Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/bMP9Q-akpNI6OO9uycGEDknyOOk.roa
File: bMP9Q-akpNI6OO9uycGEDknyOOk.roa (raw, json)
Hash identifier: m2TxJg1YbLQxg+JZjJ2qi6qST/aUeI/xirMaT+5X9zU=
Subject key identifier: 6C:C3:FD:43:E6:A4:A4:D2:3A:38:EF:6E:C9:C1:84:0E:49:F2:38:E9
Certificate issuer: /CN=0ecd99aa1701763a5a1ed9bbe37d2cc09329c9ba
Certificate serial: 0139084B
Authority key identifier: 0E:CD:99:AA:17:01:76:3A:5A:1E:D9:BB:E3:7D:2C:C0:93:29:C9:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ds2ZqhcBdjpaHtm7430swJMpybo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/bMP9Q-akpNI6OO9uycGEDknyOOk.roa
Signing time: Sat 01 Jan 2022 03:51:53 +0000
ROA not before: Sat 01 Jan 2022 03:51:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 89.248.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20514891 (0x139084b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ecd99aa1701763a5a1ed9bbe37d2cc09329c9ba
Validity
Not Before: Jan 1 03:51:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6cc3fd43e6a4a4d23a38ef6ec9c1840e49f238e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:00:8c:4f:b4:05:b5:54:2a:4b:6d:33:43:27:
45:18:1b:83:5e:9c:6e:72:a8:4b:d4:95:52:55:ca:
6d:85:4e:d4:3c:8d:46:3e:f9:48:67:fe:6b:13:1f:
84:ce:85:c6:34:b9:3f:c8:c3:09:bc:73:8e:30:e3:
f5:16:d2:73:5f:f5:b0:c0:6f:50:98:ad:09:1b:aa:
a5:9d:2c:a0:a4:56:0c:df:b3:ab:bc:36:2b:99:24:
9a:09:ec:39:a5:13:a5:5f:f3:fd:de:66:6c:bd:7a:
ad:b7:da:9f:cb:7d:c9:b4:c6:42:98:d7:c3:9e:23:
15:91:70:3e:54:b0:39:e3:78:d1:73:15:02:c5:44:
5d:bf:c1:ec:a0:02:cc:26:e6:e1:10:97:75:0f:3f:
c7:93:01:6c:23:e3:43:37:e6:6c:7d:0f:e3:01:ea:
ec:0c:eb:20:14:9e:b4:db:da:19:ba:12:1c:bc:42:
55:40:16:d6:d9:33:94:58:54:de:b2:2b:a6:eb:8c:
73:29:d5:fe:f7:42:9c:a4:5c:31:6f:ea:43:b2:bc:
cb:a0:25:5f:74:bc:be:38:2c:23:fd:e8:85:c3:36:
21:39:c6:55:ea:39:5c:54:0c:e4:d1:81:f8:a3:af:
dc:e3:16:fb:5c:4d:e6:85:41:d6:fe:1a:1b:1f:f4:
a9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C3:FD:43:E6:A4:A4:D2:3A:38:EF:6E:C9:C1:84:0E:49:F2:38:E9
X509v3 Authority Key Identifier:
keyid:0E:CD:99:AA:17:01:76:3A:5A:1E:D9:BB:E3:7D:2C:C0:93:29:C9:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ds2ZqhcBdjpaHtm7430swJMpybo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/bMP9Q-akpNI6OO9uycGEDknyOOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/Ds2ZqhcBdjpaHtm7430swJMpybo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.71.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:cd:10:b6:6a:19:0d:ed:f8:ee:8b:c2:d7:fe:53:f1:81:75:
