Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/j3_Ir1G35ShzlQrWk_WahqMmpWM.roa
File: j3_Ir1G35ShzlQrWk_WahqMmpWM.roa (raw, json)
Hash identifier: LIN/i2kK15bEZAIGtVvrl6+wCDv/203koP2vmq6Ve40=
Subject key identifier: 8F:7F:C8:AF:51:B7:E5:28:73:95:0A:D6:93:F5:9A:86:A3:26:A5:63
Certificate issuer: /CN=762656c5e66b82c04654be1a25629b1fd6a59456
Certificate serial: 021F867B
Authority key identifier: 76:26:56:C5:E6:6B:82:C0:46:54:BE:1A:25:62:9B:1F:D6:A5:94:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diZWxeZrgsBGVL4aJWKbH9allFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/j3_Ir1G35ShzlQrWk_WahqMmpWM.roa
Signing time: Sat 01 Jan 2022 05:56:02 +0000
ROA not before: Sat 01 Jan 2022 05:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39520
IP address blocks: 89.255.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35620475 (0x21f867b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762656c5e66b82c04654be1a25629b1fd6a59456
Validity
Not Before: Jan 1 05:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f7fc8af51b7e52873950ad693f59a86a326a563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f1:f6:dc:c4:a9:21:f8:4d:12:d5:aa:7a:a5:
4d:a1:63:b0:5a:e6:2c:b1:d9:b0:37:20:b4:1b:52:
53:fe:49:80:92:ce:7b:b2:9d:3c:0a:0b:48:fb:d8:
a8:40:ef:0a:41:97:87:a9:8b:be:0a:b9:c0:79:2c:
60:97:df:c6:55:e4:f9:89:cb:69:29:d1:99:42:07:
57:13:d5:11:51:0f:b5:f1:7b:65:d3:36:e7:ea:68:
b6:96:6f:84:47:7b:40:b4:88:6e:a3:4f:cd:b1:5f:
9b:23:1d:58:7a:5f:f1:79:bf:92:1c:c6:44:1e:40:
01:fc:d8:be:ca:f3:91:11:45:3a:bf:21:c3:d2:76:
3c:10:e1:3d:f3:aa:86:54:9c:48:7e:40:88:72:97:
9b:37:bb:95:81:d1:8d:d3:a5:b2:fc:c4:1e:9c:66:
07:d3:d7:a3:e7:23:f9:04:b9:d4:39:4b:5e:e7:19:
e4:94:bd:69:8a:27:2b:d8:69:72:23:33:89:ad:e3:
5c:81:99:83:4a:96:fe:c8:37:97:36:6e:5a:08:0d:
1c:9c:2e:22:1d:47:fa:bd:95:e4:8a:a2:4b:33:f6:
97:41:dd:33:9f:79:95:f8:18:00:5c:12:c5:83:5a:
f4:8a:c8:72:54:ab:8b:c4:40:7d:4f:6f:ed:fd:a0:
b1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:7F:C8:AF:51:B7:E5:28:73:95:0A:D6:93:F5:9A:86:A3:26:A5:63
X509v3 Authority Key Identifier:
keyid:76:26:56:C5:E6:6B:82:C0:46:54:BE:1A:25:62:9B:1F:D6:A5:94:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diZWxeZrgsBGVL4aJWKbH9allFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/j3_Ir1G35ShzlQrWk_WahqMmpWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/diZWxeZrgsBGVL4aJWKbH9allFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.255.208.0/22
Signature Algorithm: sha256WithRSAEncryption
