Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/01e7df-1410-491f-a71b-55830f9edde4/1/UMPBRijyT0pKaTXaO6s7SCZw8qI.roa
File: UMPBRijyT0pKaTXaO6s7SCZw8qI.roa (raw, json)
Hash identifier: Xh5HggdbITmoH39oLWoOm/+c1ReztlT3gbiiW8j6qwU=
Subject key identifier: 50:C3:C1:46:28:F2:4F:4A:4A:69:35:DA:3B:AB:3B:48:26:70:F2:A2
Certificate issuer: /CN=4c6319fe7859c342f7cd9f711306f56590828d60
Certificate serial: 0183C8E641634FE323E2A4095FDA8C91BA1F
Authority key identifier: 4C:63:19:FE:78:59:C3:42:F7:CD:9F:71:13:06:F5:65:90:82:8D:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TGMZ_nhZw0L3zZ9xEwb1ZZCCjWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/01e7df-1410-491f-a71b-55830f9edde4/1/UMPBRijyT0pKaTXaO6s7SCZw8qI.roa
Signing time: Tue 11 Oct 2022 21:14:36 +0000
ROA not before: Tue 11 Oct 2022 21:14:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202666
IP address blocks: 89.40.168.0/23 maxlen: 23
89.40.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c8:e6:41:63:4f:e3:23:e2:a4:09:5f:da:8c:91:ba:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c6319fe7859c342f7cd9f711306f56590828d60
Validity
Not Before: Oct 11 21:14:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50c3c14628f24f4a4a6935da3bab3b482670f2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:66:bd:8a:29:7c:82:ff:4a:b0:b1:2e:bc:93:
9f:88:57:d7:73:b3:36:60:45:62:ef:0e:de:18:92:
7c:6f:4d:26:95:76:0f:83:be:b4:ae:7f:25:4d:fa:
54:55:37:0d:84:39:a6:0b:dd:2b:0a:01:da:2c:6c:
39:db:22:ac:60:48:85:fa:a2:b4:50:e5:6a:22:7b:
6b:02:aa:45:e7:57:ee:9d:92:7d:1e:3e:b8:c3:3d:
70:07:8c:e8:38:3e:b1:44:06:54:04:82:f6:70:fe:
c7:2f:33:11:76:96:b7:af:9f:3d:e2:50:c6:73:a2:
61:63:79:e4:b4:24:55:c5:54:61:9c:9d:1a:3c:2f:
63:13:65:0f:de:bd:8d:49:12:65:ec:c6:7f:b7:44:
c6:67:b1:38:d8:55:d1:7b:41:73:a9:68:77:76:ea:
18:ed:54:3f:12:8b:25:e8:47:90:92:d6:a0:02:4f:
f7:c7:19:53:3a:e3:b4:1a:83:33:55:71:39:61:91:
57:0e:c1:eb:ab:a0:55:28:b8:1b:a4:6c:e7:ad:af:
73:c2:30:a4:72:e0:1f:79:01:13:e8:cb:0c:b2:2b:
00:e0:ee:95:80:0d:71:63:49:5b:94:6f:f1:a6:90:
13:ca:84:d5:fc:c0:a1:66:95:0c:b3:83:07:8b:4e:
30:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:C3:C1:46:28:F2:4F:4A:4A:69:35:DA:3B:AB:3B:48:26:70:F2:A2
X509v3 Authority Key Identifier:
keyid:4C:63:19:FE:78:59:C3:42:F7:CD:9F:71:13:06:F5:65:90:82:8D:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TGMZ_nhZw0L3zZ9xEwb1ZZCCjWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/01e7df-1410-491f-a71b-55830f9edde4/1/UMPBRijyT0pKaTXaO6s7SCZw8qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/01e7df-1410-491f-a71b-55830f9edde4/1/TGMZ_nhZw0L3zZ9xEwb1ZZCCjWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.168.0/23
