Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/xvookFiY_bjG8vpkUjRynIUgQbE.roa
File: xvookFiY_bjG8vpkUjRynIUgQbE.roa (raw, json)
Hash identifier: Yo0NXIyuFr0y74NPcR8LBCXti5KJDmspRY/sIPrJTpk=
Subject key identifier: C6:FA:28:90:58:98:FD:B8:C6:F2:FA:64:52:34:72:9C:85:20:41:B1
Certificate issuer: /CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Certificate serial: 046A9232
Authority key identifier: 69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/xvookFiY_bjG8vpkUjRynIUgQbE.roa
Signing time: Mon 28 Feb 2022 15:28:02 +0000
ROA not before: Mon 28 Feb 2022 15:28:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41535
IP address blocks: 89.253.192.0/21 maxlen: 21
89.253.200.0/21 maxlen: 21
89.253.203.0/24 maxlen: 24
193.32.198.0/23 maxlen: 23
89.253.208.0/21 maxlen: 21
89.253.216.0/21 maxlen: 21
89.253.224.0/21 maxlen: 21
89.253.232.0/21 maxlen: 21
89.253.240.0/21 maxlen: 21
89.253.248.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74093106 (0x46a9232)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Validity
Not Before: Feb 28 15:28:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6fa28905898fdb8c6f2fa645234729c852041b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9d:a1:5d:8c:52:82:34:82:75:82:94:7d:ad:
79:09:b8:f5:12:ab:c3:3f:24:a7:6c:7b:84:46:2f:
42:5f:e0:b1:35:cd:30:1b:f2:0a:fb:fa:9d:8b:53:
2f:ae:92:9f:4f:7d:ad:aa:70:41:a5:d5:dd:d0:44:
30:98:d5:7d:62:9d:de:42:f6:51:de:96:07:0f:96:
b1:38:20:a9:06:f7:3e:09:7d:ef:cc:35:0e:d1:84:
f9:1b:12:7f:d5:6f:ba:a4:64:2c:cb:02:c8:35:04:
29:91:d1:0a:70:fb:c1:37:be:e6:e0:d0:ac:73:bd:
ba:8e:26:16:f6:b9:1e:0a:a4:b4:85:7f:72:14:5a:
17:fe:32:80:e9:ed:f6:89:82:86:ee:e7:4e:55:dc:
a4:8e:87:68:de:e9:91:b9:b0:8e:aa:81:6f:19:ae:
48:15:bc:ba:5c:25:d7:15:c6:a5:78:01:db:f6:79:
da:db:a2:d0:62:9a:b4:de:2c:0c:7a:60:cd:56:66:
b2:79:d3:85:c2:8d:98:1b:87:77:3e:34:a1:96:8d:
50:ad:07:1c:f5:14:bf:d4:e5:f4:66:6d:63:98:df:
c6:b6:93:89:3e:e8:5a:ae:c9:49:67:2c:5a:8f:4c:
e9:a0:3c:2e:60:d8:b4:5c:e0:08:93:ce:39:3a:ff:
a5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FA:28:90:58:98:FD:B8:C6:F2:FA:64:52:34:72:9C:85:20:41:B1
X509v3 Authority Key Identifier:
keyid:69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/xvookFiY_bjG8vpkUjRynIUgQbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.253.192.0/18
193.32.198.0/23
Signature Algorithm: sha256WithRSAEncryption
33:00:d8:6a:19:80:a6:99:97:f7:16:42:bf:1f:f7:53:92:fb:
