Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/AZbmj89Tawu36DpWeLz1ydE-piw.roa
File: AZbmj89Tawu36DpWeLz1ydE-piw.roa (raw, json)
Hash identifier: O8JFiO5HCGOZFP04wT8qqa0H4mjamALCZQTGjOVHJ0c=
Subject key identifier: 01:96:E6:8F:CF:53:6B:0B:B7:E8:3A:56:78:BC:F5:C9:D1:3E:A6:2C
Certificate issuer: /CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Certificate serial: AA772B
Authority key identifier: 8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/AZbmj89Tawu36DpWeLz1ydE-piw.roa
Signing time: Sat 01 Jan 2022 01:54:36 +0000
ROA not before: Sat 01 Jan 2022 01:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39232
IP address blocks: 89.219.164.0/23 maxlen: 23
89.219.164.0/22 maxlen: 22
89.219.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11171627 (0xaa772b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Validity
Not Before: Jan 1 01:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0196e68fcf536b0bb7e83a5678bcf5c9d13ea62c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:52:ce:d3:b2:07:62:0a:93:22:41:60:a8:78:
f2:31:54:84:ae:92:65:f0:12:63:28:fa:e1:22:12:
0b:03:99:f6:60:30:55:ad:a1:b9:93:ba:87:db:92:
d2:1c:53:8d:fc:38:87:95:7e:5d:9d:50:35:31:9a:
1c:b6:9d:1b:17:4c:20:95:13:e0:d9:85:47:13:50:
f5:85:37:26:13:82:73:c0:07:a2:18:0f:e9:cf:b3:
62:3b:69:ed:72:bf:7a:8b:07:3e:1d:8b:fa:49:3d:
b5:be:e7:5c:62:7c:cc:53:d0:82:56:3b:05:98:cd:
8a:0e:4d:75:63:ba:7c:55:4e:bb:ea:cf:f4:b4:05:
74:2f:ae:19:c6:a7:b5:91:43:ea:6d:16:43:e3:aa:
ba:7f:82:22:46:cb:cd:0e:43:0d:ca:63:cf:f0:8d:
09:2b:1f:3b:37:0a:65:da:88:4b:9a:df:2f:b7:af:
be:a0:12:6f:16:7f:5f:b9:99:6c:ff:e2:79:a9:3f:
e0:2f:41:98:6b:d6:dd:53:e3:ae:0c:85:0c:90:bf:
b8:86:e6:ac:db:21:29:4b:4b:36:7e:0f:f0:71:02:
4f:47:e7:ae:93:02:47:c0:24:1f:29:97:85:66:24:
05:c1:97:71:9f:0c:3f:fb:79:e0:11:89:23:fc:41:
b2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:96:E6:8F:CF:53:6B:0B:B7:E8:3A:56:78:BC:F5:C9:D1:3E:A6:2C
X509v3 Authority Key Identifier:
keyid:8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/AZbmj89Tawu36DpWeLz1ydE-piw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/jU3S0G2SDkA5M_2yzRmEiTVSV5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.219.164.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:a9:11:ef:95:47:af:e8:39:b0:21:e2:98:6d:79:13:4d:84:
44:1f:1b:52:e2:03:a8:02:3d:b2:70:de:06:4d:1c:78:bb:b1:
20:f6:8d:7d:d6:2d:9e:9c:21:c7:31:cc:76:db:11:bf:b5:ac:
ef:1c:13:84:a3:2d:a6:82:ff:30:4c:cc:83:4e:a5:c8:63:75:
b7:42:d9:2a:72:28:51:90:63:ac:4a:2f:8f:51:8a:f6:3f:e7:
99:9c:5c:6d:3d:86:21:f7:cd:3a:77:0f:45:e5:56:29:a1:5d:
2a:1c:aa:89:a3:aa:12:cf:06:b1:37:56:80:ac:5b:63:66:53:
23:67:7f:56:0c:4f:54:ce:4d:b5:da:28:64:73:64:6e:08:57:
77:87:1e:64:61:2b:dc:40:21:4e:0a:4e:ec:8d:f4:4e:69:27:
fe:e2:24:e0:49:93:8e:52:0b:81:fd:cd:47:c2:40:cf:a1:87:
30:4e:98:c3:f6:06:9c:69:be:e1:dc:5e:91:a5:1a:fa:20:a7:
53:d4:7e:e6:e6:92:aa:d8:28:7e:1e:b1:d5:d2:92:bf:cd:d5:
23:cc:ea:b2:0b:cd:71:86:db:76:b4:18:61:38:2c:fa:b1:d2:
01:ae:da:b6:a9:77:35:1e:64:51:0a:9a:4c:5c:e6:53:bf:17:
00:24:58:59
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKp3KzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDRkZDJkMDZkOTIwZTQwMzkzM2ZkYjJjZDE5ODQ4OTM1NTI1NzljMB4XDTIyMDEw
MTAxNTQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE5NmU2OGZjZjUz
NmIwYmI3ZTgzYTU2NzhiY2Y1YzlkMTNlYTYyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlSztOyB2IKkyJBYKh48jFUhK6SZfASYyj64SISCwOZ9mAw
Va2huZO6h9uS0hxTjfw4h5V+XZ1QNTGaHLadGxdMIJUT4NmFRxNQ9YU3JhOCc8AH
ohgP6c+zYjtp7XK/eosHPh2L+kk9tb7nXGJ8zFPQglY7BZjNig5NdWO6fFVOu+rP
9LQFdC+uGcantZFD6m0WQ+Oqun+CIkbLzQ5DDcpjz/CNCSsfOzcKZdqIS5rfL7ev
vqASbxZ/X7mZbP/ieak/4C9BmGvW3VPjrgyFDJC/uIbmrNshKUtLNn4P8HECT0fn
rpMCR8AkHymXhWYkBcGXcZ8MP/t54BGJI/xBsocCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQBluaPz1NrC7foOlZ4vPXJ0T6mLDAfBgNVHSMEGDAWgBSNTdLQbZIOQDkz
/bLNGYSJNVJXnDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pVM1MwRzJTRGtBNU1fMnl6Um1FaVRWU1Y1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvZjYyMWE3LWUwODAtNDI1NS05MjZkLTMyZmYzMWNlZWM4Yi8x
L0FaYm1qODlUYXd1MzZEcFdlTHoxeWRFLXBpdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
ZjYyMWE3LWUwODAtNDI1NS05MjZkLTMyZmYzMWNlZWM4Yi8xL2pVM1MwRzJTRGtB
NU1fMnl6Um1FaVRWU1Y1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlnbpDANBgkqhkiG9w0BAQsFAAOC
AQEAzqkR75VHr+g5sCHimG15E02ERB8bUuIDqAI9snDeBk0ceLuxIPaNfdYtnpwh
xzHMdtsRv7Ws7xwThKMtpoL/MEzMg06lyGN1t0LZKnIoUZBjrEovj1GK9j/nmZxc
bT2GIffNOncPReVWKaFdKhyqiaOqEs8GsTdWgKxbY2ZTI2d/VgxPVM5NtdooZHNk
bghXd4ceZGEr3EAhTgpO7I30Tmkn/uIk4EmTjlILgf3NR8JAz6GHME6Yw/YGnGm+
4dxekaUa+iCnU9R+5uaSqtgofh6x1dKSv83VI8zqsgvNcYbbdrQYYTgs+rHSAa7a
tql3NR5kUQqaTFzmU78XACRYWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:24 2024 by rpki-client on console-ams.rpki-client.org