Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/S3LMtnGfhfn2t9DlNtED5IbT3u8.roa
File: S3LMtnGfhfn2t9DlNtED5IbT3u8.roa (raw, json)
Hash identifier: gpXqMgIVgyCcy31Ms5QieGjp48WKiZo4zPHdgEGp+Q4=
Subject key identifier: 4B:72:CC:B6:71:9F:85:F9:F6:B7:D0:E5:36:D1:03:E4:86:D3:DE:EF
Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Certificate serial: 0182A1F21CF88B6FA0D492993D7F77249751
Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/S3LMtnGfhfn2t9DlNtED5IbT3u8.roa
Signing time: Mon 15 Aug 2022 14:39:35 +0000
ROA not before: Mon 15 Aug 2022 14:39:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203363
IP address blocks: 152.89.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:f2:1c:f8:8b:6f:a0:d4:92:99:3d:7f:77:24:97:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e
Validity
Not Before: Aug 15 14:39:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b72ccb6719f85f9f6b7d0e536d103e486d3deef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4c:e9:01:d4:41:5c:fb:6d:c2:7f:61:67:d6:
af:e1:63:3f:ff:ba:c9:7b:ac:48:49:7a:cf:f7:4f:
57:49:67:02:a2:b8:17:48:a4:4a:c4:9c:71:2c:3f:
d6:0b:90:8a:f0:f7:60:d5:8b:89:bc:20:5f:ba:50:
54:0e:b2:30:ad:41:20:b4:21:38:21:39:79:42:e9:
c9:b9:7b:b8:6e:11:b7:6e:7a:31:6b:5b:59:2b:8b:
c3:ad:ad:6d:c2:b5:1b:36:32:e9:4a:0f:e4:07:89:
76:3a:07:a3:64:2c:03:e8:77:73:97:4b:a8:3c:26:
34:77:a7:88:49:1e:15:67:02:b6:cb:15:3c:16:4f:
f4:53:4b:3f:5f:0f:19:94:28:7c:ad:eb:2c:6a:ad:
e4:c1:cb:67:cd:2d:92:ef:1e:db:0d:c3:96:20:6c:
56:a9:20:c1:49:a6:c3:0e:d0:2f:11:e7:26:98:43:
8c:c7:2d:df:4e:99:9e:a1:82:54:59:91:e0:49:01:
61:67:3d:2b:20:b3:ce:a1:43:37:92:d0:7f:20:c5:
3e:c3:06:cb:fd:02:bc:4a:25:ec:7d:9f:e4:24:a0:
e6:12:94:6b:8f:d2:71:e1:75:2b:2b:e2:b5:36:a6:
3b:8f:eb:c7:b3:65:46:a9:6b:31:07:0c:91:e4:08:
56:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:72:CC:B6:71:9F:85:F9:F6:B7:D0:E5:36:D1:03:E4:86:D3:DE:EF
X509v3 Authority Key Identifier:
keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/S3LMtnGfhfn2t9DlNtED5IbT3u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.171.0/24
Signature Algorithm: sha256WithRSAEncryption
63:a0:76:c7:49:35:cd:77:e3:98:f9:c2:0f:3a:af:36:7a:ef:
35:4a:68:93:ab:7f:ff:98:dc:28:e7:e2:42:cb:2d:5d:14:f6:
08:05:d6:6f:f8:b2:b3:01:7f:8c:ac:94:ed:03:8b:1a:51:76:
e7:57:cc:af:ec:b2:23:fe:c6:70:fb:31:03:ae:6b:6e:4a:de:
50:55:32:a4:63:aa:0e:0a:ae:fd:bd:a5:9c:c2:8c:c8:dc:30:
0f:91:7a:a1:83:47:e3:f7:cf:c0:75:2f:e3:cd:97:09:8e:1e:
ef:b8:b3:52:f7:b3:42:1b:b1:19:3b:33:e0:95:1c:5d:99:6a:
9e:e2:62:f7:fe:e2:aa:81:fb:76:c9:34:22:ba:53:89:eb:2a:
b0:ad:9d:46:dd:0b:27:5a:a7:18:53:f7:b4:96:f7:62:93:d7:
94:99:73:9c:71:8a:ed:c6:c7:ce:6d:c9:ed:0c:a7:38:7c:f2:
35:77:08:e7:85:c4:5c:c6:c5:0c:d5:18:9e:0b:1f:82:eb:84:
26:61:19:55:a9:15:9e:b7:39:14:53:66:a6:cd:63:44:72:f2:
e0:a3:e8:47:8c:c6:28:46:cd:7a:6c:86:b0:7b:e6:3b:38:a8:
8e:d0:68:b5:1d:fd:80:f0:5c:3e:7f:28:58:70:da:40:6e:83:
39:f4:71:1b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYKh8hz4i2+g1JKZPX93JJdRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh
ODBlOWUwHhcNMjIwODE1MTQzOTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjcyY2NiNjcxOWY4NWY5ZjZiN2QwZTUzNmQxMDNlNDg2ZDNkZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkzpAdRBXPttwn9hZ9av4WM//7rJ
e6xISXrP909XSWcCorgXSKRKxJxxLD/WC5CK8Pdg1YuJvCBfulBUDrIwrUEgtCE4
ITl5QunJuXu4bhG3bnoxa1tZK4vDra1twrUbNjLpSg/kB4l2OgejZCwD6Hdzl0uo
PCY0d6eISR4VZwK2yxU8Fk/0U0s/Xw8ZlCh8ressaq3kwctnzS2S7x7bDcOWIGxW
qSDBSabDDtAvEecmmEOMxy3fTpmeoYJUWZHgSQFhZz0rILPOoUM3ktB/IMU+wwbL
/QK8SiXsfZ/kJKDmEpRrj9Jx4XUrK+K1NqY7j+vHs2VGqWsxBwyR5AhWiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEtyzLZxn4X59rfQ5TbRA+SG097vMB8GA1UdIwQY
MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt
OWU3MWRjMjRhNjgzLzEvUzNMTXRuR2ZoZm4ydDlEbE50RUQ1SWJUM3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz
LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFmrMA0G
CSqGSIb3DQEBCwUAA4IBAQBjoHbHSTXNd+OY+cIPOq82eu81SmiTq3//mNwo5+JC
yy1dFPYIBdZv+LKzAX+MrJTtA4saUXbnV8yv7LIj/sZw+zEDrmtuSt5QVTKkY6oO
Cq79vaWcwozI3DAPkXqhg0fj98/AdS/jzZcJjh7vuLNS97NCG7EZOzPglRxdmWqe
4mL3/uKqgft2yTQiulOJ6yqwrZ1G3QsnWqcYU/e0lvdik9eUmXOccYrtxsfObcnt
DKc4fPI1dwjnhcRcxsUM1RieCx+C64QmYRlVqRWetzkUU2amzWNEcvLgo+hHjMYo
Rs16bIawe+Y7OKiO0Gi1Hf2A8Fw+fyhYcNpAboM59HEb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:34 2024 by rpki-client on console-fra.rpki-client.org