Signature Algorithm: sha256WithRSAEncryption
24:90:8a:c2:ef:22:cf:2d:2c:5b:0f:ae:09:1c:f9:13:35:00:
27:3c:ee:b3:1a:8d:58:98:86:5c:7e:e6:32:f3:11:08:b7:f6:
53:51:79:60:7e:13:9b:3e:a9:f1:de:d2:ee:ec:76:a4:e2:48:
04:34:a5:9f:64:8e:7c:13:b3:5d:09:1f:f3:55:d1:e3:3a:90:
d2:5a:0b:7a:45:7b:21:0d:ad:61:7e:72:a9:f7:28:ac:cb:fc:
b9:1f:36:35:89:e4:37:b7:d6:ff:63:06:8f:6e:7c:fc:50:28:
05:b1:2b:4b:dc:0f:fd:31:3f:c1:73:db:76:7f:93:48:c4:d4:
06:9d:d6:63:3f:bd:1b:12:80:07:e7:ea:46:68:d3:b5:81:c4:
36:c2:31:26:f6:42:b9:02:e6:29:8a:d4:36:03:d4:31:fb:79:
37:b8:7a:4a:03:4e:42:96:85:7c:6b:7b:81:60:a2:e8:ed:2e:
a0:fb:d1:42:65:b9:25:1c:f0:0e:f7:c0:30:60:24:df:f4:7a:
86:84:59:27:67:13:bb:98:de:fc:1d:87:c4:0b:59:8f:3e:ce:
6b:0e:92:db:1c:80:3c:12:39:85:d3:e0:6d:65:47:7e:1d:4d:
94:02:4a:ed:d0:1e:ea:fb:ee:43:5f:84:3b:c6:57:96:76:0a:
76:02:23:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPI5kFjT+Mj4qQJX9qMkbofMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNjMxOWZlNzg1OWMzNDJmN2NkOWY3MTEzMDZmNTY1OTA4
MjhkNjAwHhcNMjIxMDExMjExNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGMzYzE0NjI4ZjI0ZjRhNGE2OTM1ZGEzYmFiM2I0ODI2NzBmMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Wa9iil8gv9KsLEuvJOfiFfXc7M2
YEVi7w7eGJJ8b00mlXYPg760rn8lTfpUVTcNhDmmC90rCgHaLGw52yKsYEiF+qK0
UOVqIntrAqpF51funZJ9Hj64wz1wB4zoOD6xRAZUBIL2cP7HLzMRdpa3r5894lDG
c6JhY3nktCRVxVRhnJ0aPC9jE2UP3r2NSRJl7MZ/t0TGZ7E42FXRe0FzqWh3duoY
7VQ/Eosl6EeQktagAk/3xxlTOuO0GoMzVXE5YZFXDsHrq6BVKLgbpGznra9zwjCk
cuAfeQET6MsMsisA4O6VgA1xY0lblG/xppATyoTV/MChZpUMs4MHi04wKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFDDwUYo8k9KSmk12jurO0gmcPKiMB8GA1UdIwQY
MBaAFExjGf54WcNC982fcRMG9WWQgo1gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEdNWl9uaFp3MEwzelo5eEV3YjFaWkNDaldBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wMWU3ZGYtMTQxMC00OTFmLWE3MWIt
NTU4MzBmOWVkZGU0LzEvVU1QQlJpanlUMHBLYVRYYU82czdTQ1p3OHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wMWU3ZGYtMTQxMC00OTFmLWE3MWItNTU4MzBmOWVkZGU0
LzEvVEdNWl9uaFp3MEwzelo5eEV3YjFaWkNDaldBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSioMA0G
CSqGSIb3DQEBCwUAA4IBAQAkkIrC7yLPLSxbD64JHPkTNQAnPO6zGo1YmIZcfuYy
8xEIt/ZTUXlgfhObPqnx3tLu7Hak4kgENKWfZI58E7NdCR/zVdHjOpDSWgt6RXsh
Da1hfnKp9yisy/y5HzY1ieQ3t9b/YwaPbnz8UCgFsStL3A/9MT/Bc9t2f5NIxNQG
ndZjP70bEoAH5+pGaNO1gcQ2wjEm9kK5AuYpitQ2A9Qx+3k3uHpKA05CloV8a3uB
YKLo7S6g+9FCZbklHPAO98AwYCTf9HqGhFknZxO7mN78HYfEC1mPPs5rDpLbHIA8
EjmF0+BtZUd+HU2UAkrt0B7q++5DX4Q7xleWdgp2AiNv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:32 2024 by rpki-client on console-fra.rpki-client.org