Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/lWyMBPIbDl_W7DoLLQe38dKTnso.roa
File: lWyMBPIbDl_W7DoLLQe38dKTnso.roa (raw, json)
Hash identifier: xmDQoCukVi96YWlzwL4iG2v9vUIa4jrr/mkwK+nCUi8=
Subject key identifier: 95:6C:8C:04:F2:1B:0E:5F:D6:EC:3A:0B:2D:07:B7:F1:D2:93:9E:CA
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 05E6FBF2
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/lWyMBPIbDl_W7DoLLQe38dKTnso.roa
Signing time: Wed 30 Mar 2022 06:28:57 +0000
ROA not before: Wed 30 Mar 2022 06:28:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43531
IP address blocks: 89.30.68.0/22 maxlen: 24
83.243.16.0/21 maxlen: 24
89.30.0.0/17 maxlen: 24
2a01:8200::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99023858 (0x5e6fbf2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Mar 30 06:28:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=956c8c04f21b0e5fd6ec3a0b2d07b7f1d2939eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:87:a6:c4:73:77:06:0c:e4:70:bb:0f:11:ba:
cf:e8:4f:b0:96:ca:24:2a:9c:c9:40:69:b4:e2:c1:
07:23:05:99:e9:3b:14:49:91:3d:e3:4c:d6:d7:91:
b6:3f:d6:04:d2:96:3b:78:62:e5:57:8e:01:aa:2b:
a0:d0:7b:13:aa:32:05:d6:c0:25:d1:f7:8e:e6:90:
c5:8e:a0:9a:e7:36:e1:b1:0e:12:38:5e:ec:76:38:
24:ad:2b:72:9b:d4:70:f8:da:ec:56:f0:4c:3b:95:
8f:f4:11:66:03:a9:2b:2f:be:2a:36:be:fc:e7:85:
3a:92:9f:25:70:60:21:04:7d:93:88:50:08:b4:77:
14:94:88:50:a9:8b:39:2a:96:13:31:f2:94:48:2c:
b8:f6:71:2e:d8:38:71:bf:86:ba:7b:b4:a9:87:bd:
72:61:70:af:f6:9b:c8:0e:51:09:ab:1d:79:ef:42:
bb:2e:74:df:74:93:89:31:89:6e:8c:22:c8:1f:6c:
2a:75:7d:6b:3c:94:9a:94:e9:4c:1b:7b:a8:67:9a:
de:00:f9:f8:e6:e7:79:23:3e:cb:90:e9:84:60:7f:
18:18:c1:0a:b6:f8:47:b3:d7:b0:c3:4a:e5:62:5f:
cc:1f:ca:c8:55:1b:bb:23:08:47:ad:68:3e:a9:b7:
6f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6C:8C:04:F2:1B:0E:5F:D6:EC:3A:0B:2D:07:B7:F1:D2:93:9E:CA
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/lWyMBPIbDl_W7DoLLQe38dKTnso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.243.16.0/21
89.30.0.0/17
IPv6:
2a01:8200::/32
Signature Algorithm: sha256WithRSAEncryption
73:98:fe:c6:92:60:e8:fb:86:d5:cc:b1:36:3e:60:dc:11:fc:
9a:19:81:b6:77:06:11:8d:83:1f:a4:58:53:3c:7f:aa:e8:4d:
85:ae:74:e5:97:a9:9c:57:5b:45:0c:07:66:b0:ba:b7:19:2a:
90:0c:59:0d:da:07:ba:72:7a:64:63:2f:8c:b5:99:16:e9:69:
64:be:9f:28:82:8c:03:75:ae:6a:84:f7:b1:07:59:fa:67:e3:
13:de:90:c1:06:e7:45:03:f1:46:59:32:07:ea:5a:18:72:53:
95:55:8a:bc:eb:3d:45:fa:aa:4f:94:17:2f:20:57:b8:47:99:
68:91:5a:fc:59:97:7d:55:7b:14:37:00:65:f6:82:c0:20:7c:
5c:f4:1c:4c:7a:7e:ab:d9:a9:76:fa:cc:2d:5e:b7:17:d7:b6:
01:03:6d:72:e1:db:4d:e9:34:ba:14:b9:74:0e:49:dc:ea:96:
69:93:2a:e2:d6:6d:ad:04:72:9f:a2:09:41:4b:cd:0a:bd:06:
7b:00:5a:21:67:c0:ac:50:d5:d8:aa:65:00:bc:bd:01:b5:1b:
e2:19:72:e8:0c:60:18:83:8f:e6:5b:ce:2a:cd:44:24:b1:a6:
00:d7:e0:7e:27:b6:ff:cd:a9:50:98:33:72:87:ba:50:20:7f:
08:48:11:86
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBeb78jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTQwMGFjMjM5NmFlMjI4ZDJiMmU1NmY0YjA2NzM5OTY5Mzc5ZTQ0MB4XDTIyMDMz
MDA2Mjg1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU2YzhjMDRmMjFi
MGU1ZmQ2ZWMzYTBiMmQwN2I3ZjFkMjkzOWVjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANSHpsRzdwYM5HC7DxG6z+hPsJbKJCqcyUBptOLBByMFmek7
FEmRPeNM1teRtj/WBNKWO3hi5VeOAaoroNB7E6oyBdbAJdH3juaQxY6gmuc24bEO
Ejhe7HY4JK0rcpvUcPja7FbwTDuVj/QRZgOpKy++Kja+/OeFOpKfJXBgIQR9k4hQ
CLR3FJSIUKmLOSqWEzHylEgsuPZxLtg4cb+Gunu0qYe9cmFwr/abyA5RCasdee9C
uy5033STiTGJbowiyB9sKnV9azyUmpTpTBt7qGea3gD5+ObneSM+y5DphGB/GBjB
Crb4R7PXsMNK5WJfzB/KyFUbuyMIR61oPqm3b7cCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSVbIwE8hsOX9bsOgstB7fx0pOeyjAfBgNVHSMEGDAWgBReQArCOWriKNKy
5W9LBnOZaTeeRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hrQUt3amxxNGlqU3N1VnZTd1p6bVdrM25rUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvZDY3YTk1LWNiMzYtNDkzNy05MjI2LWRmZWQxMmYxYTAxZS8x
L2xXeU1CUEliRGxfVzdEb0xMUWUzOGRLVG5zby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
ZDY3YTk1LWNiMzYtNDkzNy05MjI2LWRmZWQxMmYxYTAxZS8xL1hrQUt3amxxNGlq
U3N1VnZTd1p6bVdrM25rUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA1PzEAMEB1keADANBAIAAjAHAwUA
KgGCADANBgkqhkiG9w0BAQsFAAOCAQEAc5j+xpJg6PuG1cyxNj5g3BH8mhmBtncG
EY2DH6RYUzx/quhNha505ZepnFdbRQwHZrC6txkqkAxZDdoHunJ6ZGMvjLWZFulp
ZL6fKIKMA3WuaoT3sQdZ+mfjE96QwQbnRQPxRlkyB+paGHJTlVWKvOs9RfqqT5QX
LyBXuEeZaJFa/FmXfVV7FDcAZfaCwCB8XPQcTHp+q9mpdvrMLV63F9e2AQNtcuHb
Tek0uhS5dA5J3OqWaZMq4tZtrQRyn6IJQUvNCr0GewBaIWfArFDV2KplALy9AbUb
4hly6AxgGIOP5lvOKs1EJLGmANfgfie2/82pUJgzcoe6UCB/CEgRhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:45 2024 by rpki-client on console-ams.rpki-client.org