Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/iKWHBNxbtlbBFqU0KY0tkglE2gg.roa
File: iKWHBNxbtlbBFqU0KY0tkglE2gg.roa (raw, json)
Hash identifier: nK0neID4RLAOYDNN/IpWQbgn2Srp9ZdYl9mvUbjdl6s=
Subject key identifier: 88:A5:87:04:DC:5B:B6:56:C1:16:A5:34:29:8D:2D:92:09:44:DA:08
Certificate issuer: /CN=ebb08be800126511cff8d25699d9ac136ed0ec8c
Certificate serial: 19F41068
Authority key identifier: EB:B0:8B:E8:00:12:65:11:CF:F8:D2:56:99:D9:AC:13:6E:D0:EC:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/67CL6AASZRHP-NJWmdmsE27Q7Iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/iKWHBNxbtlbBFqU0KY0tkglE2gg.roa
Signing time: Sat 01 Jan 2022 05:02:42 +0000
ROA not before: Sat 01 Jan 2022 05:02:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41695
IP address blocks: 134.0.64.0/21 maxlen: 21
89.21.224.0/19 maxlen: 19
2a01:420::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 435425384 (0x19f41068)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebb08be800126511cff8d25699d9ac136ed0ec8c
Validity
Not Before: Jan 1 05:02:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88a58704dc5bb656c116a534298d2d920944da08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:69:0b:ee:9a:d0:d5:e4:cb:18:c1:6e:5b:46:
4b:15:43:e2:d9:15:ae:b5:af:b0:57:e3:69:81:c2:
96:81:58:09:69:39:75:5a:49:62:68:80:9e:8e:da:
4e:98:45:bb:6b:7b:7f:e5:f9:c7:ec:07:78:f1:28:
f4:a3:f5:c0:4e:08:cf:b0:7a:a7:de:92:0e:c9:5c:
8d:ef:46:cf:79:56:41:e4:55:06:7a:c0:f2:07:4d:
36:51:bd:85:cb:10:d3:28:21:5f:32:8c:51:df:c4:
ae:39:d6:57:ff:61:f6:94:54:45:56:ff:3a:3a:a1:
28:55:09:36:9b:77:08:0e:b2:90:9a:8c:42:59:0f:
9f:5d:7b:54:83:36:59:24:ed:a7:f9:9c:82:b9:62:
f1:ca:0a:93:d1:7a:9c:e4:2b:d4:f1:00:2b:96:9c:
e1:ae:96:0b:2c:ad:86:0f:9a:39:07:fa:94:39:83:
5c:f9:96:35:2e:9b:ba:ae:96:7b:05:12:3a:28:52:
24:b7:6a:50:19:7e:e0:8a:46:29:ad:21:8d:d8:b9:
04:e1:03:d7:09:a8:a7:7e:c4:3e:48:47:64:02:7f:
c1:bf:41:14:2a:36:01:06:00:d2:60:51:bb:dd:fe:
71:62:1b:f4:df:9f:02:5d:a9:43:b0:67:80:4e:03:
a2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A5:87:04:DC:5B:B6:56:C1:16:A5:34:29:8D:2D:92:09:44:DA:08
X509v3 Authority Key Identifier:
keyid:EB:B0:8B:E8:00:12:65:11:CF:F8:D2:56:99:D9:AC:13:6E:D0:EC:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67CL6AASZRHP-NJWmdmsE27Q7Iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/iKWHBNxbtlbBFqU0KY0tkglE2gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/6c142a-2b5e-416b-94de-ba9d51fe9e2b/1/67CL6AASZRHP-NJWmdmsE27Q7Iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.224.0/19
134.0.64.0/21
IPv6:
2a01:420::/32
