Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/PxQV0pLf-ljX4QPlUD7jvjyVZQ4.roa
File: PxQV0pLf-ljX4QPlUD7jvjyVZQ4.roa (raw, json)
Hash identifier: dHOoXa7UauxkjbdSdcs/iuWatZmvyqQ3xU4ecqo1VcE=
Subject key identifier: 3F:14:15:D2:92:DF:FA:58:D7:E1:03:E5:50:3E:E3:BE:3C:95:65:0E
Certificate issuer: /CN=a8d52cc870606a3f3f32c0fff97cf6931fa65ca3
Certificate serial: 038A36C2
Authority key identifier: A8:D5:2C:C8:70:60:6A:3F:3F:32:C0:FF:F9:7C:F6:93:1F:A6:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qNUsyHBgaj8_MsD_-Xz2kx-mXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/PxQV0pLf-ljX4QPlUD7jvjyVZQ4.roa
Signing time: Thu 10 Feb 2022 14:02:10 +0000
ROA not before: Thu 10 Feb 2022 14:02:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207710
IP address blocks: 89.22.224.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59389634 (0x38a36c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8d52cc870606a3f3f32c0fff97cf6931fa65ca3
Validity
Not Before: Feb 10 14:02:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f1415d292dffa58d7e103e5503ee3be3c95650e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dd:ed:6e:37:74:f0:79:22:19:49:ba:f6:06:
24:f3:7c:0b:bd:f3:d7:59:8c:e3:c0:69:b1:2a:ef:
6a:25:ed:98:37:b6:aa:70:7a:6e:84:33:61:cd:df:
d3:9f:ee:3b:b7:e6:7b:35:0b:7a:e0:96:93:fc:91:
33:03:15:62:9b:57:c0:8e:52:f1:94:dc:e7:53:5f:
d6:69:5b:29:4f:5a:86:08:87:ab:95:9e:07:93:fa:
9c:39:92:b7:2d:62:db:9e:13:13:d3:76:e6:b8:0b:
77:2b:ce:92:d6:4c:34:0f:ec:bf:32:88:dd:52:96:
36:b8:b9:40:3b:79:b6:a9:85:c2:10:fc:32:d8:ca:
b7:d2:b4:e4:a8:45:56:b5:c6:e0:e7:dd:61:a1:ab:
e6:e9:a7:dc:0a:1a:5b:53:40:23:50:e3:da:f0:14:
32:1c:6f:2e:72:fa:ee:1b:59:57:da:d4:19:93:05:
60:11:03:5a:b8:bc:68:d4:31:43:ae:a7:8a:e3:34:
be:8a:7f:13:87:a4:f4:fa:19:c5:87:df:a6:87:18:
d3:bd:e9:04:1d:ea:ef:28:f8:ce:40:27:7e:26:ba:
c3:a2:ee:de:5d:35:53:80:69:90:74:41:10:97:d0:
55:42:63:7a:fb:ac:9e:e4:66:3d:40:61:f0:d7:93:
42:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:14:15:D2:92:DF:FA:58:D7:E1:03:E5:50:3E:E3:BE:3C:95:65:0E
X509v3 Authority Key Identifier:
keyid:A8:D5:2C:C8:70:60:6A:3F:3F:32:C0:FF:F9:7C:F6:93:1F:A6:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qNUsyHBgaj8_MsD_-Xz2kx-mXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/PxQV0pLf-ljX4QPlUD7jvjyVZQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/qNUsyHBgaj8_MsD_-Xz2kx-mXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.224.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:c2:86:0e:81:aa:36:d7:74:93:94:ca:77:b3:5c:fd:33:0f:
d1:55:f9:a7:88:f9:07:f0:f6:21:27:eb:65:f7:dd:9c:10:87:
c3:c4:57:15:e6:04:e7:e1:bb:61:56:ab:25:1d:01:18:af:c2:
da:b7:1e:89:ae:12:5a:7a:8a:23:6b:6c:a2:a9:b7:0f:b9:d3:
8d:c0:91:68:53:2f:4d:6b:f9:7a:df:97:03:d7:d3:83:d2:43:
5f:af:c0:da:44:cb:56:4c:dc:4a:fc:96:78:2a:35:e0:27:54:
0c:e3:e4:75:d7:aa:0a:56:be:0e:6d:a5:95:9b:53:93:a5:98:
f3:8c:7f:c7:10:58:e6:f9:d2:cc:ea:e3:72:97:2f:78:51:de:
86:9b:79:94:65:b9:ab:e5:b0:c5:ca:48:30:80:c1:b6:69:f8:
b8:67:6c:10:49:ce:ad:f3:9c:ed:6b:90:39:50:6c:1a:5f:6b:
b1:e3:aa:33:9a:68:f9:c9:97:f5:f1:5f:c7:d8:e1:18:85:ce:
7b:2b:f4:08:83:78:51:35:6a:81:6b:47:3d:a3:e4:91:4c:83:
cc:96:b9:f2:ea:ac:44:d9:5c:fd:c9:91:b2:43:ac:14:78:9c:
bc:92:af:bf:d4:03:f1:ae:9a:91:0b:c5:1f:c7:32:c2:e3:76:
ff:3d:ef:2f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA4o2wjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OGQ1MmNjODcwNjA2YTNmM2YzMmMwZmZmOTdjZjY5MzFmYTY1Y2EzMB4XDTIyMDIx
MDE0MDIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2YxNDE1ZDI5MmRm
ZmE1OGQ3ZTEwM2U1NTAzZWUzYmUzYzk1NjUwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrd7W43dPB5IhlJuvYGJPN8C73z11mM48BpsSrvaiXtmDe2
qnB6boQzYc3f05/uO7fmezULeuCWk/yRMwMVYptXwI5S8ZTc51Nf1mlbKU9ahgiH
q5WeB5P6nDmSty1i254TE9N25rgLdyvOktZMNA/svzKI3VKWNri5QDt5tqmFwhD8
MtjKt9K05KhFVrXG4OfdYaGr5umn3AoaW1NAI1Dj2vAUMhxvLnL67htZV9rUGZMF
YBEDWri8aNQxQ66niuM0vop/E4ek9PoZxYffpocY073pBB3q7yj4zkAnfia6w6Lu
3l01U4BpkHRBEJfQVUJjevusnuRmPUBh8NeTQpcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ/FBXSkt/6WNfhA+VQPuO+PJVlDjAfBgNVHSMEGDAWgBSo1SzIcGBqPz8y
wP/5fPaTH6ZcozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FOVXN5SEJnYWo4X01zRF8tWHoya3gtbVhLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvZmUxMzFkLWFhMTAtNGM2Yi04MTI4LWY1NWJjOGFmMTUwNi8x
L1B4UVYwcExmLWxqWDRRUGxVRDdqdmp5VlpRNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
ZmUxMzFkLWFhMTAtNGM2Yi04MTI4LWY1NWJjOGFmMTUwNi8xL3FOVXN5SEJnYWo4
X01zRF8tWHoya3gtbVhLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFkW4DANBgkqhkiG9w0BAQsFAAOC
AQEAP8KGDoGqNtd0k5TKd7Nc/TMP0VX5p4j5B/D2ISfrZffdnBCHw8RXFeYE5+G7
YVarJR0BGK/C2rceia4SWnqKI2tsoqm3D7nTjcCRaFMvTWv5et+XA9fTg9JDX6/A
2kTLVkzcSvyWeCo14CdUDOPkddeqCla+Dm2llZtTk6WY84x/xxBY5vnSzOrjcpcv
eFHehpt5lGW5q+WwxcpIMIDBtmn4uGdsEEnOrfOc7WuQOVBsGl9rseOqM5po+cmX
9fFfx9jhGIXOeyv0CIN4UTVqgWtHPaPkkUyDzJa58uqsRNlc/cmRskOsFHicvJKv
v9QD8a6akQvFH8cywuN2/z3vLw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:16 2023 by rpki-client on console-fra.rpki-client.org