Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/sOmB6_oYgVyhcrYsyrdXau_cneQ.roa
File: sOmB6_oYgVyhcrYsyrdXau_cneQ.roa (raw, json)
Hash identifier: ayRa/ea/uE+qlW3NAWpNedQYRLxj/sV6UE2YdpYSESg=
Subject key identifier: B0:E9:81:EB:FA:18:81:5C:A1:72:B6:2C:CA:B7:57:6A:EF:DC:9D:E4
Certificate issuer: /CN=3ad734cf90c773428806b968209515b914831a9d
Certificate serial: 09571344
Authority key identifier: 3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/sOmB6_oYgVyhcrYsyrdXau_cneQ.roa
Signing time: Sat 01 Jan 2022 16:03:18 +0000
ROA not before: Sat 01 Jan 2022 16:03:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48894
IP address blocks: 152.89.232.0/23 maxlen: 23
152.89.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156701508 (0x9571344)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad734cf90c773428806b968209515b914831a9d
Validity
Not Before: Jan 1 16:03:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0e981ebfa18815ca172b62ccab7576aefdc9de4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:11:fc:db:b1:11:44:e5:c0:b3:36:b8:f9:97:
bb:32:02:4d:8b:cd:ad:b3:9f:0b:52:7e:22:90:e8:
c8:65:bd:17:59:a8:3c:ac:62:5b:e6:b3:d6:17:67:
0b:6f:39:26:09:0a:04:b1:9f:d7:98:23:31:43:f0:
49:ab:34:e2:98:fb:4e:d8:40:f5:0c:89:99:69:c7:
a3:f5:f1:e2:57:d0:f0:e0:98:3f:81:77:85:3c:de:
f8:79:51:df:76:50:f6:15:83:dc:cc:62:79:67:1b:
3f:15:0b:d6:fc:49:3b:ab:45:ef:99:31:fc:1b:9d:
77:b0:d4:7a:31:f7:d8:f3:b4:28:fb:fd:5b:d3:de:
08:e6:be:aa:54:27:07:ea:d7:9d:d7:2e:d1:eb:1c:
e0:80:ed:1e:36:23:45:41:05:b4:48:0b:8a:41:6d:
95:98:43:ae:d0:a5:2a:89:ab:3e:95:45:82:78:2f:
a0:c2:15:ed:0b:c2:10:6a:07:ed:fc:56:bd:78:9f:
46:29:f7:37:af:86:21:0f:72:3a:a9:53:6f:5c:f9:
8f:11:c1:e1:a0:9b:d5:30:a0:bb:00:36:18:1f:1a:
4b:3e:83:0a:fe:10:bd:4f:c3:58:92:f2:22:8f:df:
90:96:71:ef:e5:a1:ed:9b:ad:0b:7f:16:93:6b:86:
ca:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E9:81:EB:FA:18:81:5C:A1:72:B6:2C:CA:B7:57:6A:EF:DC:9D:E4
X509v3 Authority Key Identifier:
keyid:3A:D7:34:CF:90:C7:73:42:88:06:B9:68:20:95:15:B9:14:83:1A:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Otc0z5DHc0KIBrloIJUVuRSDGp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/sOmB6_oYgVyhcrYsyrdXau_cneQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ebf381-00c8-480d-a66c-76a1d4d83197/1/Otc0z5DHc0KIBrloIJUVuRSDGp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.232.0-152.89.234.255
Signature Algorithm: sha256WithRSAEncryption
14:45:60:66:19:01:24:7d:d0:d4:ff:74:58:e9:b1:fd:b7:ba:
