Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/IbAcM-h3V87ESzoHY3QFD00Wjbs.roa
File: IbAcM-h3V87ESzoHY3QFD00Wjbs.roa (raw, json)
Hash identifier: YF/3e+kL14yfPUQt0/Q3QDs2vnJrWuVj+I+0QRLaF6M=
Subject key identifier: 21:B0:1C:33:E8:77:57:CE:C4:4B:3A:07:63:74:05:0F:4D:16:8D:BB
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD52F0A1E0282B3572E481789985F9F
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/IbAcM-h3V87ESzoHY3QFD00Wjbs.roa
Signing time: Mon 02 Jan 2023 00:15:20 +0000
ROA not before: Mon 02 Jan 2023 00:15:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51626
IP address blocks: 89.40.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:2f:0a:1e:02:82:b3:57:2e:48:17:89:98:5f:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21b01c33e87757cec44b3a076374050f4d168dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:84:40:37:08:20:ab:50:ac:b0:cc:1c:db:bd:
01:b3:18:fe:50:ef:d9:06:b0:1f:2a:67:39:b9:e9:
a0:c9:2e:f5:a7:12:d0:6f:58:f2:20:77:f9:ec:d5:
fb:5c:18:b9:3a:fd:4f:32:f3:95:f4:d7:c3:4a:fd:
6f:fa:68:80:06:25:2f:fa:d5:3a:00:57:95:8d:e7:
e9:b5:68:9b:3d:17:c2:0d:dd:35:bc:77:c8:4d:32:
6d:3c:09:af:88:de:eb:0a:c7:1c:62:54:e2:e9:dc:
7d:40:0a:e6:9a:20:82:84:1f:37:4a:86:52:87:02:
36:44:2a:93:9f:ee:b7:7b:bc:a5:2e:50:37:a4:2d:
98:b1:3a:1e:27:d5:95:67:77:61:e7:7a:8a:8c:6d:
0d:38:59:fe:c6:ba:62:d2:b8:b8:da:de:a9:d5:bd:
64:e2:c2:9b:e3:e8:a2:e1:a5:3f:33:34:f7:a0:2f:
ce:a5:73:9f:e7:24:fe:79:b5:3b:5f:b4:5b:be:7e:
ba:cb:54:f2:5f:d6:2e:18:7a:a9:bd:f3:d5:f1:97:
25:a6:15:12:3d:9e:f9:3c:4a:30:38:77:ac:2b:d4:
3c:59:2e:c1:eb:82:49:ea:ab:ab:87:f7:43:0d:1c:
b3:f7:1e:b6:d0:fe:fc:93:8a:a3:0a:5f:70:b1:52:
21:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B0:1C:33:E8:77:57:CE:C4:4B:3A:07:63:74:05:0F:4D:16:8D:BB
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/IbAcM-h3V87ESzoHY3QFD00Wjbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.100.0/22
Signature Algorithm: sha256WithRSAEncryption
dc:04:db:f8:3a:3a:ae:0d:34:58:3c:84:6d:90:51:fb:77:63:
34:81:56:fd:09:b2:72:76:aa:5e:de:3b:2d:00:8d:b3:5d:1a:
07:ec:f9:87:65:49:bf:43:26:89:f1:1d:9f:ca:e4:24:de:12:
11:2a:34:53:13:a6:4d:4e:87:87:0c:fd:84:83:55:7b:59:4b:
60:b9:fa:a1:f1:3f:73:15:ac:41:5f:7a:8b:7d:82:b1:1f:6d:
0f:ed:49:bb:15:97:b7:c4:8d:47:4c:8e:74:2a:ec:0b:a7:e4:
53:92:ae:37:7c:30:20:61:b9:95:6d:eb:db:d2:63:ad:2c:ea:
53:69:9c:68:8f:b0:ab:89:e4:e6:77:40:c0:39:a6:38:2f:c6:
92:51:f7:91:ae:13:a3:cf:0b:59:fe:a1:7d:58:2e:9f:fd:f4:
30:cd:ed:67:5c:56:af:af:61:fb:d5:8f:af:68:48:f9:d4:df:
9c:6e:9a:7e:09:c3:12:6b:9c:d0:2a:dd:06:63:04:ab:8b:aa:
59:72:bc:1d:37:48:00:7f:24:f3:63:9e:97:a8:f1:f4:5f:e2:
bf:5c:65:ca:2b:30:62:ea:2c:84:01:66:ae:21:60:06:a4:d6:
c6:85:99:07:f8:a9:b4:36:a8:37:f3:f4:0f:f9:1e:ba:53:c6:
c2:5c:9a:15
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1S8KHgKCs1cuSBeJmF+fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWIwMWMzM2U4Nzc1N2NlYzQ0YjNhMDc2Mzc0MDUwZjRkMTY4ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IRANwggq1CssMwc270Bsxj+UO/Z
BrAfKmc5uemgyS71pxLQb1jyIHf57NX7XBi5Ov1PMvOV9NfDSv1v+miABiUv+tU6
AFeVjefptWibPRfCDd01vHfITTJtPAmviN7rCsccYlTi6dx9QArmmiCChB83SoZS
hwI2RCqTn+63e7ylLlA3pC2YsToeJ9WVZ3dh53qKjG0NOFn+xrpi0ri42t6p1b1k
4sKb4+ii4aU/MzT3oC/OpXOf5yT+ebU7X7Rbvn66y1TyX9YuGHqpvfPV8ZclphUS
PZ75PEowOHesK9Q8WS7B64JJ6qurh/dDDRyz9x620P78k4qjCl9wsVIh4QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFCGwHDPod1fOxEs6B2N0BQ9NFo27MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0liQWNNLWgzVjg3RVN6b0hZM1FGRDAwV2picy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJZKGQw
DQYJKoZIhvcNAQELBQADggEBANwE2/g6Oq4NNFg8hG2QUft3YzSBVv0JsnJ2ql7e
Oy0AjbNdGgfs+YdlSb9DJonxHZ/K5CTeEhEqNFMTpk1Oh4cM/YSDVXtZS2C5+qHx
P3MVrEFfeot9grEfbQ/tSbsVl7fEjUdMjnQq7Aun5FOSrjd8MCBhuZVt69vSY60s
6lNpnGiPsKuJ5OZ3QMA5pjgvxpJR95GuE6PPC1n+oX1YLp/99DDN7WdcVq+vYfvV
j69oSPnU35xumn4JwxJrnNAq3QZjBKuLqllyvB03SAB/JPNjnpeo8fRf4r9cZcor
MGLqLIQBZq4hYAak1saFmQf4qbQ2qDfz9A/5HrpTxsJcmhU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:17 2025 by rpki-client