Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/1xQNKIUP46EtaAQsWibAcxjfkt8.roa
File: 1xQNKIUP46EtaAQsWibAcxjfkt8.roa (raw, json)
Hash identifier: KJiMLuDM1zJ+eJs+B0RAFRF/Wrk2EMnUaUVxXZjGNts=
Subject key identifier: D7:14:0D:28:85:0F:E3:A1:2D:68:04:2C:5A:26:C0:73:18:DF:92:DF
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 03FBFDB4
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/1xQNKIUP46EtaAQsWibAcxjfkt8.roa
Signing time: Sat 01 Jan 2022 01:52:26 +0000
ROA not before: Sat 01 Jan 2022 01:52:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41313
IP address blocks: 89.25.20.0/22 maxlen: 22
89.25.21.0/24 maxlen: 24
89.25.22.0/24 maxlen: 24
89.25.23.0/24 maxlen: 24
89.25.20.0/24 maxlen: 24
94.155.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66846132 (0x3fbfdb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 01:52:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d7140d28850fe3a12d68042c5a26c07318df92df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:85:cb:ee:d8:65:d5:42:95:4d:be:67:b9:31:
15:4b:e8:57:41:e2:d5:5f:7e:85:a0:b3:da:3a:bd:
b9:40:86:be:b1:4e:5d:b8:c4:0f:ee:5f:fe:32:03:
85:78:bb:de:d7:8a:a5:97:99:1d:ae:d6:1e:45:ee:
18:5b:db:ad:37:16:a8:b4:c9:1e:77:d6:e2:52:90:
e2:1b:c4:6a:bf:ed:c1:be:bf:56:2d:33:07:c8:92:
a7:d0:20:75:cf:90:f3:a3:c9:69:96:6d:c2:af:81:
ff:9a:af:08:09:fb:bd:79:bb:eb:f2:02:97:be:e2:
a4:90:54:64:aa:e7:04:70:af:14:a6:fd:60:39:a4:
b2:16:9c:fd:1f:6b:ed:06:84:f3:70:da:27:47:e3:
4f:b2:dc:b6:29:77:a1:a9:99:3d:1b:be:6b:92:88:
e5:01:0d:ba:25:f1:97:58:d8:49:74:f2:e7:fc:cf:
46:13:1b:7e:f5:02:2f:1e:25:a6:ea:79:95:5a:20:
b9:7e:bf:47:f7:eb:46:c5:61:2f:eb:80:7e:70:1b:
04:e4:9a:6e:c2:1d:4a:2c:4c:73:c3:d6:a1:60:64:
0a:62:b1:99:9c:85:21:2c:31:e4:7c:1b:04:a0:78:
52:6d:e8:96:2e:0d:c1:12:97:40:6b:e9:99:09:04:
a1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:14:0D:28:85:0F:E3:A1:2D:68:04:2C:5A:26:C0:73:18:DF:92:DF
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/1xQNKIUP46EtaAQsWibAcxjfkt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.25.20.0/22
94.155.175.0/24
Signature Algorithm: sha256WithRSAEncryption
21:0a:b5:11:79:08:e7:79:09:2d:00:6c:42:dc:e0:a3:3b:f0:
f4:b1:4c:9b:56:88:e9:17:ed:45:3a:e5:a3:ed:8e:13:7e:0b:
72:53:06:ce:ef:c1:08:ab:a8:ce:85:bb:3c:2a:28:29:1c:18:
26:b9:5b:d8:02:2e:d0:b3:4c:75:8d:e5:8c:be:55:30:ed:ce:
5a:4a:3d:0d:07:be:0e:ca:93:d4:75:da:1f:65:04:88:b5:76:
9c:4f:80:76:0d:df:c5:89:f2:e7:47:4e:0a:7f:c1:45:1e:34:
1e:26:88:78:89:d1:71:ed:e7:21:ea:e1:1e:45:40:d5:f5:5a:
5a:26:97:3c:5f:f9:23:1e:58:eb:b4:65:da:12:7a:d8:03:02:
35:52:51:69:b9:a1:5a:f2:ea:d6:e1:e5:9e:e7:62:7f:d0:7e:
5b:f0:a1:c5:c9:d5:ef:36:8f:5a:78:49:b5:a8:52:22:82:c4:
69:a1:ba:80:89:97:32:8f:bd:3b:20:00:03:38:fe:ff:ed:20:
2d:ae:60:3f:7e:e2:f8:25:e4:7f:bc:09:64:3e:3d:9e:ee:40:
87:90:a9:72:dc:03:f6:31:94:9c:61:39:94:b5:a0:ab:21:45:
e0:26:b8:0c:e3:42:8f:2b:a6:23:e9:79:66:3e:80:ca:b4:a5:
33:ec:bf:7d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA/v9tDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDdkNzU3M2FhY2FlODIxYzg3ZDZkMzY0MzFjZmU0YjI4MDFhYjQxMB4XDTIyMDEw
MTAxNTIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDcxNDBkMjg4NTBm
ZTNhMTJkNjgwNDJjNWEyNmMwNzMxOGRmOTJkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaFy+7YZdVClU2+Z7kxFUvoV0Hi1V9+haCz2jq9uUCGvrFO
XbjED+5f/jIDhXi73teKpZeZHa7WHkXuGFvbrTcWqLTJHnfW4lKQ4hvEar/twb6/
Vi0zB8iSp9Agdc+Q86PJaZZtwq+B/5qvCAn7vXm76/ICl77ipJBUZKrnBHCvFKb9
YDmkshac/R9r7QaE83DaJ0fjT7Lctil3oamZPRu+a5KI5QENuiXxl1jYSXTy5/zP
RhMbfvUCLx4lpup5lVoguX6/R/frRsVhL+uAfnAbBOSabsIdSixMc8PWoWBkCmKx
mZyFISwx5HwbBKB4Um3oli4NwRKXQGvpmQkEoecCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTXFA0ohQ/joS1oBCxaJsBzGN+S3zAfBgNVHSMEGDAWgBTQfXVzqsroIch9
bTZDHP5LKAGrQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBIMTFjNnJLNkNISWZXMDJReHotU3lnQnEwRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvNTcyNWNjLWFkNzAtNDZmOC1iYjYyLWNmOWRjNWJhYWE3OS8x
LzF4UU5LSVVQNDZFdGFBUXNXaWJBY3hqZmt0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
NTcyNWNjLWFkNzAtNDZmOC1iYjYyLWNmOWRjNWJhYWE3OS8xLzBIMTFjNnJLNkNI
SWZXMDJReHotU3lnQnEwRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlkZFAMEAF6brzANBgkqhkiG9w0B
AQsFAAOCAQEAIQq1EXkI53kJLQBsQtzgozvw9LFMm1aI6RftRTrlo+2OE34LclMG
zu/BCKuozoW7PCooKRwYJrlb2AIu0LNMdY3ljL5VMO3OWko9DQe+DsqT1HXaH2UE
iLV2nE+Adg3fxYny50dOCn/BRR40HiaIeInRce3nIerhHkVA1fVaWiaXPF/5Ix5Y
67Rl2hJ62AMCNVJRabmhWvLq1uHlnudif9B+W/ChxcnV7zaPWnhJtahSIoLEaaG6
gImXMo+9OyAAAzj+/+0gLa5gP37i+CXkf7wJZD49nu5Ah5CpctwD9jGUnGE5lLWg
qyFF4Ca4DONCjyumI+l5Zj6AyrSlM+y/fQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:08 2023 by rpki-client on console-ams.rpki-client.org