Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/IDJa2_4QHIvfqsLd4VmAHuO3_fE.roa
File: IDJa2_4QHIvfqsLd4VmAHuO3_fE.roa (raw, json)
Hash identifier: NLRAKzrD/7ptZawXAli+HZrbXY5NR/k6wli+14hrVLI=
Subject key identifier: 20:32:5A:DB:FE:10:1C:8B:DF:AA:C2:DD:E1:59:80:1E:E3:B7:FD:F1
Certificate issuer: /CN=f7e679e58e4b8bf63e95002b54be471d634b9506
Certificate serial: 072F30B4
Authority key identifier: F7:E6:79:E5:8E:4B:8B:F6:3E:95:00:2B:54:BE:47:1D:63:4B:95:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/IDJa2_4QHIvfqsLd4VmAHuO3_fE.roa
Signing time: Mon 23 May 2022 13:27:29 +0000
ROA not before: Mon 23 May 2022 13:27:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209358
IP address blocks: 152.89.68.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120533172 (0x72f30b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7e679e58e4b8bf63e95002b54be471d634b9506
Validity
Not Before: May 23 13:27:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20325adbfe101c8bdfaac2dde159801ee3b7fdf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e2:38:42:4c:17:1f:e6:31:61:40:b8:c3:f4:
29:90:30:45:a8:69:5f:79:71:2b:30:82:b1:2c:99:
20:d3:9b:1a:37:20:b5:d6:59:49:96:d3:26:ff:ca:
8f:63:47:bc:88:f4:51:af:ea:59:dc:df:15:bd:ee:
d5:8e:e0:ed:d8:72:c4:70:e0:c4:09:78:c0:73:47:
16:3b:ec:0b:87:e2:44:9c:0a:dd:67:d9:3a:92:57:
9e:b0:6d:ff:16:54:01:eb:cc:5c:fa:ae:1e:fa:32:
23:0d:2d:c0:6f:c7:6c:d8:db:0c:d3:9f:45:ae:07:
da:a0:9c:0f:33:8c:7e:50:ec:23:f3:f1:b9:e8:40:
87:05:91:49:48:90:6c:0f:56:de:a7:95:a7:42:c6:
00:2a:b6:eb:4e:5b:e7:ae:3b:3c:e6:fc:77:10:00:
89:19:3e:7d:41:29:61:68:91:7f:f8:4e:e1:92:5a:
d1:76:08:c0:36:a6:8f:a5:54:cf:a9:d5:e9:d0:d4:
d8:41:42:4d:4f:29:70:be:07:8d:41:87:4e:f3:a7:
fe:a6:37:09:ab:81:b9:c5:0b:b7:03:40:94:df:04:
de:d3:c3:e9:04:29:ab:ae:bd:9c:24:af:8f:36:15:
ae:52:1d:10:2a:c8:ee:ff:a8:86:ee:c2:5d:09:bc:
d6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:32:5A:DB:FE:10:1C:8B:DF:AA:C2:DD:E1:59:80:1E:E3:B7:FD:F1
X509v3 Authority Key Identifier:
keyid:F7:E6:79:E5:8E:4B:8B:F6:3E:95:00:2B:54:BE:47:1D:63:4B:95:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/IDJa2_4QHIvfqsLd4VmAHuO3_fE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/4fc787-e681-4e16-b1ec-a1c5d7eb4bd7/1/9-Z55Y5Li_Y-lQArVL5HHWNLlQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.68.0/22
Signature Algorithm: sha256WithRSAEncryption
78:6d:5d:5d:4a:7d:32:af:ee:94:00:d6:92:38:9f:e5:07:dd:
dd:4a:f7:cd:c6:f0:2f:79:27:55:17:41:d1:68:24:dc:9a:27:
07:7d:8e:ac:b4:b6:34:1d:30:63:8b:7b:73:72:82:20:f4:7c:
f6:73:9b:ce:fb:3c:4e:95:18:35:2a:39:19:bc:01:ae:f3:fc:
01:79:d5:c1:43:62:69:5d:5d:3d:f5:f4:c8:0c:a3:fb:80:ec:
07:ab:84:86:f6:5e:d4:10:27:ac:38:8a:a3:71:27:3a:29:77:
d0:a8:9a:26:bc:75:05:28:73:32:11:21:96:a5:78:b4:bb:b6:
e1:f4:71:ea:5f:99:c4:a1:a3:6a:65:99:65:df:e1:c7:97:5b:
6e:ee:6e:9f:af:5a:48:ce:b9:fd:ca:f4:fb:a3:42:8d:6d:5b:
8d:f7:ac:76:c3:4d:e8:1b:07:6f:f6:45:27:a5:88:ed:4e:9d:
73:d6:c9:2a:d9:8b:11:c1:fb:d1:0f:9f:cb:a3:a5:6d:69:cf:
b1:77:92:73:62:3a:20:21:a6:7c:8f:bb:97:6f:96:98:ad:0c:
fb:8b:98:42:e7:83:fc:bf:4c:8f:34:ea:81:0e:96:43:13:7e:
f5:0d:75:a5:4c:a7:37:07:3d:de:da:d3:d9:81:31:3e:7f:73:
7a:46:51:7a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBy8wtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
N2U2NzllNThlNGI4YmY2M2U5NTAwMmI1NGJlNDcxZDYzNGI5NTA2MB4XDTIyMDUy
MzEzMjcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjAzMjVhZGJmZTEw
MWM4YmRmYWFjMmRkZTE1OTgwMWVlM2I3ZmRmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKriOEJMFx/mMWFAuMP0KZAwRahpX3lxKzCCsSyZINObGjcg
tdZZSZbTJv/Kj2NHvIj0Ua/qWdzfFb3u1Y7g7dhyxHDgxAl4wHNHFjvsC4fiRJwK
3WfZOpJXnrBt/xZUAevMXPquHvoyIw0twG/HbNjbDNOfRa4H2qCcDzOMflDsI/Px
uehAhwWRSUiQbA9W3qeVp0LGACq2605b5647POb8dxAAiRk+fUEpYWiRf/hO4ZJa
0XYIwDamj6VUz6nV6dDU2EFCTU8pcL4HjUGHTvOn/qY3CauBucULtwNAlN8E3tPD
6QQpq669nCSvjzYVrlIdECrI7v+ohu7CXQm81mcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQgMlrb/hAci9+qwt3hWYAe47f98TAfBgNVHSMEGDAWgBT35nnljkuL9j6V
ACtUvkcdY0uVBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzktWjU1WTVMaV9ZLWxRQXJWTDVISFdOTGxRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvNGZjNzg3LWU2ODEtNGUxNi1iMWVjLWExYzVkN2ViNGJkNy8x
L0lESmEyXzRRSEl2ZnFzTGQ0Vm1BSHVPM19mRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
NGZjNzg3LWU2ODEtNGUxNi1iMWVjLWExYzVkN2ViNGJkNy8xLzktWjU1WTVMaV9Z
LWxRQXJWTDVISFdOTGxRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAphZRDANBgkqhkiG9w0BAQsFAAOC
AQEAeG1dXUp9Mq/ulADWkjif5Qfd3Ur3zcbwL3knVRdB0Wgk3JonB32OrLS2NB0w
Y4t7c3KCIPR89nObzvs8TpUYNSo5GbwBrvP8AXnVwUNiaV1dPfX0yAyj+4DsB6uE
hvZe1BAnrDiKo3EnOil30KiaJrx1BShzMhEhlqV4tLu24fRx6l+ZxKGjamWZZd/h
x5dbbu5un69aSM65/cr0+6NCjW1bjfesdsNN6BsHb/ZFJ6WI7U6dc9bJKtmLEcH7
0Q+fy6OlbWnPsXeSc2I6ICGmfI+7l2+WmK0M+4uYQueD/L9MjzTqgQ6WQxN+9Q11
pUynNwc93trT2YExPn9zekZReg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:56 2023 by rpki-client on console-fra.rpki-client.org