Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/Op1K1OzZ50oASW8O6FpMMjY7Z-A.roa
File: Op1K1OzZ50oASW8O6FpMMjY7Z-A.roa (raw, json)
Hash identifier: C5wX1EFMc5gn16ChAj1uwU4ZYADXhnIUCRhjtZuRxcg=
Subject key identifier: 3A:9D:4A:D4:EC:D9:E7:4A:00:49:6F:0E:E8:5A:4C:32:36:3B:67:E0
Certificate issuer: /CN=133deed883c2a690ce54829b48f9d78cd7b25fd7
Certificate serial: 01843CE4AEF6229D78C42AA6A561B280FF00
Authority key identifier: 13:3D:EE:D8:83:C2:A6:90:CE:54:82:9B:48:F9:D7:8C:D7:B2:5F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ez3u2IPCppDOVIKbSPnXjNeyX9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/Op1K1OzZ50oASW8O6FpMMjY7Z-A.roa
Signing time: Thu 03 Nov 2022 09:48:50 +0000
ROA not before: Thu 03 Nov 2022 09:48:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42487
IP address blocks: 89.28.144.0/21 maxlen: 21
2a01:58c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:e4:ae:f6:22:9d:78:c4:2a:a6:a5:61:b2:80:ff:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=133deed883c2a690ce54829b48f9d78cd7b25fd7
Validity
Not Before: Nov 3 09:48:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3a9d4ad4ecd9e74a00496f0ee85a4c32363b67e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0d:b8:0b:71:ff:6a:bf:72:d5:24:8e:30:62:
12:14:aa:df:2b:90:d4:10:f2:d4:e4:80:d5:41:06:
a5:78:7e:c8:c3:f3:b8:e3:c5:f2:39:a1:93:56:95:
8f:35:6f:75:8b:f7:5e:5f:cb:99:53:07:a0:e6:43:
20:68:8a:56:8b:6d:f1:74:84:25:0d:71:ab:eb:2e:
3e:55:b1:fc:a5:a9:f8:13:82:00:01:a6:35:5d:18:
2f:1f:80:18:f2:91:3d:a3:e7:43:3c:7a:11:9c:9e:
cc:39:e1:df:2e:28:93:ba:75:9c:9d:de:7c:5a:77:
4a:29:ca:f4:ff:c8:99:fe:0e:5d:33:d6:aa:f4:ec:
36:ca:82:e3:07:de:01:bd:09:f4:da:a1:5c:2e:e3:
46:cd:53:14:a8:16:18:0c:38:9d:b4:5d:9d:35:9c:
c5:92:7d:cf:d9:7b:b3:f8:97:b7:ff:38:48:9e:0b:
c3:87:5d:0c:8a:7e:54:6b:12:7f:fa:2b:b3:9d:e2:
0b:52:fc:29:16:5a:09:9c:35:6b:68:01:5e:07:6c:
8a:55:2c:6d:63:6b:d1:43:94:50:53:c3:01:c3:a6:
8f:3e:c4:27:f7:78:f7:17:ec:4e:5e:25:6f:2f:02:
d3:f7:9b:36:34:2e:21:06:c3:03:06:11:1a:13:10:
26:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9D:4A:D4:EC:D9:E7:4A:00:49:6F:0E:E8:5A:4C:32:36:3B:67:E0
X509v3 Authority Key Identifier:
keyid:13:3D:EE:D8:83:C2:A6:90:CE:54:82:9B:48:F9:D7:8C:D7:B2:5F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ez3u2IPCppDOVIKbSPnXjNeyX9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/Op1K1OzZ50oASW8O6FpMMjY7Z-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/Ez3u2IPCppDOVIKbSPnXjNeyX9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.144.0/21
IPv6:
2a01:58c0::/32
Signature Algorithm: sha256WithRSAEncryption
