Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/_xfMGH0x0oQp4iQUUTo6nNm_K6E.roa
File: _xfMGH0x0oQp4iQUUTo6nNm_K6E.roa (raw, json)
Hash identifier: B0tfsSOmzEhOatX9SfcmI++7B7Lnw/9WDm/vLLE5YRw=
Subject key identifier: FF:17:CC:18:7D:31:D2:84:29:E2:24:14:51:3A:3A:9C:D9:BF:2B:A1
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 03E849A6
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/_xfMGH0x0oQp4iQUUTo6nNm_K6E.roa
Signing time: Sat 01 Jan 2022 06:57:59 +0000
ROA not before: Sat 01 Jan 2022 06:57:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59574
IP address blocks: 89.188.168.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65554854 (0x3e849a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 1 06:57:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff17cc187d31d28429e22414513a3a9cd9bf2ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1d:97:d1:4e:f5:2d:66:b4:11:4f:7d:37:62:
23:e8:34:34:d4:65:8d:09:64:45:9a:77:82:07:6d:
32:90:78:83:db:81:28:d8:37:c4:7a:98:37:44:1e:
69:29:a5:8c:d9:d4:5c:f3:81:b9:f9:aa:ea:f3:d3:
8f:bc:5b:c1:48:67:05:49:ac:a3:05:60:66:ed:9e:
69:3b:92:a1:75:f8:db:81:ff:57:f0:11:77:bc:c4:
53:d7:8a:90:3f:1f:1a:32:9f:6d:c6:2c:62:d8:13:
6f:b8:4e:ad:d8:a5:47:00:1e:0b:25:8d:51:b6:22:
0b:04:9a:ed:f2:b5:a7:e0:1f:7a:24:38:99:2c:0b:
0b:af:4b:fe:e2:58:9e:75:39:b1:0a:44:f6:cb:19:
3d:93:9e:2b:b9:c1:7b:ec:a9:78:79:bf:6c:5a:71:
b7:1f:83:2b:98:5c:a2:c3:45:fa:a5:2c:f5:3c:93:
db:08:0b:3b:f0:dd:05:df:de:e3:74:2e:a7:2a:7f:
27:b9:87:03:90:7a:8b:77:8b:14:de:2b:43:98:0b:
e0:6e:81:bd:fe:57:ef:41:06:8d:32:bc:50:7d:d7:
d1:b2:b0:32:e8:e6:c4:e8:72:8e:89:2a:bf:94:6f:
ca:fd:9f:4c:50:6f:1d:81:23:5d:88:da:e1:0f:5c:
42:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:17:CC:18:7D:31:D2:84:29:E2:24:14:51:3A:3A:9C:D9:BF:2B:A1
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/_xfMGH0x0oQp4iQUUTo6nNm_K6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.168.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:bc:ad:52:39:89:b4:6f:5b:c2:12:b6:8c:0d:05:a7:7b:51:
a5:d4:c1:81:85:b0:c5:8b:38:6e:0c:e7:96:a4:a4:cc:f4:7c:
12:1b:06:d4:ea:fc:f1:fb:ca:3e:70:71:45:51:8b:16:57:76:
e8:2e:51:85:39:53:f4:57:f5:28:ba:ed:7a:2c:cb:40:51:2d:
9d:c8:d5:be:0a:3b:9e:70:79:f4:c2:55:9c:88:22:8c:40:ec:
60:44:15:e1:5e:4f:38:ca:c7:02:bf:3d:b3:f0:4b:0f:1c:86:
f9:04:c9:8a:73:f1:7d:37:2a:ff:0d:b9:c0:b6:c0:0b:1b:6b:
40:67:c3:17:d9:46:0e:94:78:50:b9:8d:49:07:b9:bf:53:47:
c9:61:b4:49:b4:b0:27:f9:dc:4e:ab:e6:4b:ef:33:9d:2d:a3:
20:54:e4:56:94:2d:9c:24:01:f6:41:4b:e3:2f:8d:21:32:3b:
c1:1d:93:d7:3b:15:7e:cf:aa:60:42:ec:0e:80:e2:26:87:76:
eb:84:b7:c7:1d:43:8d:17:5b:4f:0b:02:a9:5b:d6:57:fe:96:
f5:84:76:11:42:0e:d3:5a:37:ea:e7:6c:fa:12:81:b1:34:b4:
0e:99:e6:8a:f7:20:4b:c5:ce:6d:09:97:45:18:4f:21:88:32:
e1:f6:5b:35
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+hJpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2UzZDkyYmZlMTY2MTljYTUwMGMwMzI2N2VmZmE5YWE3Y2EwYzQ3MB4XDTIyMDEw
MTA2NTc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmYxN2NjMTg3ZDMx
ZDI4NDI5ZTIyNDE0NTEzYTNhOWNkOWJmMmJhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwdl9FO9S1mtBFPfTdiI+g0NNRljQlkRZp3ggdtMpB4g9uB
KNg3xHqYN0QeaSmljNnUXPOBufmq6vPTj7xbwUhnBUmsowVgZu2eaTuSoXX424H/
V/ARd7zEU9eKkD8fGjKfbcYsYtgTb7hOrdilRwAeCyWNUbYiCwSa7fK1p+AfeiQ4
mSwLC69L/uJYnnU5sQpE9ssZPZOeK7nBe+ypeHm/bFpxtx+DK5hcosNF+qUs9TyT
2wgLO/DdBd/e43Qupyp/J7mHA5B6i3eLFN4rQ5gL4G6Bvf5X70EGjTK8UH3X0bKw
MujmxOhyjokqv5Rvyv2fTFBvHYEjXYja4Q9cQgkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT/F8wYfTHShCniJBRROjqc2b8roTAfBgNVHSMEGDAWgBQj49kr/hZhnKUA
wDJn7/qap8oMRzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ktUFpLXzRXWVp5bEFNQXlaLV82bXFmS0RFYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvOWMyYzkwLWM3ZDQtNDhiNy05YmFmLWYxYmYwYzMzYTkwOC8x
L194Zk1HSDB4MG9RcDRpUVVVVG82bk5tX0s2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
OWMyYzkwLWM3ZDQtNDhiNy05YmFmLWYxYmYwYzMzYTkwOC8xL0ktUFpLXzRXWVp5
bEFNQXlaLV82bXFmS0RFYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlm8qDANBgkqhkiG9w0BAQsFAAOC
AQEAXbytUjmJtG9bwhK2jA0Fp3tRpdTBgYWwxYs4bgznlqSkzPR8EhsG1Or88fvK
PnBxRVGLFld26C5RhTlT9Ff1KLrteizLQFEtncjVvgo7nnB59MJVnIgijEDsYEQV
4V5POMrHAr89s/BLDxyG+QTJinPxfTcq/w25wLbACxtrQGfDF9lGDpR4ULmNSQe5
v1NHyWG0SbSwJ/ncTqvmS+8znS2jIFTkVpQtnCQB9kFL4y+NITI7wR2T1zsVfs+q
YELsDoDiJod264S3xx1DjRdbTwsCqVvWV/6W9YR2EUIO01o36uds+hKBsTS0Dpnm
ivcgS8XObQmXRRhPIYgy4fZbNQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-ams.rpki-client.org