94:09:88:ab:a9:d9:03:6f:7e:19:4e:96:fe:cc:eb:85:9b:9f:
1f:af:e0:c5:77:93:04:60:4e:7d:2e:11:92:ec:a6:9c:40:34:
a1:22:7c:94:1a:da:61:23:c4:95:37:52:69:fd:27:74:39:b2:
4a:54:9a:33:aa:74:6c:b2:40:14:83:6b:1f:19:45:b4:37:4d:
31:1a:75:f1:c5:41:53:b7:d5:86:c4:1a:74:b8:cc:e7:e9:6f:
d1:24:1f:54:95:8c:82:ae:6b:c3:5c:b5:76:84:b9:cc:4a:76:
d7:4b:bb:57:49:1b:d2:d9:ea:c8:9c:42:14:a5:a0:4f:c0:22:
d6:be:b8:c9:2f:a4:f2:95:91:98:15:56:db:60:d2:27:e7:a3:
92:36:43:85:c9:23:71:04:56:72:e4:7e:40:21:7f:d3:13:96:
7a:7a:d2:5a:19:0f:ef:ee:a9:99:2d:90:32:5c:d9:49:aa:53:
a4:97:67:90:8b:44:a4:83:84:fa:75:5a:ef:a7:a0:53:15:71:
ab:3b:d7:51:29:00:12:29:bd:23:7f:43:21:4e:c8:92:e2:84:
d3:d2:a8:ed:8f:a5:b2:60:e8:3a:6e:21:1f:d6:26:24:3e:57:
f2:32:2e:f3:95:72:25:02:47:09:e7:4c:b3:69:cf:c3:1b:2a:
da:a9:cf:b2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAh+GezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NjI2NTZjNWU2NmI4MmMwNDY1NGJlMWEyNTYyOWIxZmQ2YTU5NDU2MB4XDTIyMDEw
MTA1NTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY3ZmM4YWY1MWI3
ZTUyODczOTUwYWQ2OTNmNTlhODZhMzI2YTU2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbx9tzEqSH4TRLVqnqlTaFjsFrmLLHZsDcgtBtSU/5JgJLO
e7KdPAoLSPvYqEDvCkGXh6mLvgq5wHksYJffxlXk+YnLaSnRmUIHVxPVEVEPtfF7
ZdM25+potpZvhEd7QLSIbqNPzbFfmyMdWHpf8Xm/khzGRB5AAfzYvsrzkRFFOr8h
w9J2PBDhPfOqhlScSH5AiHKXmze7lYHRjdOlsvzEHpxmB9PXo+cj+QS51DlLXucZ
5JS9aYonK9hpciMzia3jXIGZg0qW/sg3lzZuWggNHJwuIh1H+r2V5IqiSzP2l0Hd
M595lfgYAFwSxYNa9IrIclSri8RAfU9v7f2gsR0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSPf8ivUbflKHOVCtaT9ZqGoyalYzAfBgNVHSMEGDAWgBR2JlbF5muCwEZU
vholYpsf1qWUVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RpWld4ZVpyZ3NCR1ZMNGFKV0tiSDlhbGxGWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvMTk4YzZiLWQ3MTUtNDdiNi04NmMwLTRkMjJjNmI1YjFmZS8x
L2ozX0lyMUczNVNoemxRcldrX1dhaHFNbXBXTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
MTk4YzZiLWQ3MTUtNDdiNi04NmMwLTRkMjJjNmI1YjFmZS8xL2RpWld4ZVpyZ3NC
R1ZMNGFKV0tiSDlhbGxGWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAln/0DANBgkqhkiG9w0BAQsFAAOC
AQEAlAmIq6nZA29+GU6W/szrhZufH6/gxXeTBGBOfS4RkuymnEA0oSJ8lBraYSPE
lTdSaf0ndDmySlSaM6p0bLJAFINrHxlFtDdNMRp18cVBU7fVhsQadLjM5+lv0SQf
VJWMgq5rw1y1doS5zEp210u7V0kb0tnqyJxCFKWgT8Ai1r64yS+k8pWRmBVW22DS
J+ejkjZDhckjcQRWcuR+QCF/0xOWenrSWhkP7+6pmS2QMlzZSapTpJdnkItEpIOE
+nVa76egUxVxqzvXUSkAEim9I39DIU7IkuKE09Ko7Y+lsmDoOm4hH9YmJD5X8jIu
85VyJQJHCedMs2nPwxsq2qnPsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:46 2024 by rpki-client on console-fra.rpki-client.org