Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/knHcDqtXQ0KJKy7A2J-kZACYmb4.roa
File: knHcDqtXQ0KJKy7A2J-kZACYmb4.roa (raw, json)
Hash identifier: jOgySWqEsjKPiZSbZOxMAEdJDKkUiiIl05IBFComK5M=
Subject key identifier: 92:71:DC:0E:AB:57:43:42:89:2B:2E:C0:D8:9F:A4:64:00:98:99:BE
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01852EF32BBF61C36547C5C9283C43D7364A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/knHcDqtXQ0KJKy7A2J-kZACYmb4.roa
Signing time: Tue 20 Dec 2022 09:52:46 +0000
ROA not before: Tue 20 Dec 2022 09:52:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 89.185.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:f3:2b:bf:61:c3:65:47:c5:c9:28:3c:43:d7:36:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 20 09:52:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9271dc0eab574342892b2ec0d89fa464009899be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:70:21:6c:36:41:cb:66:67:27:c1:2e:3d:a3:
1d:c0:6e:db:fa:74:f4:2c:d5:de:2f:96:67:c3:c0:
0c:f1:56:33:aa:6f:55:df:55:15:6e:80:2d:98:af:
0c:81:4b:f7:63:a6:4b:fe:f3:ec:07:52:1a:47:16:
8a:79:98:b9:85:2b:f0:c6:3c:01:d5:f9:7b:8f:89:
f5:f9:32:7c:0e:f7:62:ab:1d:cf:3a:b4:8e:2e:9a:
66:12:d2:c5:2f:67:28:2a:dd:40:9e:51:a0:ee:df:
7b:b9:d4:3e:2d:ac:c9:99:2f:fa:44:99:36:d6:f3:
38:5a:37:6e:e1:97:c7:91:15:0e:e5:0f:99:8d:8b:
0a:a2:4f:1f:57:82:4b:d9:f1:81:69:6d:99:e7:8b:
bd:2b:01:de:35:1f:0d:6e:ea:b2:99:0d:2b:0d:32:
2c:34:05:80:9f:76:e2:af:ee:cf:61:90:ec:fa:41:
e5:8a:d5:5b:72:b2:02:56:bf:e5:3f:66:ca:02:cc:
6e:fd:e4:0d:80:a7:51:7e:c0:dd:65:78:96:15:55:
28:30:9b:0b:00:20:ff:65:b0:f8:64:e8:57:d7:1b:
03:94:83:9d:dc:ca:e9:a0:5f:77:e8:4a:6a:ad:3b:
71:39:9d:e2:07:f8:ca:a9:a8:9c:3f:f2:27:d0:6d:
b2:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:71:DC:0E:AB:57:43:42:89:2B:2E:C0:D8:9F:A4:64:00:98:99:BE
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/knHcDqtXQ0KJKy7A2J-kZACYmb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.24.0/22
Signature Algorithm: sha256WithRSAEncryption
39:7e:ec:57:f8:b9:be:f8:a5:f6:e2:d6:03:72:f2:65:f6:21:
a3:2d:09:63:47:f8:f1:31:ac:2d:7f:aa:a7:16:06:30:91:e3:
03:8e:00:4c:99:3e:ac:a9:99:ea:55:fa:3f:11:c3:ce:d1:63:
5f:b6:19:af:2f:54:90:e2:29:3c:c6:41:0b:a7:d4:16:3f:74:
99:64:eb:99:2a:54:79:ea:3b:1c:82:50:70:c6:70:df:c8:24:
49:db:00:a3:e2:29:3e:09:72:2b:f4:c8:bd:3a:6b:b8:08:8a:
63:97:af:1f:fd:28:4d:50:84:dc:63:8a:24:d5:eb:e9:4b:2a:
af:42:cc:e0:4e:12:9e:23:af:c5:12:97:f7:a6:9c:42:2c:b8:
0d:90:ad:4a:d7:db:dc:3f:c6:54:d3:15:9c:81:d6:a0:ac:e4:
72:07:56:32:4d:45:23:88:c9:92:49:bb:44:f0:63:be:40:8e:
f0:31:f5:da:15:10:65:7d:64:6a:dd:4b:9c:12:8c:7c:51:98:
f7:b8:b6:55:f4:70:cc:4d:1c:f0:70:26:61:4e:e6:a9:33:ca:
90:5f:9d:61:ae:79:84:81:e0:74:85:42:2c:32:0d:98:17:c4:
85:e2:71:54:15:21:21:06:15:2f:d5:6d:7b:48:dd:e0:b8:7b:
62:f1:c3:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUu8yu/YcNlR8XJKDxD1zZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMjIwMDk1MjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjcxZGMwZWFiNTc0MzQyODkyYjJlYzBkODlmYTQ2NDAwOTg5OWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHAhbDZBy2ZnJ8EuPaMdwG7b+nT0
LNXeL5Znw8AM8VYzqm9V31UVboAtmK8MgUv3Y6ZL/vPsB1IaRxaKeZi5hSvwxjwB
1fl7j4n1+TJ8Dvdiqx3POrSOLppmEtLFL2coKt1AnlGg7t97udQ+LazJmS/6RJk2
1vM4Wjdu4ZfHkRUO5Q+ZjYsKok8fV4JL2fGBaW2Z54u9KwHeNR8NbuqymQ0rDTIs
NAWAn3bir+7PYZDs+kHlitVbcrICVr/lP2bKAsxu/eQNgKdRfsDdZXiWFVUoMJsL
ACD/ZbD4ZOhX1xsDlIOd3MrpoF936EpqrTtxOZ3iB/jKqaicP/In0G2yXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJJx3A6rV0NCiSsuwNifpGQAmJm+MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEva25IY0RxdFhRMEtKS3k3QTJKLWtaQUNZbWI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWbkYMA0G
CSqGSIb3DQEBCwUAA4IBAQA5fuxX+Lm++KX24tYDcvJl9iGjLQljR/jxMawtf6qn
FgYwkeMDjgBMmT6sqZnqVfo/EcPO0WNfthmvL1SQ4ik8xkELp9QWP3SZZOuZKlR5
6jscglBwxnDfyCRJ2wCj4ik+CXIr9Mi9Omu4CIpjl68f/ShNUITcY4ok1evpSyqv
QszgThKeI6/FEpf3ppxCLLgNkK1K19vcP8ZU0xWcgdagrORyB1YyTUUjiMmSSbtE
8GO+QI7wMfXaFRBlfWRq3UucEox8UZj3uLZV9HDMTRzwcCZhTuapM8qQX51hrnmE
geB0hUIsMg2YF8SF4nFUFSEhBhUv1W17SN3guHti8cMf
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org