Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/5d8327-f01d-4f7a-b955-8e0b3f5897b9/1/icw2bcRuXcVHibEr9C2TcIOnuIA.roa
File: icw2bcRuXcVHibEr9C2TcIOnuIA.roa (raw, json)
Hash identifier: A8/eEwbUJi2xwK7/XDIxsWbu3Fpj8UxAfIWuVHXlMTs=
Subject key identifier: 89:CC:36:6D:C4:6E:5D:C5:47:89:B1:2B:F4:2D:93:70:83:A7:B8:80
Certificate issuer: /CN=d1dbf31fd9379cab5c50afd392a2ee905718835f
Certificate serial: 021F5FFC
Authority key identifier: D1:DB:F3:1F:D9:37:9C:AB:5C:50:AF:D3:92:A2:EE:90:57:18:83:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0dvzH9k3nKtcUK_TkqLukFcYg18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/5d8327-f01d-4f7a-b955-8e0b3f5897b9/1/icw2bcRuXcVHibEr9C2TcIOnuIA.roa
Signing time: Sat 01 Jan 2022 07:57:55 +0000
ROA not before: Sat 01 Jan 2022 07:57:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60654
IP address blocks: 195.5.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35610620 (0x21f5ffc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1dbf31fd9379cab5c50afd392a2ee905718835f
Validity
Not Before: Jan 1 07:57:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89cc366dc46e5dc54789b12bf42d937083a7b880
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:24:8f:0e:55:0f:4c:7b:c3:10:2e:95:52:de:
9e:9a:90:5f:46:e7:ca:b5:fe:77:41:fd:0a:2a:e2:
8d:b4:e1:61:0b:1b:48:f8:90:a7:90:60:76:6a:e8:
b9:75:ec:af:f8:32:e1:3b:00:be:b3:0a:1a:c2:e7:
5b:c8:3e:6e:a7:58:b4:90:a2:8d:e9:8a:48:eb:4b:
fe:be:2f:ea:2e:72:fd:91:e3:5d:f5:65:d7:f9:fc:
d8:f0:3b:41:15:86:d3:b8:b4:62:1d:f1:6c:90:30:
5c:9e:c6:3c:3a:ff:82:e2:da:3e:b5:b3:6d:7b:c7:
71:80:61:18:3d:37:a1:96:4c:f5:56:99:e7:14:70:
2a:b3:8b:e3:0d:a7:d5:d9:50:0f:43:d4:78:cb:f8:
9e:b3:72:77:a6:3e:cf:fc:a3:21:c3:6e:de:2b:94:
b3:ea:3e:f7:40:cc:50:3b:62:12:1b:33:76:a7:46:
33:b6:b1:fe:06:a8:3e:c0:ac:75:8f:37:99:a4:18:
6e:4e:e7:da:88:36:8a:95:65:b4:d3:30:23:cf:10:
54:aa:08:fb:94:c3:7d:5a:9d:b4:b7:46:6e:3f:27:
e5:46:97:fc:e4:4b:78:47:f0:57:16:00:20:32:6a:
cc:a9:80:2b:68:19:b4:49:59:a1:5b:76:0e:d8:d0:
90:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CC:36:6D:C4:6E:5D:C5:47:89:B1:2B:F4:2D:93:70:83:A7:B8:80
X509v3 Authority Key Identifier:
keyid:D1:DB:F3:1F:D9:37:9C:AB:5C:50:AF:D3:92:A2:EE:90:57:18:83:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dvzH9k3nKtcUK_TkqLukFcYg18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/5d8327-f01d-4f7a-b955-8e0b3f5897b9/1/icw2bcRuXcVHibEr9C2TcIOnuIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/5d8327-f01d-4f7a-b955-8e0b3f5897b9/1/0dvzH9k3nKtcUK_TkqLukFcYg18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.5.189.0/24
