Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/t0orKs4QymSpYVvic4Stl-Od2-o.roa
File: t0orKs4QymSpYVvic4Stl-Od2-o.roa (raw, json)
Hash identifier: 6zsl4DZdBMHR6KtonpWkSTB+iw5Tm0BkY0Crx6zNzS4=
Subject key identifier: B7:4A:2B:2A:CE:10:CA:64:A9:61:5B:E2:73:84:AD:97:E3:9D:DB:EA
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0182A17A2E0B57D60D0D1A8F34713D9A1E4F
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/t0orKs4QymSpYVvic4Stl-Od2-o.roa
Signing time: Mon 15 Aug 2022 12:28:35 +0000
ROA not before: Mon 15 Aug 2022 12:28:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.19.56.0/22 maxlen: 24
185.175.224.0/23 maxlen: 24
185.68.244.0/23 maxlen: 24
213.170.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:7a:2e:0b:57:d6:0d:0d:1a:8f:34:71:3d:9a:1e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Aug 15 12:28:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b74a2b2ace10ca64a9615be27384ad97e39ddbea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:71:e2:d8:a2:c7:ac:3c:24:3c:cb:b6:eb:d9:
6a:8d:5e:5e:92:61:97:d4:c2:18:de:c3:9f:a6:28:
fe:a2:f8:c2:7f:96:c7:28:37:75:55:2c:9c:a6:9a:
97:62:88:bd:1f:7e:db:f9:bb:fc:fa:d3:3e:1f:ed:
50:8a:fd:e6:f9:19:fc:aa:32:56:3c:c9:a2:c6:92:
f7:00:78:5f:09:13:8b:42:c5:c2:cd:48:dd:b8:a7:
57:07:a9:be:7e:26:a2:97:18:e2:13:a9:6d:74:d9:
6d:4d:f2:3d:62:dc:d5:56:37:8e:80:09:2d:41:3d:
13:ec:0c:d7:03:2d:8a:b2:8e:e6:1f:cc:a1:36:d7:
83:59:41:fe:b5:dd:6a:64:68:7f:d1:1d:9f:93:d5:
f3:f5:ff:c8:fd:6b:69:b7:44:a3:d0:44:c4:0a:b7:
39:7e:a1:86:27:56:35:b6:48:dc:74:d9:76:cb:b6:
b7:3d:28:6f:8c:72:ad:66:88:7c:1c:24:be:54:0f:
7b:92:58:ae:e6:f0:0f:c5:04:0c:4d:f5:2e:1a:2a:
4d:25:db:3a:3f:c6:9f:08:11:e3:23:f7:9f:f8:88:
6d:0c:c1:3e:a9:53:17:49:a8:a5:6c:58:53:d9:1d:
ec:d0:95:00:01:3b:7a:ba:d0:8c:44:df:3a:3b:eb:
23:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:4A:2B:2A:CE:10:CA:64:A9:61:5B:E2:73:84:AD:97:E3:9D:DB:EA
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/t0orKs4QymSpYVvic4Stl-Od2-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.56.0/22
185.68.244.0/23
185.175.224.0/23
213.170.223.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:96:bd:55:a9:4b:a4:09:4c:e3:b9:43:25:67:b5:13:81:a3:
ee:a5:3a:2a:d0:94:8b:bb:02:7c:c9:10:64:5f:96:fa:a1:9d:
f6:48:50:c9:80:f5:ff:7f:3e:45:42:7e:bc:03:d7:81:15:d9:
e4:75:f2:93:60:79:90:e6:b3:00:5e:5f:fa:bd:f6:5b:35:cc:
d3:86:cf:ec:ae:cc:e2:6c:8a:0d:b9:81:06:18:ab:53:3e:53:
57:33:05:25:7b:9e:dc:a7:6e:02:db:a0:f3:57:13:89:59:b6:
84:9b:5a:76:a3:c5:59:db:2e:8a:9f:4a:b9:5d:64:f6:92:a5:
83:a3:87:0f:75:65:77:5c:5e:30:d5:65:bc:70:8b:e0:25:4a:
f1:a5:a1:27:b8:c3:cf:f3:f4:6a:62:26:b7:aa:97:be:65:88:
3f:07:5f:72:cb:ed:36:b8:5c:06:b0:a0:1d:7c:89:fc:71:07:
b3:42:14:ee:5b:e4:1b:79:74:a9:a7:c2:2e:c5:e0:17:46:4b:
27:5b:08:83:41:25:15:54:d9:70:aa:7b:0b:b7:2d:d0:19:fb:
bf:bf:3b:51:2d:02:c4:dd:e7:df:f4:b8:28:40:01:f9:36:9b:
5c:e7:ff:15:d3:22:df:68:0b:cf:c1:40:8c:bf:52:49:96:18:
7c:48:a9:09
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYKhei4LV9YNDRqPNHE9mh5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIwODE1MTIyODM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzRhMmIyYWNlMTBjYTY0YTk2MTViZTI3Mzg0YWQ5N2UzOWRkYmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXHi2KLHrDwkPMu269lqjV5ekmGX
1MIY3sOfpij+ovjCf5bHKDd1VSycppqXYoi9H37b+bv8+tM+H+1Qiv3m+Rn8qjJW
PMmixpL3AHhfCROLQsXCzUjduKdXB6m+fiailxjiE6ltdNltTfI9YtzVVjeOgAkt
QT0T7AzXAy2Kso7mH8yhNteDWUH+td1qZGh/0R2fk9Xz9f/I/Wtpt0Sj0ETECrc5
fqGGJ1Y1tkjcdNl2y7a3PShvjHKtZoh8HCS+VA97kliu5vAPxQQMTfUuGipNJds6
P8afCBHjI/ef+IhtDME+qVMXSailbFhT2R3s0JUAATt6utCMRN86O+sjYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLdKKyrOEMpkqWFb4nOErZfjndvqMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvdDBvcktzNFF5bVNwWVZ2aWM0U3RsLU9kMi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCWRM4AwQB
uUT0AwQBua/gAwQA1arfMA0GCSqGSIb3DQEBCwUAA4IBAQCPlr1VqUukCUzjuUMl
Z7UTgaPupToq0JSLuwJ8yRBkX5b6oZ32SFDJgPX/fz5FQn68A9eBFdnkdfKTYHmQ
5rMAXl/6vfZbNczThs/srszibIoNuYEGGKtTPlNXMwUle57cp24C26DzVxOJWbaE
m1p2o8VZ2y6Kn0q5XWT2kqWDo4cPdWV3XF4w1WW8cIvgJUrxpaEnuMPP8/RqYia3
qpe+ZYg/B19yy+02uFwGsKAdfIn8cQezQhTuW+QbeXSpp8IuxeAXRksnWwiDQSUV
VNlwqnsLty3QGfu/vztRLQLE3eff9LgoQAH5Nptc5/8V0yLfaAvPwUCMv1JJlhh8
SKkJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:18 2023 by rpki-client on console-fra.rpki-client.org