97:b0:10:3f:66:10:43:70:15:97:30:a5:02:bf:ed:6d:d3:d6:
bc:43:b4:dd:81:f9:52:22:aa:7d:cc:5b:c7:86:ce:cc:dd:b9:
34:bd:7b:ed:f2:19:90:86:41:c6:c4:08:b1:10:ab:ab:f1:d0:
dd:66:03:4b:82:cc:77:48:4f:83:c7:b9:0f:07:f6:30:b5:22:
59:46:93:bb:74:dd:98:df:ec:d5:02:b9:4f:0a:73:56:50:13:
d9:37:48:cb:5d:35:e2:88:9d:d7:11:f2:dd:a6:db:84:93:16:
c3:64:ac:3d:3b:29:ce:f5:81:c0:9c:81:9d:fb:98:ff:39:03:
ba:d7:a4:d2:07:95:2e:3a:14:b6:a2:7c:01:bb:27:1a:2e:79:
28:6d:f1:04:42:4a:40:17:19:4f:31:c2:b0:ba:cc:99:c5:d8:
9e:1b:02:1d:15:9c:de:a7:42:a2:d0:d3:c5:77:f2:aa:2f:8c:
84:9e:f2:9d:9a:b0:e0:d1:b0:cd:a2:9a:e8:3b:1f:c3:39:e4:
79:5a:cc:4c:30:81:30:49:26:53:d9:3c:dd:11:0c:df:92:d0:
8d:14:b5:61:51:00:58:97:31:3f:4b:9f:2e:93:7a:59:58:3a:
f4:9d:e6:ff
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBGqSMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OWE0ZDY5MTZiOTMxNTlhYTgwOTg0YTliMzc3NDY4M2JiNTUwZWJkMB4XDTIyMDIy
ODE1MjgwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZmYTI4OTA1ODk4
ZmRiOGM2ZjJmYTY0NTIzNDcyOWM4NTIwNDFiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAImdoV2MUoI0gnWClH2teQm49RKrwz8kp2x7hEYvQl/gsTXN
MBvyCvv6nYtTL66Sn099rapwQaXV3dBEMJjVfWKd3kL2Ud6WBw+WsTggqQb3Pgl9
78w1DtGE+RsSf9VvuqRkLMsCyDUEKZHRCnD7wTe+5uDQrHO9uo4mFva5HgqktIV/
chRaF/4ygOnt9omChu7nTlXcpI6HaN7pkbmwjqqBbxmuSBW8ulwl1xXGpXgB2/Z5
2tui0GKatN4sDHpgzVZmsnnThcKNmBuHdz40oZaNUK0HHPUUv9Tl9GZtY5jfxraT
iT7oWq7JSWcsWo9M6aA8LmDYtFzgCJPOOTr/pT0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTG+iiQWJj9uMby+mRSNHKchSBBsTAfBgNVHSMEGDAWgBRppNaRa5MVmqgJ
hKmzd0aDu1UOvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FhVFdrV3VURlpxb0NZU3BzM2RHZzd0VkRyMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYzAzMWU1LWZjNjctNDFmNS04ZWJlLTMxOTcxMTAwOTdjOS8x
L3h2b29rRmlZX2JqRzh2cGtValJ5bklVZ1FiRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YzAzMWU1LWZjNjctNDFmNS04ZWJlLTMxOTcxMTAwOTdjOS8xL2FhVFdrV3VURlpx
b0NZU3BzM2RHZzd0VkRyMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBln9wAMEAcEgxjANBgkqhkiG9w0B
AQsFAAOCAQEAMwDYahmAppmX9xZCvx/3U5L7l7AQP2YQQ3AVlzClAr/tbdPWvEO0
3YH5UiKqfcxbx4bOzN25NL177fIZkIZBxsQIsRCrq/HQ3WYDS4LMd0hPg8e5Dwf2
MLUiWUaTu3TdmN/s1QK5TwpzVlAT2TdIy1014oid1xHy3abbhJMWw2SsPTspzvWB
wJyBnfuY/zkDutek0geVLjoUtqJ8AbsnGi55KG3xBEJKQBcZTzHCsLrMmcXYnhsC
HRWc3qdCotDTxXfyqi+MhJ7ynZqw4NGwzaKa6DsfwznkeVrMTDCBMEkmU9k83REM
35LQjRS1YVEAWJcxP0ufLpN6WVg69J3m/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:05 2024 by rpki-client on console-fra.rpki-client.org