Signature Algorithm: sha256WithRSAEncryption
39:0a:75:38:af:01:b4:a0:cf:ca:e7:f1:25:e7:1d:f5:5d:e8:
31:0d:2e:1a:33:98:9b:88:fd:a4:56:10:27:31:0f:b0:35:b2:
d3:12:c6:0a:6e:51:d8:c1:1c:76:08:54:fe:64:59:8d:f3:24:
3f:c0:52:6b:56:51:51:bb:74:ec:a8:36:c6:6b:56:af:73:bc:
e0:ee:82:e0:6c:cf:d9:45:ef:9f:75:95:dd:07:69:2c:97:ee:
32:f9:40:84:fb:73:84:34:23:fb:aa:6b:32:6f:49:7d:0c:2d:
14:06:cc:9a:38:a9:ba:75:61:da:e1:00:18:50:80:f0:91:d3:
b9:3b:4b:89:a3:ee:3c:b2:d5:64:6e:c1:fc:82:9a:30:1e:a8:
66:8d:09:46:8f:03:a3:cf:8a:65:76:a0:75:46:02:c7:55:ca:
c7:b6:f9:7a:eb:f5:fd:bc:aa:c9:7b:3b:26:2a:ac:fe:a5:73:
97:56:17:52:d8:a9:0a:6c:fe:1d:ba:58:45:21:e6:89:21:fc:
1d:76:09:09:99:bf:a4:81:4e:1c:23:0e:c6:88:ff:01:49:a5:
23:f7:a8:75:2f:76:5d:76:69:7e:0f:d0:91:62:52:69:ac:4c:
1b:ba:c4:8c:ac:fb:55:56:5e:5b:a5:9d:fd:a8:65:41:6e:db:
48:56:56:08
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAh9f/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MWRiZjMxZmQ5Mzc5Y2FiNWM1MGFmZDM5MmEyZWU5MDU3MTg4MzVmMB4XDTIyMDEw
MTA3NTc1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODljYzM2NmRjNDZl
NWRjNTQ3ODliMTJiZjQyZDkzNzA4M2E3Yjg4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMokjw5VD0x7wxAulVLenpqQX0bnyrX+d0H9CirijbThYQsb
SPiQp5BgdmrouXXsr/gy4TsAvrMKGsLnW8g+bqdYtJCijemKSOtL/r4v6i5y/ZHj
XfVl1/n82PA7QRWG07i0Yh3xbJAwXJ7GPDr/guLaPrWzbXvHcYBhGD03oZZM9VaZ
5xRwKrOL4w2n1dlQD0PUeMv4nrNyd6Y+z/yjIcNu3iuUs+o+90DMUDtiEhszdqdG
M7ax/gaoPsCsdY83maQYbk7n2og2ipVltNMwI88QVKoI+5TDfVqdtLdGbj8n5UaX
/ORLeEfwVxYAIDJqzKmAK2gZtElZoVt2DtjQkK8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSJzDZtxG5dxUeJsSv0LZNwg6e4gDAfBgNVHSMEGDAWgBTR2/Mf2Tecq1xQ
r9OSou6QVxiDXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBkdnpIOWszbkt0Y1VLX1RrcUx1a0ZjWWcxOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvNWQ4MzI3LWYwMWQtNGY3YS1iOTU1LThlMGIzZjU4OTdiOS8x
L2ljdzJiY1J1WGNWSGliRXI5QzJUY0lPbnVJQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
NWQ4MzI3LWYwMWQtNGY3YS1iOTU1LThlMGIzZjU4OTdiOS8xLzBkdnpIOWszbkt0
Y1VLX1RrcUx1a0ZjWWcxOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMFvTANBgkqhkiG9w0BAQsFAAOC
AQEAOQp1OK8BtKDPyufxJecd9V3oMQ0uGjOYm4j9pFYQJzEPsDWy0xLGCm5R2MEc
dghU/mRZjfMkP8BSa1ZRUbt07Kg2xmtWr3O84O6C4GzP2UXvn3WV3QdpLJfuMvlA
hPtzhDQj+6prMm9JfQwtFAbMmjipunVh2uEAGFCA8JHTuTtLiaPuPLLVZG7B/IKa
MB6oZo0JRo8Do8+KZXagdUYCx1XKx7b5euv1/byqyXs7Jiqs/qVzl1YXUtipCmz+
HbpYRSHmiSH8HXYJCZm/pIFOHCMOxoj/AUmlI/eodS92XXZpfg/QkWJSaaxMG7rE
jKz7VVZeW6Wd/ahlQW7bSFZWCA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:11 2023 by rpki-client on console-ams.rpki-client.org