Signature Algorithm: sha256WithRSAEncryption
19:cf:ef:5a:7e:b8:fa:ab:a6:4f:48:c3:4b:6c:4f:56:a6:9a:
29:27:88:8c:5f:35:70:c5:77:2a:b9:f8:26:5b:f0:dc:6c:30:
29:fa:ee:99:f3:2e:4b:a3:ba:f3:62:aa:da:d0:bf:f6:f0:03:
44:b8:5c:d4:c5:e3:64:c2:3e:80:5e:89:aa:3e:b5:c1:a9:a5:
8b:58:46:f0:19:3e:cc:e1:13:72:55:35:af:41:bc:80:6c:ab:
64:66:e1:cf:f5:01:e8:73:a0:0e:a1:48:f8:c5:78:77:be:d9:
09:78:11:ee:55:6a:42:8d:4e:99:da:ec:b7:83:3c:bd:31:2a:
d7:27:fd:8b:5a:df:a8:63:97:74:c9:bd:6c:1a:5e:1b:ce:dd:
85:93:57:56:a5:8c:89:06:55:62:50:fb:2e:22:ec:40:82:a2:
c7:5f:b6:db:49:32:a9:12:8f:81:bd:75:48:14:c8:6d:96:a6:
b2:93:13:b5:8d:37:d1:96:b1:ad:a4:24:06:74:29:7f:42:d2:
98:fa:49:44:f1:fd:7e:47:cb:13:35:b4:7f:55:f9:cc:da:d4:
04:f5:95:df:b4:a8:60:33:28:10:0e:b5:f2:60:e2:62:31:d5:
92:6f:83:1f:b9:31:55:af:74:01:15:f3:8a:7d:30:fc:52:2a:
41:1c:af:56
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGfQQaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmIwOGJlODAwMTI2NTExY2ZmOGQyNTY5OWQ5YWMxMzZlZDBlYzhjMB4XDTIyMDEw
MTA1MDI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhhNTg3MDRkYzVi
YjY1NmMxMTZhNTM0Mjk4ZDJkOTIwOTQ0ZGEwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdpC+6a0NXkyxjBbltGSxVD4tkVrrWvsFfjaYHCloFYCWk5
dVpJYmiAno7aTphFu2t7f+X5x+wHePEo9KP1wE4Iz7B6p96SDslcje9Gz3lWQeRV
BnrA8gdNNlG9hcsQ0yghXzKMUd/ErjnWV/9h9pRURVb/OjqhKFUJNpt3CA6ykJqM
QlkPn117VIM2WSTtp/mcgrli8coKk9F6nOQr1PEAK5ac4a6WCyythg+aOQf6lDmD
XPmWNS6buq6WewUSOihSJLdqUBl+4IpGKa0hjdi5BOED1wmop37EPkhHZAJ/wb9B
FCo2AQYA0mBRu93+cWIb9N+fAl2pQ7BngE4DouECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSIpYcE3Fu2VsEWpTQpjS2SCUTaCDAfBgNVHSMEGDAWgBTrsIvoABJlEc/4
0laZ2awTbtDsjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzY3Q0w2QUFTWlJIUC1OSldtZG1zRTI3UTdJdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNmMxNDJhLTJiNWUtNDE2Yi05NGRlLWJhOWQ1MWZlOWUyYi8x
L2lLV0hCTnhidGxiQkZxVTBLWTB0a2dsRTJnZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NmMxNDJhLTJiNWUtNDE2Yi05NGRlLWJhOWQ1MWZlOWUyYi8xLzY3Q0w2QUFTWlJI
UC1OSldtZG1zRTI3UTdJdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBVkV4AMEA4YAQDANBAIAAjAHAwUA
KgEEIDANBgkqhkiG9w0BAQsFAAOCAQEAGc/vWn64+qumT0jDS2xPVqaaKSeIjF81
cMV3Krn4Jlvw3GwwKfrumfMuS6O682Kq2tC/9vADRLhc1MXjZMI+gF6Jqj61waml
i1hG8Bk+zOETclU1r0G8gGyrZGbhz/UB6HOgDqFI+MV4d77ZCXgR7lVqQo1Omdrs
t4M8vTEq1yf9i1rfqGOXdMm9bBpeG87dhZNXVqWMiQZVYlD7LiLsQIKix1+220ky
qRKPgb11SBTIbZamspMTtY030ZaxraQkBnQpf0LSmPpJRPH9fkfLEzW0f1X5zNrU
BPWV37SoYDMoEA618mDiYjHVkm+DH7kxVa90ARXzin0w/FIqQRyvVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:42 2024 by rpki-client on console-fra.rpki-client.org