Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/E-jsz3aFSDxPsGjspuX9Om-7_sA.roa
File: E-jsz3aFSDxPsGjspuX9Om-7_sA.roa (raw, json)
Hash identifier: nlgRWqK/nVxZvSGcqoXzoVTs3X7tguQ0AblfdlLezx0=
Subject key identifier: 13:E8:EC:CF:76:85:48:3C:4F:B0:68:EC:A6:E5:FD:3A:6F:BB:FE:C0
Certificate issuer: /CN=89e4bf59877a3b2ef14f5f120a6750dc14939c6b
Certificate serial: 0188CEDA29CACDA1D830CAEB288665209720
Authority key identifier: 89:E4:BF:59:87:7A:3B:2E:F1:4F:5F:12:0A:67:50:DC:14:93:9C:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/E-jsz3aFSDxPsGjspuX9Om-7_sA.roa
Signing time: Sun 18 Jun 2023 14:13:03 +0000
ROA not before: Sun 18 Jun 2023 14:13:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50643
IP address blocks: 195.191.200.0/23 maxlen: 24
91.221.190.0/23 maxlen: 23
2001:678:b4c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ce:da:29:ca:cd:a1:d8:30:ca:eb:28:86:65:20:97:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89e4bf59877a3b2ef14f5f120a6750dc14939c6b
Validity
Not Before: Jun 18 14:13:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=13e8eccf7685483c4fb068eca6e5fd3a6fbbfec0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0b:98:a8:d8:57:cf:83:19:7a:8d:d5:7d:5a:
ed:b1:81:15:95:08:35:83:3d:85:a2:43:3d:35:88:
c3:36:9f:5a:da:45:d8:43:cf:4b:bb:1c:2a:5a:c5:
2e:c2:e9:c6:f6:57:3c:d2:48:19:54:f8:11:96:2f:
d5:05:8e:43:ad:59:5d:79:db:8a:22:f8:ee:a1:7e:
ca:39:b7:0b:da:32:34:45:2f:d7:3b:c2:99:1e:ac:
22:52:ee:6a:5c:b6:41:26:a5:9f:f2:ba:60:d6:88:
aa:5e:cd:46:5c:6d:99:8f:bc:4b:9f:fc:fe:d9:45:
61:8d:37:e5:97:35:c9:d7:b8:66:9d:64:1d:c9:fd:
6f:b1:72:50:01:41:66:06:33:88:c8:79:ba:cc:7c:
fc:c6:2c:42:89:20:ed:f9:c4:34:c6:8d:cd:34:1c:
28:e1:e9:0f:64:f5:dc:15:15:a5:17:d0:00:1d:f6:
0c:8f:8f:4d:70:f8:a0:9c:50:9b:c3:70:87:22:ea:
34:81:47:0f:31:eb:db:ed:50:25:03:11:75:8a:80:
36:20:c3:ac:39:03:90:fa:54:be:c8:e6:b6:c6:10:
0d:d6:6f:66:75:fa:d7:e0:a9:5c:89:b0:46:a0:a3:
9f:00:bf:a7:37:5e:e9:93:91:38:a9:59:20:3c:fe:
e2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E8:EC:CF:76:85:48:3C:4F:B0:68:EC:A6:E5:FD:3A:6F:BB:FE:C0
X509v3 Authority Key Identifier:
keyid:89:E4:BF:59:87:7A:3B:2E:F1:4F:5F:12:0A:67:50:DC:14:93:9C:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/E-jsz3aFSDxPsGjspuX9Om-7_sA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.190.0/23
195.191.200.0/23
IPv6:
2001:678:b4c::/48
Signature Algorithm: sha256WithRSAEncryption
33:56:fa:59:79:96:3a:59:14:a4:75:f2:93:99:f3:81:8b:84:
7c:73:4a:ec:aa:2b:0c:1b:28:a0:8c:ab:a7:7a:06:97:39:be:
03:f7:f7:1f:b0:ec:d4:18:8f:b9:30:06:86:b4:72:27:bd:f5:
d0:a6:01:cd:4a:f7:e0:d9:4e:48:50:65:c9:f2:bc:b4:51:b5:
a5:91:37:b6:43:6e:f5:74:89:90:6d:e8:29:77:1a:cf:78:c9:
84:64:19:c5:a2:65:04:9a:9d:9e:0e:41:f2:ca:90:0a:e4:9a:
4b:90:b1:56:d2:8f:0c:9a:89:b5:b7:ea:97:12:f8:f8:1e:67:
11:eb:6a:31:ac:f3:87:83:c9:26:46:9a:eb:f1:b5:04:87:c5:
e6:2e:f1:f5:8e:0a:7c:49:73:08:db:fa:cc:a2:51:cd:b2:94:
a3:16:9d:ac:70:40:a4:b1:c4:a0:da:e5:50:02:cb:1d:6c:1e:
1f:24:3a:8f:c9:8f:e6:ea:28:73:48:40:ca:d0:15:af:fd:f8:
e3:69:0c:53:b0:04:a1:6a:96:93:51:d3:4c:5b:87:49:cd:26:
66:d0:80:5d:e4:51:5b:16:f5:94:18:64:f2:64:ef:f8:15:ec:
92:19:b5:f6:8a:02:42:68:30:f2:bc:de:24:69:2f:32:fd:ce:
15:ac:80:42
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYjO2inKzaHYMMrrKIZlIJcgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZTRiZjU5ODc3YTNiMmVmMTRmNWYxMjBhNjc1MGRjMTQ5
MzljNmIwHhcNMjMwNjE4MTQxMzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2U4ZWNjZjc2ODU0ODNjNGZiMDY4ZWNhNmU1ZmQzYTZmYmJmZWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQuYqNhXz4MZeo3VfVrtsYEVlQg1
gz2FokM9NYjDNp9a2kXYQ89LuxwqWsUuwunG9lc80kgZVPgRli/VBY5DrVldeduK
IvjuoX7KObcL2jI0RS/XO8KZHqwiUu5qXLZBJqWf8rpg1oiqXs1GXG2Zj7xLn/z+
2UVhjTfllzXJ17hmnWQdyf1vsXJQAUFmBjOIyHm6zHz8xixCiSDt+cQ0xo3NNBwo
4ekPZPXcFRWlF9AAHfYMj49NcPignFCbw3CHIuo0gUcPMevb7VAlAxF1ioA2IMOs
OQOQ+lS+yOa2xhAN1m9mdfrX4KlcibBGoKOfAL+nN17pk5E4qVkgPP7iiQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBPo7M92hUg8T7Bo7Kbl/Tpvu/7AMB8GA1UdIwQY
MBaAFInkv1mHejsu8U9fEgpnUNwUk5xrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWVTX1dZZDZPeTd4VDE4U0NtZFEzQlNUbkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8wNzViYzEtMmI1NS00MGIxLTk5MGUt
MjNiYjQyMDNlYjU3LzEvRS1qc3ozYUZTRHhQc0dqc3B1WDlPbS03X3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8wNzViYzEtMmI1NS00MGIxLTk5MGUtMjNiYjQyMDNlYjU3
LzEvaWVTX1dZZDZPeTd4VDE4U0NtZFEzQlNUbkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW92+AwQB
w7/IMA8EAgACMAkDBwAgAQZ4C0wwDQYJKoZIhvcNAQELBQADggEBADNW+ll5ljpZ
FKR18pOZ84GLhHxzSuyqKwwbKKCMq6d6Bpc5vgP39x+w7NQYj7kwBoa0cie99dCm
Ac1K9+DZTkhQZcnyvLRRtaWRN7ZDbvV0iZBt6Cl3Gs94yYRkGcWiZQSanZ4OQfLK
kArkmkuQsVbSjwyaibW36pcS+PgeZxHrajGs84eDySZGmuvxtQSHxeYu8fWOCnxJ
cwjb+syiUc2ylKMWnaxwQKSxxKDa5VACyx1sHh8kOo/Jj+bqKHNIQMrQFa/9+ONp
DFOwBKFqlpNR00xbh0nNJmbQgF3kUVsW9ZQYZPJk7/gV7JIZtfaKAkJoMPK83iRp
LzL9zhWsgEI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:18 2025 by rpki-client