10:a3:78:8c:53:4a:8f:08:a3:bf:29:ee:3d:46:d8:a7:81:64:
ea:cd:42:4b:fd:05:9c:82:42:ae:6d:64:e7:53:81:a2:16:d2:
02:26:d9:0b:1e:2c:74:91:3b:87:d3:41:83:c0:13:c1:d7:63:
54:d6:fc:55:63:72:bd:d5:34:7f:bb:2d:91:05:ff:2a:2a:90:
fb:48:3c:a2:34:47:8d:96:fc:53:a1:32:77:b0:e4:f2:91:19:
e4:89:d6:9e:d3:9d:71:7d:bf:17:82:40:83:b9:50:0e:3c:64:
54:6b:70:fd:9d:c6:08:30:9f:bf:f4:85:62:22:51:34:e8:f2:
47:c8:5f:19:d4:88:94:e4:35:96:57:ac:9c:c3:6b:72:52:b7:
26:a2:f8:de:b6:3a:5f:04:d2:22:a4:d7:8d:38:8b:f7:c9:b1:
62:46:8d:e7:4f:bc:ff:4f:74:06:21:6d:8e:29:a6:66:b8:ad:
75:31:ad:51:a0:a5:e4:c0:40:a2:4f:d5:59:ee:1f:b0:22:bd:
54:90:66:dc:63:35:ce:db:3e:21:a8:ca:90:fd:97:c2:a7:cc:
bb:76:ab:43:85:dd:b4:ed:5a:e8:40:ee:0c:a0:4e:e5:a5:88:
4f:84:8e:6b:34:49:9b:42:74:a1:f7:88:78:2f:62:dc:7a:a9:
4b:23:4d:cc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQ85K72Ip14xCqmpWGygP8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzM2RlZWQ4ODNjMmE2OTBjZTU0ODI5YjQ4ZjlkNzhjZDdi
MjVmZDcwHhcNMjIxMTAzMDk0ODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTlkNGFkNGVjZDllNzRhMDA0OTZmMGVlODVhNGMzMjM2M2I2N2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA24C3H/ar9y1SSOMGISFKrfK5DU
EPLU5IDVQQaleH7Iw/O448XyOaGTVpWPNW91i/deX8uZUweg5kMgaIpWi23xdIQl
DXGr6y4+VbH8pan4E4IAAaY1XRgvH4AY8pE9o+dDPHoRnJ7MOeHfLiiTunWcnd58
WndKKcr0/8iZ/g5dM9aq9Ow2yoLjB94BvQn02qFcLuNGzVMUqBYYDDidtF2dNZzF
kn3P2Xuz+Je3/zhIngvDh10Min5UaxJ/+iuzneILUvwpFloJnDVraAFeB2yKVSxt
Y2vRQ5RQU8MBw6aPPsQn93j3F+xOXiVvLwLT95s2NC4hBsMDBhEaExAm3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDqdStTs2edKAElvDuhaTDI2O2fgMB8GA1UdIwQY
MBaAFBM97tiDwqaQzlSCm0j514zXsl/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXozdTJJUENwcERPVklLYlNQblhqTmV5WDljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9jNDQ0MDktYTY1ZC00YjhhLWJmZWEt
NGJlZGQzYmQ2ZWExLzEvT3AxSzFPelo1MG9BU1c4TzZGcE1Nalk3Wi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9jNDQ0MDktYTY1ZC00YjhhLWJmZWEtNGJlZGQzYmQ2ZWEx
LzEvRXozdTJJUENwcERPVklLYlNQblhqTmV5WDljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWRyQMA0E
AgACMAcDBQAqAVjAMA0GCSqGSIb3DQEBCwUAA4IBAQAQo3iMU0qPCKO/Ke49Rtin
gWTqzUJL/QWcgkKubWTnU4GiFtICJtkLHix0kTuH00GDwBPB12NU1vxVY3K91TR/
uy2RBf8qKpD7SDyiNEeNlvxToTJ3sOTykRnkidae051xfb8XgkCDuVAOPGRUa3D9
ncYIMJ+/9IViIlE06PJHyF8Z1IiU5DWWV6ycw2tyUrcmovjetjpfBNIipNeNOIv3
ybFiRo3nT7z/T3QGIW2OKaZmuK11Ma1RoKXkwECiT9VZ7h+wIr1UkGbcYzXO2z4h
qMqQ/ZfCp8y7dqtDhd207VroQO4MoE7lpYhPhI5rNEmbQnSh94h4L2LceqlLI03M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:01 2024 by rpki-client on console-fra.rpki-client.org