Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ItG4tX-PKaZsqx3zgtOXQIJ17-s.roa
File: ItG4tX-PKaZsqx3zgtOXQIJ17-s.roa (raw, json)
Hash identifier: pyTUG6AsTf5ja8gwY4wRnGGbyddVJ0ySRkwEv3d5Tfc=
Subject key identifier: 22:D1:B8:B5:7F:8F:29:A6:6C:AB:1D:F3:82:D3:97:40:82:75:EF:EB
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0CA8FB8F
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ItG4tX-PKaZsqx3zgtOXQIJ17-s.roa
Signing time: Thu 28 Apr 2022 12:49:51 +0000
ROA not before: Thu 28 Apr 2022 12:49:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57136
IP address blocks: 89.33.23.0/24 maxlen: 24
89.33.22.0/24 maxlen: 24
89.33.21.0/24 maxlen: 24
89.33.20.0/24 maxlen: 24
89.33.125.0/24 maxlen: 24
89.33.124.0/24 maxlen: 24
89.33.123.0/24 maxlen: 24
89.33.122.0/24 maxlen: 24
89.33.121.0/24 maxlen: 24
89.33.120.0/24 maxlen: 24
89.33.127.0/24 maxlen: 24
89.33.126.0/24 maxlen: 24
2a05:b680:9::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212401039 (0xca8fb8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Apr 28 12:49:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22d1b8b57f8f29a66cab1df382d397408275efeb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:17:c9:fe:1c:e0:16:b3:32:0d:30:b6:90:d9:
9c:f2:70:79:ba:1d:3f:25:fc:f1:2f:a3:e2:59:fc:
1f:d9:5c:64:e6:2f:36:ff:92:23:45:3d:14:62:a7:
67:c9:10:d0:d4:ac:90:17:c3:d4:1d:db:da:02:7a:
90:a8:fc:be:1e:8c:82:24:8a:ee:61:9f:da:d6:d0:
41:8d:47:00:d3:0d:2a:98:70:df:7f:45:c1:66:99:
0f:cb:19:bb:81:50:2e:14:e6:51:a0:ca:a8:0d:a8:
31:91:13:a6:f3:ac:ab:80:c0:ad:25:e2:af:14:dd:
82:e7:2a:d1:56:81:56:f3:7f:91:08:01:b9:a4:a8:
d3:e1:5c:36:8d:75:0f:fb:b3:d5:47:0c:17:18:bd:
fa:57:6b:de:b2:60:15:93:c8:9a:38:45:69:d5:01:
47:ee:ec:1d:50:e6:16:c2:3a:f0:37:1c:a6:70:c6:
20:11:81:3e:a0:18:1a:fb:7d:ec:0e:b4:83:4e:9a:
e4:d1:01:3d:7d:7a:30:d9:d8:98:97:8c:3a:27:56:
e5:00:7b:f3:ed:9e:58:13:6a:90:ef:9d:fe:7d:14:
7a:a6:ff:53:dc:5f:52:12:c6:9f:7e:6b:1e:d4:06:
3c:e9:da:af:ae:88:53:ea:8d:59:91:6c:25:10:cf:
1d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D1:B8:B5:7F:8F:29:A6:6C:AB:1D:F3:82:D3:97:40:82:75:EF:EB
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ItG4tX-PKaZsqx3zgtOXQIJ17-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.20.0/22
89.33.120.0/21
IPv6:
2a05:b680:9::/48
Signature Algorithm: sha256WithRSAEncryption
26:b8:92:34:f9:3b:6f:db:d2:ab:92:5d:9c:07:df:15:d3:59:
94:f9:45:8c:e0:05:9a:12:46:6f:9c:bb:f3:61:a7:27:d9:a4:
71:ee:e4:36:31:78:4e:a0:4c:23:28:d9:de:c4:c4:13:24:86:
e0:c5:f2:70:f4:79:1c:a3:d2:ea:ea:34:e0:fd:b7:a3:70:77:
81:64:b5:1d:8e:53:9b:2d:df:44:c4:04:a5:58:ca:b9:a0:c1:
80:fb:5a:43:b5:3a:92:72:a9:16:43:5d:b2:ed:06:a6:c9:a7:
38:9b:0f:54:45:fc:ad:10:4e:8f:dc:75:ae:4b:84:23:68:97:
d4:90:0a:c8:ff:06:46:10:90:1a:1f:68:4d:ea:f8:76:f3:12:
87:65:28:16:9c:63:15:e4:f9:be:d7:b1:e9:d8:f6:10:95:0c:
a0:aa:0c:4b:b7:f3:0a:aa:b1:a9:aa:9f:4d:da:2f:86:e3:ad:
48:95:6a:3d:fc:60:c2:37:aa:ae:cd:e9:ea:4f:9e:00:24:47:
a0:1f:85:a0:94:40:84:ff:d3:d6:9d:05:9b:8e:12:ae:6b:26:
9d:77:2c:6f:90:9b:ce:e5:d1:93:5a:66:3d:5f:4c:ee:86:15:
9c:db:dc:83:11:c1:5a:ef:0e:47:04:7b:70:b5:24:80:43:b9:
9a:d6:cd:0e
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEDKj7jzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDQy
ODEyNDk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjJkMWI4YjU3Zjhm
MjlhNjZjYWIxZGYzODJkMzk3NDA4Mjc1ZWZlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM4Xyf4c4BazMg0wtpDZnPJwebodPyX88S+j4ln8H9lcZOYv
Nv+SI0U9FGKnZ8kQ0NSskBfD1B3b2gJ6kKj8vh6MgiSK7mGf2tbQQY1HANMNKphw
339FwWaZD8sZu4FQLhTmUaDKqA2oMZETpvOsq4DArSXirxTdgucq0VaBVvN/kQgB
uaSo0+FcNo11D/uz1UcMFxi9+ldr3rJgFZPImjhFadUBR+7sHVDmFsI68DccpnDG
IBGBPqAYGvt97A60g06a5NEBPX16MNnYmJeMOidW5QB78+2eWBNqkO+d/n0Ueqb/
U9xfUhLGn35rHtQGPOnar66IU+qNWZFsJRDPHU0CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQi0bi1f48ppmyrHfOC05dAgnXv6zAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L0l0RzR0WC1QS2Fac3F4M3pndE9YUUlKMTctcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAlkhFAMEA1kheDAPBAIAAjAJAwcA
KgW2gAAJMA0GCSqGSIb3DQEBCwUAA4IBAQAmuJI0+Ttv29Krkl2cB98V01mU+UWM
4AWaEkZvnLvzYacn2aRx7uQ2MXhOoEwjKNnexMQTJIbgxfJw9Hkco9Lq6jTg/bej
cHeBZLUdjlObLd9ExASlWMq5oMGA+1pDtTqScqkWQ12y7Qamyac4mw9URfytEE6P
3HWuS4QjaJfUkArI/wZGEJAaH2hN6vh28xKHZSgWnGMV5Pm+17Hp2PYQlQygqgxL
t/MKqrGpqp9N2i+G461IlWo9/GDCN6quzenqT54AJEegH4WglECE/9PWnQWbjhKu
ayaddyxvkJvO5dGTWmY9X0zuhhWc29yDEcFa7w5HBHtwtSSAQ7ma1s0O
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-fra.rpki-client.org