Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/9zTpYMRJqTVHb7tbN2xqb9Nt7ko.roa
File: 9zTpYMRJqTVHb7tbN2xqb9Nt7ko.roa (raw, json)
Hash identifier: B5AC7TgZlYvLvKFUTQrxM8z7iUxABx4uOl0HXg/j2Vc=
Subject key identifier: F7:34:E9:60:C4:49:A9:35:47:6F:BB:5B:37:6C:6A:6F:D3:6D:EE:4A
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01838B3B168795F13103083842969545755A
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/9zTpYMRJqTVHb7tbN2xqb9Nt7ko.roa
Signing time: Thu 29 Sep 2022 21:50:48 +0000
ROA not before: Thu 29 Sep 2022 21:50:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 89.43.41.0/24 maxlen: 24
89.43.42.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8b:3b:16:87:95:f1:31:03:08:38:42:96:95:45:75:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Sep 29 21:50:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f734e960c449a935476fbb5b376c6a6fd36dee4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:93:95:c8:e3:89:64:c8:6d:c5:95:15:ac:28:
44:d8:70:83:df:df:44:1b:20:76:dd:2f:65:92:dd:
91:41:75:36:d2:42:8a:bb:f2:86:5c:a4:d9:61:94:
87:7d:5b:f1:da:00:e8:00:bc:67:47:b2:e0:49:97:
6b:b1:b7:1b:c1:dc:6d:c5:10:e5:ac:2f:d6:f5:8f:
ec:fa:e2:54:57:b7:c0:dd:84:d9:a8:6a:13:ac:78:
94:a2:ce:55:9f:de:d3:e5:b3:37:a8:a7:e0:ca:f7:
56:ce:6e:1e:59:aa:46:0e:e9:f7:5c:28:90:b3:51:
5b:25:95:65:88:f9:5d:19:46:61:c8:ec:4d:0b:aa:
16:79:c6:eb:d6:f5:37:a9:96:df:e8:31:f2:a5:ae:
c0:85:16:c3:92:1f:8b:12:8c:80:3b:a3:6e:05:3b:
e2:e0:0e:dc:e7:1c:f3:e4:ba:8c:d5:86:17:d9:86:
b3:41:d4:3f:ac:46:e9:db:c1:38:72:4e:e7:17:69:
75:f8:0f:da:33:9c:40:c0:94:b0:e3:37:03:36:0a:
33:d2:cb:ca:cb:6a:5d:54:58:7e:3b:71:7c:45:f2:
27:b4:75:4b:c7:23:13:b9:0a:16:a7:a3:ee:15:40:
83:9a:47:5f:18:b5:ae:8a:a8:14:f8:0b:73:4a:0e:
42:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:34:E9:60:C4:49:A9:35:47:6F:BB:5B:37:6C:6A:6F:D3:6D:EE:4A
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/9zTpYMRJqTVHb7tbN2xqb9Nt7ko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.41.0-89.43.42.255
89.45.34.0/24
93.114.187.0/24
Signature Algorithm: sha256WithRSAEncryption
31:27:a2:c0:ce:25:4d:8d:42:3c:94:d2:a4:20:a8:5c:c4:cb:
48:cc:5c:b5:63:7f:13:4e:50:0d:0d:62:48:68:68:d9:f1:ec:
0c:c5:67:a3:09:01:0f:72:c0:a8:81:75:4e:5b:87:1b:d7:fd:
d0:c5:f6:f9:0c:54:c1:bd:ee:de:fc:83:f7:23:72:92:e0:82:
48:77:4c:60:c1:d9:7a:27:1a:f6:a1:18:b1:95:d8:1b:77:74:
54:c4:40:5e:b0:6c:d0:f3:fd:ba:b3:0b:f0:fb:35:bd:be:04:
2b:a4:d3:41:21:97:30:71:aa:7d:47:5e:31:c2:a0:6d:72:d9:
de:ba:cb:ad:38:db:a3:63:1f:10:7a:b3:8d:10:c2:79:43:ad:
3f:cf:e9:c0:8f:aa:f2:22:b9:5d:f5:21:a0:ee:b3:49:70:a1:
e9:8c:b6:2b:91:e6:6d:ba:4e:40:ab:2d:83:67:ef:3a:01:0c:
98:34:1f:2a:20:7a:13:70:86:97:7a:ca:c8:4f:0c:9d:b5:ae:
b7:cd:07:00:16:5a:7c:4b:05:de:ae:48:57:f4:24:f6:45:65:
bb:b0:47:ab:af:00:fd:d7:01:2e:b2:99:9f:69:a8:b8:ad:a1:
d6:dc:37:f3:04:01:f6:05:38:ee:41:a2:ff:bf:1f:5c:1a:f3:
cd:b0:f2:73
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYOLOxaHlfExAwg4QpaVRXVaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIwOTI5MjE1MDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzM0ZTk2MGM0NDlhOTM1NDc2ZmJiNWIzNzZjNmE2ZmQzNmRlZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpOVyOOJZMhtxZUVrChE2HCD399E
GyB23S9lkt2RQXU20kKKu/KGXKTZYZSHfVvx2gDoALxnR7LgSZdrsbcbwdxtxRDl
rC/W9Y/s+uJUV7fA3YTZqGoTrHiUos5Vn97T5bM3qKfgyvdWzm4eWapGDun3XCiQ
s1FbJZVliPldGUZhyOxNC6oWecbr1vU3qZbf6DHypa7AhRbDkh+LEoyAO6NuBTvi
4A7c5xzz5LqM1YYX2YazQdQ/rEbp28E4ck7nF2l1+A/aM5xAwJSw4zcDNgoz0svK
y2pdVFh+O3F8RfIntHVLxyMTuQoWp6PuFUCDmkdfGLWuiqgU+AtzSg5CLwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPc06WDESak1R2+7Wzdsam/Tbe5KMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvOXpUcFlNUkpxVFZIYjd0Yk4yeHFiOU50N2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZKykD
BABZKyoDBABZLSIDBABdcrswDQYJKoZIhvcNAQELBQADggEBADEnosDOJU2NQjyU
0qQgqFzEy0jMXLVjfxNOUA0NYkhoaNnx7AzFZ6MJAQ9ywKiBdU5bhxvX/dDF9vkM
VMG97t78g/cjcpLggkh3TGDB2XonGvahGLGV2Bt3dFTEQF6wbNDz/bqzC/D7Nb2+
BCuk00EhlzBxqn1HXjHCoG1y2d66y60426NjHxB6s40QwnlDrT/P6cCPqvIiuV31
IaDus0lwoemMtiuR5m26TkCrLYNn7zoBDJg0HyogehNwhpd6yshPDJ21rrfNBwAW
WnxLBd6uSFf0JPZFZbuwR6uvAP3XAS6ymZ9pqLitodbcN/MEAfYFOO5Bov+/H1wa
882w8nM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:54 2023 by rpki-client on console-ams.rpki-client.org