ff:73:3d:f2:ee:bd:63:86:31:0d:2a:a2:60:61:3e:88:88:5c:
f1:1d:57:6e:b0:12:c4:55:e6:1c:8f:e2:e3:f5:b0:30:9e:95:
d8:df:c8:44:1b:54:20:a4:21:b9:50:c1:65:f4:5b:37:a3:14:
d1:f6:c5:a1:fe:ca:8c:03:fa:e2:c9:1c:3f:ce:78:54:43:85:
b1:10:8e:64:8e:1e:27:9c:e8:90:27:06:f0:06:23:41:16:8a:
ac:c0:ff:d3:0e:9d:df:c4:d4:ed:3d:6a:4f:d7:0e:c0:5e:4e:
fb:85:7f:58:0b:dd:09:b5:ec:70:ea:bd:e7:97:4c:d2:5b:9d:
5c:7b:e9:63:55:d7:e4:d9:8d:09:47:3b:66:c3:48:a0:61:d2:
57:a0:c3:3a:76:62:29:37:22:0c:c5:0c:8d:4e:7e:1b:e5:ee:
4a:40:4d:5e:df:16:40:33:ed:58:fb:ba:68:38:7d:3a:a9:98:
83:8c:d4:11:0e:2d:4d:b9:55:2f:38:00:64:b8:d3:b6:5e:2e:
56:4d:fb:08:4b:1c:60:c2:ba:85:01:bc:d3:16:a0:04:73:42:
51:34:05:f0:b3:6e:83:b4:94:f0:8c:f2:f5:0f:44:1c:5f:41:
fb:86:9d:62
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECVcTRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWQ3MzRjZjkwYzc3MzQyODgwNmI5NjgyMDk1MTViOTE0ODMxYTlkMB4XDTIyMDEw
MTE2MDMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBlOTgxZWJmYTE4
ODE1Y2ExNzJiNjJjY2FiNzU3NmFlZmRjOWRlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMUR/NuxEUTlwLM2uPmXuzICTYvNrbOfC1J+IpDoyGW9F1mo
PKxiW+az1hdnC285JgkKBLGf15gjMUPwSas04pj7TthA9QyJmWnHo/Xx4lfQ8OCY
P4F3hTze+HlR33ZQ9hWD3MxieWcbPxUL1vxJO6tF75kx/Budd7DUejH32PO0KPv9
W9PeCOa+qlQnB+rXndcu0esc4IDtHjYjRUEFtEgLikFtlZhDrtClKomrPpVFgngv
oMIV7QvCEGoH7fxWvXifRin3N6+GIQ9yOqlTb1z5jxHB4aCb1TCguwA2GB8aSz6D
Cv4QvU/DWJLyIo/fkJZx7+Wh7ZutC38Wk2uGyv0CAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSw6YHr+hiBXKFytizKt1dq79yd5DAfBgNVHSMEGDAWgBQ61zTPkMdzQogG
uWgglRW5FIManTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L090YzB6NURIYzBLSUJybG9JSlVWdVJTREdwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZWJmMzgxLTAwYzgtNDgwZC1hNjZjLTc2YTFkNGQ4MzE5Ny8x
L3NPbUI2X29ZZ1Z5aGNyWXN5cmRYYXVfY25lUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZWJmMzgxLTAwYzgtNDgwZC1hNjZjLTc2YTFkNGQ4MzE5Ny8xL090YzB6NURIYzBL
SUJybG9JSlVWdVJTREdwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDmFnoAwQAmFnqMA0GCSqGSIb3
DQEBCwUAA4IBAQAURWBmGQEkfdDU/3RY6bH9t7r/cz3y7r1jhjENKqJgYT6IiFzx
HVdusBLEVeYcj+Lj9bAwnpXY38hEG1QgpCG5UMFl9Fs3oxTR9sWh/sqMA/riyRw/
znhUQ4WxEI5kjh4nnOiQJwbwBiNBFoqswP/TDp3fxNTtPWpP1w7AXk77hX9YC90J
texw6r3nl0zSW51ce+ljVdfk2Y0JRztmw0igYdJXoMM6dmIpNyIMxQyNTn4b5e5K
QE1e3xZAM+1Y+7poOH06qZiDjNQRDi1NuVUvOABkuNO2Xi5WTfsISxxgwrqFAbzT
FqAEc0JRNAXws26DtJTwjPL1D0QcX0H7hp1i
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:19 2024 by rpki-client on console-ams.rpki-client.org