Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/seSnIL2XuPlllw3vwsdjSh-EALA.roa
File: seSnIL2XuPlllw3vwsdjSh-EALA.roa (raw, json)
Hash identifier: MzGTrcVHue8nk0r8kFur2AO9qXfVP4WPCj/ZN3oUCCQ=
Subject key identifier: B1:E4:A7:20:BD:97:B8:F9:65:97:0D:EF:C2:C7:63:4A:1F:84:00:B0
Certificate issuer: /CN=043a9c35d9e1a2f4d34a754fa26d203657847218
Certificate serial: 0184AE470FEE68C6471FD5DC49A1B0EE16B5
Authority key identifier: 04:3A:9C:35:D9:E1:A2:F4:D3:4A:75:4F:A2:6D:20:36:57:84:72:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/seSnIL2XuPlllw3vwsdjSh-EALA.roa
Signing time: Fri 25 Nov 2022 10:13:23 +0000
ROA not before: Fri 25 Nov 2022 10:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211300
IP address blocks: 152.89.240.0/24 maxlen: 24
152.89.241.0/24 maxlen: 24
152.89.242.0/24 maxlen: 24
152.89.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:47:0f:ee:68:c6:47:1f:d5:dc:49:a1:b0:ee:16:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=043a9c35d9e1a2f4d34a754fa26d203657847218
Validity
Not Before: Nov 25 10:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1e4a720bd97b8f965970defc2c7634a1f8400b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ff:15:1e:a2:93:37:50:2b:6f:11:c3:66:ca:
74:ba:a7:a6:03:4c:34:ef:89:85:92:d7:0d:54:8f:
e4:13:9a:5a:5e:dd:8d:0c:8d:c7:0a:d0:c5:2d:e8:
64:7b:0b:ae:77:d8:35:fb:24:20:70:93:b5:5d:13:
d0:2b:e8:f5:d5:f3:03:03:7f:82:2d:48:3e:eb:2d:
99:6d:f6:df:c1:41:e5:70:a7:bd:10:5a:fa:fc:f6:
a7:c1:29:37:76:be:b6:ac:61:ce:da:ac:d2:b0:e6:
74:7d:31:28:18:a6:d9:00:39:aa:53:85:a1:74:39:
d1:81:a4:36:d5:4e:db:3c:1c:a9:a2:63:f8:7f:14:
b3:57:a0:d7:0d:94:b0:b8:c0:0b:41:1a:4c:0a:28:
4e:1a:cc:db:f5:74:5c:29:8d:c4:0a:76:3c:93:5b:
c6:7a:60:f7:90:d6:a9:f7:6c:f0:75:42:f1:27:a3:
e7:3c:5d:7e:fe:12:ce:c2:b9:59:4f:5b:ee:40:b7:
9f:17:a8:ab:58:77:bc:fa:ad:e0:40:9c:22:a7:c5:
bf:30:5c:fb:91:9d:e7:2c:47:9e:ee:fb:22:22:f6:
05:57:5d:9e:76:76:3d:b6:6c:8a:7c:dd:2c:10:79:
47:bd:c0:0a:14:e5:dc:a2:c0:69:25:20:18:5f:0d:
fa:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:E4:A7:20:BD:97:B8:F9:65:97:0D:EF:C2:C7:63:4A:1F:84:00:B0
X509v3 Authority Key Identifier:
keyid:04:3A:9C:35:D9:E1:A2:F4:D3:4A:75:4F:A2:6D:20:36:57:84:72:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/seSnIL2XuPlllw3vwsdjSh-EALA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.240.0/22
Signature Algorithm: sha256WithRSAEncryption
22:a3:17:95:68:0f:3c:4b:aa:db:e0:fb:f4:f6:d7:7e:63:72:
a3:57:9f:b4:30:a2:88:4c:11:6a:0b:50:f6:c4:e6:ec:76:eb:
02:23:45:11:9d:5e:0b:ac:56:e9:d3:74:b0:c8:15:c3:4e:f2:
cb:e6:7c:4d:21:0d:83:12:52:8f:4a:af:f7:ae:61:89:b6:4b:
bc:97:ff:73:09:2d:61:ce:9b:62:7a:08:a4:c3:19:a0:3e:4a:
1f:96:cb:87:f4:7f:d2:72:6e:c8:f0:8f:ba:d3:b0:a0:d1:8c:
29:5e:44:c9:af:34:10:52:94:e4:b3:6d:40:0c:a3:bf:1a:3e:
0b:48:1b:b6:1c:13:c7:46:d1:61:b5:0c:f6:3a:46:97:e7:5c:
65:a7:7b:94:f0:68:f6:83:ee:0e:13:bb:37:34:0b:0d:9c:63:
35:e4:b4:a9:e2:fb:31:1b:e6:a8:5d:f4:4f:2e:a0:be:f3:a5:
2c:a1:27:ab:1f:be:cf:ff:6c:33:28:b9:4c:38:89:37:b4:b1:
03:09:a8:e4:dd:0c:a3:f9:92:63:35:8e:6c:3d:6c:bc:12:cb:
9f:f7:82:79:02:0e:16:22:b5:b1:db:ce:72:16:13:e0:bb:74:
2b:61:14:63:2d:dc:d4:4f:b0:32:8e:00:f2:8e:1e:e0:7b:e5:
34:59:97:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSuRw/uaMZHH9XcSaGw7ha1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0M2E5YzM1ZDllMWEyZjRkMzRhNzU0ZmEyNmQyMDM2NTc4
NDcyMTgwHhcNMjIxMTI1MTAxMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWU0YTcyMGJkOTdiOGY5NjU5NzBkZWZjMmM3NjM0YTFmODQwMGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/8VHqKTN1ArbxHDZsp0uqemA0w0
74mFktcNVI/kE5paXt2NDI3HCtDFLehkewuud9g1+yQgcJO1XRPQK+j11fMDA3+C
LUg+6y2ZbfbfwUHlcKe9EFr6/PanwSk3dr62rGHO2qzSsOZ0fTEoGKbZADmqU4Wh
dDnRgaQ21U7bPBypomP4fxSzV6DXDZSwuMALQRpMCihOGszb9XRcKY3ECnY8k1vG
emD3kNap92zwdULxJ6PnPF1+/hLOwrlZT1vuQLefF6irWHe8+q3gQJwip8W/MFz7
kZ3nLEee7vsiIvYFV12ednY9tmyKfN0sEHlHvcAKFOXcosBpJSAYXw36EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLHkpyC9l7j5ZZcN78LHY0ofhACwMB8GA1UdIwQY
MBaAFAQ6nDXZ4aL000p1T6JtIDZXhHIYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkRxY05kbmhvdlRUU25WUG9tMGdObGVFY2hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zYjEwNGEtYzAzOS00MmMyLTlmZjEt
ODVjYmQyMDY4ZThmLzEvc2VTbklMMlh1UGxsbHczdndzZGpTaC1FQUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zYjEwNGEtYzAzOS00MmMyLTlmZjEtODVjYmQyMDY4ZThm
LzEvQkRxY05kbmhvdlRUU25WUG9tMGdObGVFY2hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCmFnwMA0G
CSqGSIb3DQEBCwUAA4IBAQAioxeVaA88S6rb4Pv09td+Y3KjV5+0MKKITBFqC1D2
xObsdusCI0URnV4LrFbp03SwyBXDTvLL5nxNIQ2DElKPSq/3rmGJtku8l/9zCS1h
zptiegikwxmgPkoflsuH9H/Scm7I8I+607Cg0YwpXkTJrzQQUpTks21ADKO/Gj4L
SBu2HBPHRtFhtQz2OkaX51xlp3uU8Gj2g+4OE7s3NAsNnGM15LSp4vsxG+aoXfRP
LqC+86UsoSerH77P/2wzKLlMOIk3tLEDCajk3Qyj+ZJjNY5sPWy8Esuf94J5Ag4W
IrWx285yFhPgu3QrYRRjLdzUT7AyjgDyjh7ge+U0WZdH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:07 2023 by rpki-client on console-ams.rpki-client.org