Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/XWZnOCvazs1XyCxTzqZBaoddSRY.roa
File: XWZnOCvazs1XyCxTzqZBaoddSRY.roa (raw, json)
Hash identifier: FJ3NRBQFh1haTCIt3M83Lb8siSPg986UTRtV1Eia6QQ=
Subject key identifier: 5D:66:67:38:2B:DA:CE:CD:57:C8:2C:53:CE:A6:41:6A:87:5D:49:16
Certificate issuer: /CN=0ecd99aa1701763a5a1ed9bbe37d2cc09329c9ba
Certificate serial: 016A4C04
Authority key identifier: 0E:CD:99:AA:17:01:76:3A:5A:1E:D9:BB:E3:7D:2C:C0:93:29:C9:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ds2ZqhcBdjpaHtm7430swJMpybo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/XWZnOCvazs1XyCxTzqZBaoddSRY.roa
Signing time: Sat 22 Jan 2022 10:36:11 +0000
ROA not before: Sat 22 Jan 2022 10:36:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 89.248.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23743492 (0x16a4c04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ecd99aa1701763a5a1ed9bbe37d2cc09329c9ba
Validity
Not Before: Jan 22 10:36:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d6667382bdacecd57c82c53cea6416a875d4916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:bc:08:23:17:5c:9a:2f:31:43:f8:99:d5:00:
c1:43:b6:c9:a9:57:27:fe:73:5a:c2:48:7f:58:a8:
b6:70:39:18:31:39:2d:55:9a:17:6c:f2:ba:54:4e:
85:15:83:b0:fa:1d:7d:07:4d:15:8b:aa:4c:71:77:
40:f2:eb:0d:36:ac:87:f6:65:f3:39:46:4f:42:14:
74:b1:25:9e:bb:c2:12:7f:bc:15:0e:d2:f3:e3:fd:
17:23:1b:dd:10:e8:48:49:a5:c5:2b:2e:fb:22:cc:
43:47:46:38:4d:0a:c7:1e:c5:36:22:0b:aa:38:a2:
44:76:cd:75:27:82:94:f4:60:83:20:f2:af:d8:12:
d1:8a:6c:ed:3e:e8:6a:da:3f:d0:f9:46:e2:59:12:
2c:dd:94:a8:44:9c:b1:69:15:ab:47:9b:4c:cc:f8:
7b:8f:b2:d3:95:d5:0d:6f:79:83:cc:40:02:61:92:
9f:1a:a0:2b:3d:ac:66:33:70:da:70:5f:2c:6d:d7:
34:24:56:09:3d:a3:e1:2d:bc:68:ff:db:3a:5d:5c:
6e:d6:f9:8c:b6:92:df:1f:5b:2a:0b:ec:e7:74:89:
c2:a4:1d:b9:db:a3:50:6b:8e:06:5c:ac:3d:97:41:
0a:d3:b5:60:4b:90:5a:92:a4:8a:ac:ec:cc:9a:9e:
45:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:66:67:38:2B:DA:CE:CD:57:C8:2C:53:CE:A6:41:6A:87:5D:49:16
X509v3 Authority Key Identifier:
keyid:0E:CD:99:AA:17:01:76:3A:5A:1E:D9:BB:E3:7D:2C:C0:93:29:C9:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ds2ZqhcBdjpaHtm7430swJMpybo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/XWZnOCvazs1XyCxTzqZBaoddSRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/Ds2ZqhcBdjpaHtm7430swJMpybo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.71.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:bb:31:77:2b:17:2c:43:51:d5:61:b2:ae:d6:39:6f:7d:78:
be:d9:e9:3f:05:44:6f:54:87:40:96:03:d2:70:2a:9b:7b:3c:
b1:cd:52:b0:65:10:33:08:f6:f1:b2:a7:ad:4e:9a:17:6f:5d:
d4:bf:fd:4c:85:12:ce:9d:46:1c:e4:89:a9:e8:62:af:8f:1c:
7e:ff:1a:60:b7:3d:6c:77:ea:65:00:b4:d4:ad:10:03:46:42:
f0:98:c7:f8:b0:fb:a1:f1:4d:da:4e:58:ab:78:9e:cf:65:d3:
89:17:bc:75:b3:fd:22:ee:91:ad:c6:34:51:4c:18:52:5d:10:
53:94:43:ea:8b:f4:f7:5d:5e:70:c4:ba:9f:ca:01:01:07:c2:
9a:08:a1:12:67:7e:7f:ce:ab:8b:59:d4:c2:47:26:5f:c7:2f:
18:2d:ff:82:f9:ae:d9:89:5e:92:da:67:72:5e:32:d9:42:34:
2c:6f:4b:34:a9:ab:72:fe:cf:fd:b3:83:eb:9a:44:20:8b:14:
7a:3f:16:c1:a8:d9:12:04:5f:20:6d:6c:a7:f5:9c:1e:93:50:
d8:9f:45:d6:f7:29:c4:2e:6d:ea:d9:b4:b3:b6:b8:06:98:39:
72:f4:da:97:e4:a6:38:c5:24:ba:83:dc:a8:b9:67:63:05:d3:
e0:55:60:11
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAWpMBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZWNkOTlhYTE3MDE3NjNhNWExZWQ5YmJlMzdkMmNjMDkzMjljOWJhMB4XDTIyMDEy
MjEwMzYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ2NjY3MzgyYmRh
Y2VjZDU3YzgyYzUzY2VhNjQxNmE4NzVkNDkxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMi8CCMXXJovMUP4mdUAwUO2yalXJ/5zWsJIf1iotnA5GDE5
LVWaF2zyulROhRWDsPodfQdNFYuqTHF3QPLrDTash/Zl8zlGT0IUdLElnrvCEn+8
FQ7S8+P9FyMb3RDoSEmlxSsu+yLMQ0dGOE0Kxx7FNiILqjiiRHbNdSeClPRggyDy
r9gS0Yps7T7oato/0PlG4lkSLN2UqEScsWkVq0ebTMz4e4+y05XVDW95g8xAAmGS
nxqgKz2sZjNw2nBfLG3XNCRWCT2j4S28aP/bOl1cbtb5jLaS3x9bKgvs53SJwqQd
udujUGuOBlysPZdBCtO1YEuQWpKkiqzszJqeRe0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdZmc4K9rOzVfILFPOpkFqh11JFjAfBgNVHSMEGDAWgBQOzZmqFwF2Oloe
2bvjfSzAkynJujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RzMlpxaGNCZGpwYUh0bTc0MzBzd0pNcHliby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvZTFiZDJmLTYxOTctNDQ2NS1hMzY4LWE3ZGVhNTcyN2MyYy8x
L1hXWm5PQ3ZhenMxWHlDeFR6cVpCYW9kZFNSWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
ZTFiZDJmLTYxOTctNDQ2NS1hMzY4LWE3ZGVhNTcyN2MyYy8xL0RzMlpxaGNCZGpw
YUh0bTc0MzBzd0pNcHliby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFn4RzANBgkqhkiG9w0BAQsFAAOC
AQEAfrsxdysXLENR1WGyrtY5b314vtnpPwVEb1SHQJYD0nAqm3s8sc1SsGUQMwj2
8bKnrU6aF29d1L/9TIUSzp1GHOSJqehir48cfv8aYLc9bHfqZQC01K0QA0ZC8JjH
+LD7ofFN2k5Yq3iez2XTiRe8dbP9Iu6RrcY0UUwYUl0QU5RD6ov0911ecMS6n8oB
AQfCmgihEmd+f86ri1nUwkcmX8cvGC3/gvmu2Ylektpncl4y2UI0LG9LNKmrcv7P
/bOD65pEIIsUej8WwajZEgRfIG1sp/WcHpNQ2J9F1vcpxC5t6tm0s7a4Bpg5cvTa
l+SmOMUkuoPcqLlnYwXT4FVgEQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-ams.rpki-client.org