Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/qCaH3DTtbusmLkAf6fBkt9At3t0.roa
File: qCaH3DTtbusmLkAf6fBkt9At3t0.roa (raw, json)
Hash identifier: T6FDv8xZ4mazaBO8J1HhUke5tCyGfPoGZx/k6uZlmYA=
Subject key identifier: A8:26:87:DC:34:ED:6E:EB:26:2E:40:1F:E9:F0:64:B7:D0:2D:DE:DD
Certificate issuer: /CN=0ecd99aa1701763a5a1ed9bbe37d2cc09329c9ba
Certificate serial: 0182F5A3F9319B82AD99A8726B10909FBCA3
Authority key identifier: 0E:CD:99:AA:17:01:76:3A:5A:1E:D9:BB:E3:7D:2C:C0:93:29:C9:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ds2ZqhcBdjpaHtm7430swJMpybo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/qCaH3DTtbusmLkAf6fBkt9At3t0.roa
Signing time: Wed 31 Aug 2022 20:42:20 +0000
ROA not before: Wed 31 Aug 2022 20:42:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 89.248.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f5:a3:f9:31:9b:82:ad:99:a8:72:6b:10:90:9f:bc:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ecd99aa1701763a5a1ed9bbe37d2cc09329c9ba
Validity
Not Before: Aug 31 20:42:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a82687dc34ed6eeb262e401fe9f064b7d02ddedd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:27:da:4b:40:05:8a:6f:21:c5:25:03:4c:6a:
4d:1a:67:a1:3c:19:4f:f0:44:34:a1:1a:11:c4:38:
51:4c:a5:7e:8b:79:ec:12:17:56:2a:9c:26:5b:88:
54:9e:53:22:bf:9b:48:2f:01:6b:84:4d:a2:d4:57:
7f:d3:01:ad:43:ee:04:01:f6:17:e3:75:4f:7a:01:
0a:dc:22:39:88:3b:0c:7b:eb:d3:59:52:b4:3c:14:
a4:df:6d:19:f7:80:2f:c8:9e:39:4a:27:72:2f:3d:
18:52:f9:e6:34:66:83:89:1c:58:f8:46:c3:cc:ee:
47:ed:49:41:87:77:2d:4d:0c:20:34:9b:f2:dd:13:
1e:00:7d:0a:60:56:78:20:f0:23:04:d6:fe:83:0b:
d4:ed:b7:d0:f8:6b:cb:39:ef:57:62:c2:c8:38:14:
20:89:a1:c0:f7:64:74:4e:04:ff:54:12:22:5a:62:
c2:fb:d3:ee:79:65:c5:ba:cf:c5:df:62:d1:dd:51:
f7:69:a7:5a:b6:40:ad:24:33:b6:91:fb:29:e3:53:
04:f4:9a:42:d3:a1:bc:03:08:60:b8:13:58:5e:f5:
33:53:3c:90:91:60:21:84:d0:a2:2e:38:24:b7:68:
f2:e7:a6:1e:50:96:89:f1:bb:12:83:11:f2:38:39:
35:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:26:87:DC:34:ED:6E:EB:26:2E:40:1F:E9:F0:64:B7:D0:2D:DE:DD
X509v3 Authority Key Identifier:
keyid:0E:CD:99:AA:17:01:76:3A:5A:1E:D9:BB:E3:7D:2C:C0:93:29:C9:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ds2ZqhcBdjpaHtm7430swJMpybo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/qCaH3DTtbusmLkAf6fBkt9At3t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e1bd2f-6197-4465-a368-a7dea5727c2c/1/Ds2ZqhcBdjpaHtm7430swJMpybo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.71.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:34:f9:e5:8d:b4:04:7c:01:61:b9:2c:f7:6c:22:0a:d0:bf:
