+Ksd/hawnetcaIkG/2f7RQgukMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvSVQ0cXgzLUZyQ2Q2MXhvaVFiX1pfdEZDQzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWbkAMA0G
CSqGSIb3DQEBCwUAA4IBAQBpP7tW1WT50LX2h1EktS2Xlf2IuqfKmKNmPey5PYkH
HVWSmZz9Ge+1MkRGCkTMW+zk98jJW6il+6wl524esCE74wyVm0Ob7WjWWLAUzBNC
c2bts4vb9x8E/r6sKcoUREeOJ0Gf6NfVEHrhuh09RGgMdLrwvma4T8BjeagXjl4q
GO/5oma4TnNb50lvg1/sLckS20gBL8KhiRKMKaCBm4ZLfI5mSsZ1aVQ2Zuqw0LJi
QP7xFfdEALrYp9musM5UtfXAYUGIfcTkT2BmnamiRtSpHVDa3Oai8jvqXoDWtbug
M6KNkKKCbsgaO4CjobVi5u6kI03S/z1nbtQX+XNt1EZi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org