Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Yg79rcqE7-TJLtvKEabVQ4m_KEs.roa
File: Yg79rcqE7-TJLtvKEabVQ4m_KEs.roa (raw, json)
Hash identifier: XEhxpgXK5nPtnCwhl8u2kAYx3REfAXg/e26J9zLki9Y=
Subject key identifier: 62:0E:FD:AD:CA:84:EF:E4:C9:2E:DB:CA:11:A6:D5:43:89:BF:28:4B
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 0183F57D4C672998A60BBD021F73EF93856A
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Yg79rcqE7-TJLtvKEabVQ4m_KEs.roa
Signing time: Thu 20 Oct 2022 13:02:52 +0000
ROA not before: Thu 20 Oct 2022 13:02:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59574
IP address blocks: 89.188.168.0/22 maxlen: 24
89.188.174.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:7d:4c:67:29:98:a6:0b:bd:02:1f:73:ef:93:85:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Oct 20 13:02:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=620efdadca84efe4c92edbca11a6d54389bf284b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e9:e5:3c:0b:2c:0d:75:87:ae:17:33:a8:f6:
69:0e:32:d4:26:72:90:a7:01:69:95:0f:3c:83:44:
47:d3:2e:f4:6f:1b:ca:69:48:a6:46:69:34:b4:d6:
82:c5:4d:81:43:f1:a3:5a:16:e7:6a:28:b8:9e:9f:
55:73:0f:8c:76:e6:54:54:e0:6b:b8:19:e1:17:60:
74:93:60:76:64:b2:d6:a2:a2:50:b5:4e:f4:73:d7:
26:0f:dd:7d:be:e8:f0:f7:66:ba:88:1e:af:c3:19:
19:d3:b9:e4:11:59:55:10:2c:9b:30:a9:84:c3:e6:
78:8c:e1:10:65:5e:71:b0:15:98:ae:c5:ea:10:ea:
e9:5c:13:a7:f8:c1:ad:17:35:04:27:cc:58:16:c1:
5a:16:4c:89:10:4a:21:09:d9:a3:3f:65:b7:1a:cc:
11:3f:9e:a0:22:2c:46:27:b3:ed:60:77:4e:55:b5:
a4:31:5e:82:fe:28:fe:b1:86:96:0c:81:3f:bd:dd:
2e:e4:80:28:fa:b4:b7:fe:be:a2:1e:07:4f:45:28:
f6:89:bd:be:da:2e:37:27:38:38:cf:7d:a7:12:bc:
8a:78:13:46:f9:88:f7:be:b0:5c:9b:bb:2e:b9:a5:
25:50:2e:1a:59:47:87:a5:ff:dc:db:81:3a:90:22:
4d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0E:FD:AD:CA:84:EF:E4:C9:2E:DB:CA:11:A6:D5:43:89:BF:28:4B
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/Yg79rcqE7-TJLtvKEabVQ4m_KEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.168.0/22
89.188.174.0/23
Signature Algorithm: sha256WithRSAEncryption
8f:bc:45:64:e2:1d:11:15:66:63:d3:22:60:af:b5:ff:38:93:
4f:ec:5d:f4:d6:4e:82:51:46:73:95:8b:6f:c7:84:46:78:e7:
83:82:07:26:a9:6a:15:aa:d7:d4:1a:b2:99:da:46:cb:80:ec:
6d:0b:be:9f:f9:06:7b:4e:7e:82:52:64:90:82:f7:3d:98:5c:
24:82:1c:68:d1:e1:e8:8b:40:e4:67:a7:67:b4:96:95:50:69:
92:b8:56:3d:98:1d:7d:94:22:c3:d5:44:ac:cc:ae:b4:ae:e0:
52:7e:71:ab:21:b8:2e:8b:fc:26:3c:53:27:bf:9e:ca:91:11:
63:37:07:12:2e:df:37:9b:ed:c6:87:57:4c:d7:54:bb:34:ff:
64:be:77:f2:2f:45:fd:0f:04:41:96:01:18:11:27:e5:ce:cc:
3f:49:4f:59:ea:ef:56:70:8a:f6:28:cd:84:de:7f:a4:13:fe:
02:0b:e4:c2:62:cc:b8:89:1b:5f:48:48:5c:3a:3e:c9:bb:51:
2a:e4:88:fa:58:55:1d:ca:6f:18:50:56:1a:14:6c:c4:da:ed:
3d:f2:8c:69:c2:3c:4b:fd:c3:9b:6d:68:a8:d2:96:d1:86:59:
2a:75:f1:6a:37:79:77:8c:fd:e7:63:63:ba:1b:9b:df:5e:dc:
d1:2c:1d:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP1fUxnKZimC70CH3Pvk4VqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjIxMDIwMTMwMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBlZmRhZGNhODRlZmU0YzkyZWRiY2ExMWE2ZDU0Mzg5YmYyODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOnlPAssDXWHrhczqPZpDjLUJnKQ
pwFplQ88g0RH0y70bxvKaUimRmk0tNaCxU2BQ/GjWhbnaii4np9Vcw+MduZUVOBr
uBnhF2B0k2B2ZLLWoqJQtU70c9cmD919vujw92a6iB6vwxkZ07nkEVlVECybMKmE
w+Z4jOEQZV5xsBWYrsXqEOrpXBOn+MGtFzUEJ8xYFsFaFkyJEEohCdmjP2W3GswR
P56gIixGJ7PtYHdOVbWkMV6C/ij+sYaWDIE/vd0u5IAo+rS3/r6iHgdPRSj2ib2+
2i43Jzg4z32nEryKeBNG+Yj3vrBcm7suuaUlUC4aWUeHpf/c24E6kCJNwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGIO/a3KhO/kyS7byhGm1UOJvyhLMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvWWc3OXJjcUU3LVRKTHR2S0VhYlZRNG1fS0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbyoAwQB
WbyuMA0GCSqGSIb3DQEBCwUAA4IBAQCPvEVk4h0RFWZj0yJgr7X/OJNP7F301k6C
UUZzlYtvx4RGeOeDggcmqWoVqtfUGrKZ2kbLgOxtC76f+QZ7Tn6CUmSQgvc9mFwk
ghxo0eHoi0DkZ6dntJaVUGmSuFY9mB19lCLD1USszK60ruBSfnGrIbgui/wmPFMn
v57KkRFjNwcSLt83m+3Gh1dM11S7NP9kvnfyL0X9DwRBlgEYESflzsw/SU9Z6u9W
cIr2KM2E3n+kE/4CC+TCYsy4iRtfSEhcOj7Ju1Eq5Ij6WFUdym8YUFYaFGzE2u09
8oxpwjxL/cObbWio0pbRhlkqdfFqN3l3jP3nY2O6G5vfXtzRLB1w
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-ams.rpki-client.org