cc:84:d4:59:76:8d:63:c4:69:4a:1c:76:92:00:ab:e2:fb:e3:
d5:f7:22:b5:66:cd:33:81:42:6d:61:d3:b2:4c:d5:65:aa:ea:
7f:89:85:70:3b:35:c7:16:e6:5e:39:73:f6:4d:f5:55:da:11:
27:d7:67:26:1f:6b:e3:ec:ef:dc:bf:67:eb:07:4f:ee:48:5a:
79:fa:8c:c5:40:25:53:8c:7d:1a:0d:cc:b0:d5:41:ba:bc:03:
c9:0b:55:2d:86:e7:ea:ce:f0:7e:e7:8f:35:2d:da:52:a4:b7:
0e:4a:30:fa:ab:6f:8c:ec:0d:ae:9e:44:b0:ae:51:2e:69:c0:
ea:ea:ac:ab:8a:58:a4:76:2c:b4:82:fe:d7:64:47:dc:aa:6f:
7f:d7:21:eb:44:e2:64:57:22:b6:5b:e0:2f:96:7a:9f:e5:d9:
7e:8c:20:21:5b:38:56:86:a8:35:c9:ba:87:84:39:eb:36:26:
8d:fb:fb:d6:57:50:13:6a:92:00:e2:50:4f:9a:ba:1d:38:15:
ae:92:80:b5:5b:ca:9b:99:fe:42:de:93:d0:5d:ef:93:83:33:
67:f9:bc:78:6d:3b:d9:bb:a8:30:f4:10:fd:4a:ad:1a:e1:fc:
4b:72:99:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL1o/kxm4KtmahyaxCQn7yjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlY2Q5OWFhMTcwMTc2M2E1YTFlZDliYmUzN2QyY2MwOTMy
OWM5YmEwHhcNMjIwODMxMjA0MjIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODI2ODdkYzM0ZWQ2ZWViMjYyZTQwMWZlOWYwNjRiN2QwMmRkZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyfaS0AFim8hxSUDTGpNGmehPBlP
8EQ0oRoRxDhRTKV+i3nsEhdWKpwmW4hUnlMiv5tILwFrhE2i1Fd/0wGtQ+4EAfYX
43VPegEK3CI5iDsMe+vTWVK0PBSk320Z94AvyJ45SidyLz0YUvnmNGaDiRxY+EbD
zO5H7UlBh3ctTQwgNJvy3RMeAH0KYFZ4IPAjBNb+gwvU7bfQ+GvLOe9XYsLIOBQg
iaHA92R0TgT/VBIiWmLC+9PueWXFus/F32LR3VH3aadatkCtJDO2kfsp41ME9JpC
06G8AwhguBNYXvUzUzyQkWAhhNCiLjgkt2jy56YeUJaJ8bsSgxHyODk16QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgmh9w07W7rJi5AH+nwZLfQLd7dMB8GA1UdIwQY
MBaAFA7NmaoXAXY6Wh7Zu+N9LMCTKcm6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHMyWnFoY0JkanBhSHRtNzQzMHN3Sk1weWJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9lMWJkMmYtNjE5Ny00NDY1LWEzNjgt
YTdkZWE1NzI3YzJjLzEvcUNhSDNEVHRidXNtTGtBZjZmQmt0OUF0M3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9lMWJkMmYtNjE5Ny00NDY1LWEzNjgtYTdkZWE1NzI3YzJj
LzEvRHMyWnFoY0JkanBhSHRtNzQzMHN3Sk1weWJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfhHMA0G
CSqGSIb3DQEBCwUAA4IBAQAdNPnljbQEfAFhuSz3bCIK0L/MhNRZdo1jxGlKHHaS
AKvi++PV9yK1Zs0zgUJtYdOyTNVlqup/iYVwOzXHFuZeOXP2TfVV2hEn12cmH2vj
7O/cv2frB0/uSFp5+ozFQCVTjH0aDcyw1UG6vAPJC1UthufqzvB+5481LdpSpLcO
SjD6q2+M7A2unkSwrlEuacDq6qyrilikdiy0gv7XZEfcqm9/1yHrROJkVyK2W+Av
lnqf5dl+jCAhWzhWhqg1ybqHhDnrNiaN+/vWV1ATapIA4lBPmrodOBWukoC1W8qb
mf5C3pPQXe+TgzNn+bx4bTvZu6gw9BD9Sq0a4fxLcpn1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:48 2023 by rpki-client on console-fra.rpki-client.org