Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/AM-WdrjDFv8pZrOcMnsJsjpi32U.roa
File: AM-WdrjDFv8pZrOcMnsJsjpi32U.roa (raw, json)
Hash identifier: zrrO4SVNKF+zQtmnkbcz/qkfyk5KmGnI9a1utPP5Bus=
Subject key identifier: 00:CF:96:76:B8:C3:16:FF:29:66:B3:9C:32:7B:09:B2:3A:62:DF:65
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01856265555DDA4F894210365A2F2C0E870E
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/AM-WdrjDFv8pZrOcMnsJsjpi32U.roa
Signing time: Fri 30 Dec 2022 09:38:06 +0000
ROA not before: Fri 30 Dec 2022 09:38:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 89.43.45.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
188.215.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:65:55:5d:da:4f:89:42:10:36:5a:2f:2c:0e:87:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Dec 30 09:38:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00cf9676b8c316ff2966b39c327b09b23a62df65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0e:77:b3:64:27:dc:53:4c:eb:65:68:fd:50:
10:2a:f5:c6:38:00:02:5c:e2:34:6e:b2:d8:db:06:
b8:a8:cf:21:00:83:f4:d9:b6:b0:d5:f4:70:a8:5d:
d5:41:40:e0:60:f5:1a:67:b4:a8:30:0d:2e:58:99:
e3:16:d3:8f:19:d4:10:08:b7:c5:6e:82:a3:0e:65:
65:46:00:61:c3:24:fa:59:f2:74:27:8c:e0:9d:2d:
39:0b:36:3c:f1:0c:00:d1:73:1a:4a:dd:39:28:9d:
42:39:ee:e8:3a:c1:36:22:bf:48:ea:83:6b:26:05:
cd:d0:cb:8d:e8:a5:f9:76:68:41:85:e0:b9:4c:e0:
77:1f:4d:9b:92:11:9f:ea:b7:24:c5:87:b1:ba:52:
7e:8f:1c:0d:3d:a1:5f:36:cc:39:18:7e:30:bc:ef:
1d:4f:d3:f9:2f:1f:d1:76:3d:5e:66:6a:78:ce:aa:
e5:83:e9:7f:2c:32:32:e7:51:c3:8b:44:ab:8f:39:
b6:04:d7:7c:8a:c5:f7:70:d7:53:a1:e5:2f:8c:b4:
85:ce:9d:24:36:0a:77:32:41:50:07:7f:b1:5e:b6:
3f:28:58:e2:b7:ec:6e:cc:12:99:22:a9:81:23:70:
a9:e2:9f:c8:1f:00:12:2c:7e:f2:c8:40:43:e7:ec:
dd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:CF:96:76:B8:C3:16:FF:29:66:B3:9C:32:7B:09:B2:3A:62:DF:65
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/AM-WdrjDFv8pZrOcMnsJsjpi32U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.45.0-89.43.46.255
188.215.73.0/24
Signature Algorithm: sha256WithRSAEncryption
88:3c:d0:61:3b:dd:a8:48:16:85:f2:34:51:01:13:62:7e:d7:
71:77:26:93:b5:be:e4:96:a7:19:16:17:2f:49:e8:0a:45:1f:
be:a3:02:0f:05:26:50:65:58:9e:43:ad:05:86:d8:98:22:38:
10:32:18:ea:06:15:9d:9e:ea:2c:4c:28:97:cf:43:e2:3c:7c:
8c:22:08:f4:5f:e0:19:be:18:68:09:39:bf:93:73:9f:24:4d:
a3:a1:2c:86:1f:61:a9:e5:b9:b9:bb:b5:c1:7f:57:d1:73:06:
b4:0a:3e:9b:3b:6a:5d:18:5d:17:93:f2:23:66:0f:fb:32:a8:
02:df:c4:a6:17:fc:69:35:be:f0:41:16:83:c0:ec:1c:7b:8b:
be:cf:41:21:1d:99:e9:0e:c8:3b:ba:21:b0:c8:77:90:92:c4:
7b:ac:3b:64:f9:6a:87:a9:9b:29:ce:c4:04:9b:d0:fe:0c:5d:
00:f3:c9:fd:45:a0:1f:b6:71:07:e8:88:cb:d8:d4:e1:66:62:
b2:f9:37:22:f9:82:b1:51:b4:35:02:1a:a1:44:a7:7e:65:51:
f9:e9:f7:da:9f:66:fc:55:1a:8c:2b:da:59:99:db:62:20:22:
45:d1:82:43:68:2d:f8:b5:dd:68:49:25:7a:41:d1:20:46:96:
1f:1e:8e:8f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYViZVVd2k+JQhA2Wi8sDocOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIxMjMwMDkzODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGNmOTY3NmI4YzMxNmZmMjk2NmIzOWMzMjdiMDliMjNhNjJkZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg53s2Qn3FNM62Vo/VAQKvXGOAAC
XOI0brLY2wa4qM8hAIP02baw1fRwqF3VQUDgYPUaZ7SoMA0uWJnjFtOPGdQQCLfF
boKjDmVlRgBhwyT6WfJ0J4zgnS05CzY88QwA0XMaSt05KJ1COe7oOsE2Ir9I6oNr
JgXN0MuN6KX5dmhBheC5TOB3H02bkhGf6rckxYexulJ+jxwNPaFfNsw5GH4wvO8d
T9P5Lx/Rdj1eZmp4zqrlg+l/LDIy51HDi0Srjzm2BNd8isX3cNdToeUvjLSFzp0k
Ngp3MkFQB3+xXrY/KFjit+xuzBKZIqmBI3Cp4p/IHwASLH7yyEBD5+zdjwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFADPlna4wxb/KWaznDJ7CbI6Yt9lMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvQU0tV2RyakRGdjhwWnJPY01uc0pzanBpMzJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKy0D
BABZKy4DBAC810kwDQYJKoZIhvcNAQELBQADggEBAIg80GE73ahIFoXyNFEBE2J+
13F3JpO1vuSWpxkWFy9J6ApFH76jAg8FJlBlWJ5DrQWG2JgiOBAyGOoGFZ2e6ixM
KJfPQ+I8fIwiCPRf4Bm+GGgJOb+Tc58kTaOhLIYfYanlubm7tcF/V9FzBrQKPps7
al0YXReT8iNmD/syqALfxKYX/Gk1vvBBFoPA7Bx7i77PQSEdmekOyDu6IbDId5CS
xHusO2T5aoepmynOxASb0P4MXQDzyf1FoB+2cQfoiMvY1OFmYrL5NyL5grFRtDUC
GqFEp35lUfnp99qfZvxVGowr2lmZ22IgIkXRgkNoLfi13WhJJXpB0SBGlh8ejo8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-fra.rpki-client.org