6e:c0:1f:85:c4:ea:79:c7:aa:14:26:5f:6f:4e:97:25:f3:2c:
99:94:cf:70:59:9b:c6:ad:c6:0d:ce:1f:b7:93:23:18:93:97:
9f:ba:aa:bb:6a:66:19:2b:e4:8d:e3:e4:bb:43:fe:da:2e:65:
bf:3c:73:d5:be:0c:f0:af:d3:e9:ff:3e:c9:6f:72:5a:9a:2b:
17:2d:e9:70:6a:8c:4d:bb:68:f2:9e:e0:35:df:27:b5:40:82:
19:2a:bb:cc:b4:cd:ee:c7:59:1b:32:49:2e:93:54:61:66:71:
bc:9b:c0:46:1a:b1:b8:f6:7b:2e:f1:25:bc:1b:b5:50:91:1d:
8f:fd:9a:f0:f3:e9:79:b4:3e:8b:e4:96:93:8b:14:4a:7b:c1:
5f:0c:a0:c5:32:9e:fd:cd:43:a2:7d:61:de:3e:17:11:85:1e:
75:c6:aa:fd:ef:4d:4c:1a:05:3b:bd:86:24:1c:69:56:4c:ca:
4e:eb:5f:08:26:00:c1:48:94:56:37:3a:b3:da:06:9f:fb:68:
53:8b:fa:c0:3b:c0:d6:32:76:1e:0b:82:1d:6f:4e:c0:9a:4d:
8c:39:59:19:92:85:d6:07:7e:a2:c4:22:04:f6:72:22:fe:23:
1c:69:79:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATkISzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZWNkOTlhYTE3MDE3NjNhNWExZWQ5YmJlMzdkMmNjMDkzMjljOWJhMB4XDTIyMDEw
MTAzNTE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmNjM2ZkNDNlNmE0
YTRkMjNhMzhlZjZlYzljMTg0MGU0OWYyMzhlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0AjE+0BbVUKkttM0MnRRgbg16cbnKoS9SVUlXKbYVO1DyN
Rj75SGf+axMfhM6FxjS5P8jDCbxzjjDj9RbSc1/1sMBvUJitCRuqpZ0soKRWDN+z
q7w2K5kkmgnsOaUTpV/z/d5mbL16rbfan8t9ybTGQpjXw54jFZFwPlSwOeN40XMV
AsVEXb/B7KACzCbm4RCXdQ8/x5MBbCPjQzfmbH0P4wHq7AzrIBSetNvaGboSHLxC
VUAW1tkzlFhU3rIrpuuMcynV/vdCnKRcMW/qQ7K8y6AlX3S8vjgsI/3ohcM2ITnG
Veo5XFQM5NGB+KOv3OMW+1xN5oVB1v4aGx/0qfsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRsw/1D5qSk0jo4727JwYQOSfI46TAfBgNVHSMEGDAWgBQOzZmqFwF2Oloe
2bvjfSzAkynJujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RzMlpxaGNCZGpwYUh0bTc0MzBzd0pNcHliby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvZTFiZDJmLTYxOTctNDQ2NS1hMzY4LWE3ZGVhNTcyN2MyYy8x
L2JNUDlRLWFrcE5JNk9POXV5Y0dFRGtueU9Pay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
ZTFiZDJmLTYxOTctNDQ2NS1hMzY4LWE3ZGVhNTcyN2MyYy8xL0RzMlpxaGNCZGpw
YUh0bTc0MzBzd0pNcHliby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFn4RzANBgkqhkiG9w0BAQsFAAOC
AQEAPM0QtmoZDe347ovC1/5T8YF1bsAfhcTqeceqFCZfb06XJfMsmZTPcFmbxq3G
Dc4ft5MjGJOXn7qqu2pmGSvkjePku0P+2i5lvzxz1b4M8K/T6f8+yW9yWporFy3p
cGqMTbto8p7gNd8ntUCCGSq7zLTN7sdZGzJJLpNUYWZxvJvARhqxuPZ7LvElvBu1
UJEdj/2a8PPpebQ+i+SWk4sUSnvBXwygxTKe/c1Don1h3j4XEYUedcaq/e9NTBoF
O72GJBxpVkzKTutfCCYAwUiUVjc6s9oGn/toU4v6wDvA1jJ2HguCHW9OwJpNjDlZ
GZKF1gd+osQiBPZyIv4jHGl5ew==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:24 2023 by rpki-client on console-ams.rpki-client.org