Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/86h00iSv2yjnB1TBoKJUzpPzkF4.roa
File: 86h00iSv2yjnB1TBoKJUzpPzkF4.roa (raw, json)
Hash identifier: BKILgvrEkYi74VW3lOmBfQYiT02ULK8znxx9qrrU1cY=
Subject key identifier: F3:A8:74:D2:24:AF:DB:28:E7:07:54:C1:A0:A2:54:CE:93:F3:90:5E
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0B4C20C7
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/86h00iSv2yjnB1TBoKJUzpPzkF4.roa
Signing time: Sat 01 Jan 2022 13:05:00 +0000
ROA not before: Sat 01 Jan 2022 13:05:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58022
IP address blocks: 89.40.22.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 189538503 (0xb4c20c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 1 13:05:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3a874d224afdb28e70754c1a0a254ce93f3905e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:dd:16:de:41:da:56:5a:80:75:e8:0d:e3:b0:
2b:70:42:14:41:86:ef:8a:80:a6:9a:d8:a2:dd:6c:
97:f4:e0:33:39:44:9b:66:c5:85:f8:c8:b4:f9:69:
20:b7:73:d8:35:b6:89:ca:49:0d:69:27:7c:e1:24:
90:15:c8:aa:48:13:d9:e3:99:b7:39:10:ef:12:04:
9a:4f:1f:89:dd:83:b3:d0:29:c8:51:e8:ac:17:95:
a6:0c:5b:71:3c:d6:09:cd:52:d5:12:88:7f:23:bb:
11:4c:4b:d1:6b:26:b5:a1:db:41:7f:2b:b4:03:3c:
ba:eb:88:8c:7d:cb:44:88:a7:d5:98:66:4f:48:a9:
1a:cf:0d:19:0b:15:23:78:bb:b6:b6:e9:f8:3a:f1:
83:cc:62:24:99:98:9d:56:e3:06:8c:b6:d0:05:4e:
d7:77:56:d2:1b:e5:50:cd:0a:ee:fb:8d:42:36:05:
f7:84:52:f2:61:02:a0:b0:63:40:e4:e9:62:4e:8d:
7a:86:0c:cc:43:e3:c8:46:10:9c:3e:1c:a3:47:8a:
28:b3:99:47:89:8a:5e:1e:85:35:e9:03:a7:84:94:
a8:96:69:a9:50:0c:27:d3:85:9b:a5:62:a6:d3:e0:
e2:e9:9d:bc:84:52:02:d9:fe:57:df:78:b4:f3:05:
eb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A8:74:D2:24:AF:DB:28:E7:07:54:C1:A0:A2:54:CE:93:F3:90:5E
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/86h00iSv2yjnB1TBoKJUzpPzkF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.22.0/23
Signature Algorithm: sha256WithRSAEncryption
44:54:29:80:49:a6:65:b5:c4:8f:8a:93:e9:78:5c:4f:08:d5:
42:85:26:d6:c3:15:ec:7a:d4:c8:ab:a7:3e:54:cd:d7:e4:29:
87:f0:23:96:4c:a5:7e:af:29:92:90:98:97:a1:fb:90:8c:6a:
1c:3d:b8:24:9a:4d:98:d9:eb:69:9e:59:89:26:6b:b4:12:15:
0e:c9:2d:60:66:62:8a:85:8b:6a:f4:6f:b9:00:f2:02:85:ac:
52:fd:60:f1:6c:43:43:10:c5:13:8a:c2:83:b0:54:3b:16:01:
d0:c8:86:12:f2:43:46:82:9d:58:a1:48:d2:b9:fc:86:e2:cc:
19:d7:fd:37:2b:59:71:04:a1:fb:90:46:72:9b:93:0a:11:81:
b0:61:15:6e:74:be:0a:92:5b:39:ab:31:85:b2:db:b4:ee:79:
9e:d9:c7:20:7c:f9:d9:c7:63:7d:0e:45:7a:93:ec:28:c3:14:
3e:24:c7:35:e2:43:35:06:5b:77:2b:eb:e7:05:cc:c8:89:97:
a7:d1:99:8d:12:d7:be:ba:ac:c9:d2:f3:4e:3c:e0:dd:9e:37:
5c:26:6e:6e:75:02:b8:de:f3:b7:50:e5:77:91:90:b4:7b:31:
3f:58:63:48:b6:4a:98:76:c2:93:e8:5c:25:97:83:2d:2b:cc:
1a:7d:a7:63
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC0wgxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDEw
MTEzMDUwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNhODc0ZDIyNGFm
ZGIyOGU3MDc1NGMxYTBhMjU0Y2U5M2YzOTA1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/dFt5B2lZagHXoDeOwK3BCFEGG74qApprYot1sl/TgMzlE
m2bFhfjItPlpILdz2DW2icpJDWknfOEkkBXIqkgT2eOZtzkQ7xIEmk8fid2Ds9Ap
yFHorBeVpgxbcTzWCc1S1RKIfyO7EUxL0WsmtaHbQX8rtAM8uuuIjH3LRIin1Zhm
T0ipGs8NGQsVI3i7trbp+Drxg8xiJJmYnVbjBoy20AVO13dW0hvlUM0K7vuNQjYF
94RS8mECoLBjQOTpYk6NeoYMzEPjyEYQnD4co0eKKLOZR4mKXh6FNekDp4SUqJZp
qVAMJ9OFm6ViptPg4umdvIRSAtn+V994tPMF69MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTzqHTSJK/bKOcHVMGgolTOk/OQXjAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
Lzg2aDAwaVN2MnlqbkIxVEJvS0pVenBQemtGNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVkoFjANBgkqhkiG9w0BAQsFAAOC
AQEARFQpgEmmZbXEj4qT6XhcTwjVQoUm1sMV7HrUyKunPlTN1+Qph/Ajlkylfq8p
kpCYl6H7kIxqHD24JJpNmNnraZ5ZiSZrtBIVDsktYGZiioWLavRvuQDyAoWsUv1g
8WxDQxDFE4rCg7BUOxYB0MiGEvJDRoKdWKFI0rn8huLMGdf9NytZcQSh+5BGcpuT
ChGBsGEVbnS+CpJbOasxhbLbtO55ntnHIHz52cdjfQ5FepPsKMMUPiTHNeJDNQZb
dyvr5wXMyImXp9GZjRLXvrqsydLzTjzg3Z43XCZubnUCuN7zt1Dld5GQtHsxP1hj
SLZKmHbCk+hcJZeDLSvMGn2nYw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:54 2023 by rpki-client on console-ams.rpki-client.org