Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/IkcB53JEqSkuO7ws9vRW1wKY3t0.roa
File: IkcB53JEqSkuO7ws9vRW1wKY3t0.roa (raw, json)
Hash identifier: B3IgR3i+e9DQVUGL3NjVsi1otG23ed2aXzaMDQUTVQY=
Subject key identifier: 22:47:01:E7:72:44:A9:29:2E:3B:BC:2C:F6:F4:56:D7:02:98:DE:DD
Certificate issuer: /CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Certificate serial: 15EF9430
Authority key identifier: C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/IkcB53JEqSkuO7ws9vRW1wKY3t0.roa
Signing time: Sat 01 Jan 2022 06:59:22 +0000
ROA not before: Sat 01 Jan 2022 06:59:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36384
IP address blocks: 89.207.224.0/24 maxlen: 24
89.207.229.0/24 maxlen: 24
2a00:79e1::/32 maxlen: 32
2a00:79e1:f00::/40 maxlen: 40
2a00:79e1:800::/42 maxlen: 42
2a00:79e1:f000::/38 maxlen: 38
2a00:79e1:abc::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 368022576 (0x15ef9430)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Validity
Not Before: Jan 1 06:59:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=224701e77244a9292e3bbc2cf6f456d70298dedd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:46:38:68:a9:17:30:9b:a6:97:3c:fa:df:94:
5e:28:3c:8a:fa:d0:0a:03:97:d5:8c:92:da:10:2b:
8c:78:a5:87:cc:de:13:0e:a8:2e:52:50:82:e2:56:
6a:f5:31:5e:e2:be:dd:64:1a:2d:e0:fc:f4:80:1e:
bb:29:20:b1:59:6e:48:bc:89:38:af:d4:f1:93:91:
d2:c0:25:12:46:8f:44:4e:f9:58:eb:31:21:22:0d:
95:e4:20:e3:ca:08:8d:f2:4a:ea:3e:92:8c:13:db:
a0:05:a9:ae:30:1b:20:0a:49:2a:b4:d8:c5:c0:ab:
ba:bf:ef:70:10:c5:6b:46:6a:35:35:38:fd:c2:7d:
22:a6:81:2a:eb:65:3c:2e:fc:1e:9a:30:0d:ea:16:
82:53:0d:1e:a2:a0:51:af:18:ca:50:dc:33:60:6c:
6d:02:87:8d:31:a8:e0:98:ef:2a:f8:ab:10:a3:6c:
73:c2:72:c0:cb:f2:eb:df:60:05:7d:63:33:de:09:
c5:d0:9c:ea:d4:2f:02:77:00:18:14:1a:87:51:ba:
a6:f1:1b:3d:c4:68:9e:f9:08:8c:ad:eb:f4:5e:ce:
e2:4b:8a:31:e8:55:a5:f5:92:3b:d6:a8:27:9d:e8:
b2:9d:ae:67:7e:76:ad:a8:4c:e6:df:6b:e0:49:7c:
7b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:47:01:E7:72:44:A9:29:2E:3B:BC:2C:F6:F4:56:D7:02:98:DE:DD
X509v3 Authority Key Identifier:
keyid:C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/IkcB53JEqSkuO7ws9vRW1wKY3t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.224.0/24
89.207.229.0/24
IPv6:
2a00:79e1::/32
Signature Algorithm: sha256WithRSAEncryption
91:b8:20:b7:c3:dd:4c:f3:09:d0:1d:68:9b:2a:eb:05:96:91:
9b:f5:52:57:56:98:7b:a6:a4:e9:7b:84:f2:1b:e7:44:ad:09:
b7:59:07:a2:59:c6:f6:6b:14:75:35:98:ef:da:41:35:36:00:
c8:07:54:bb:e7:1b:7b:8e:f7:b7:14:d3:f9:49:db:da:2f:23:
46:fa:95:99:58:0c:4a:b8:13:f6:dc:ee:56:67:bb:20:28:7a:
db:16:00:d4:bc:48:0e:2e:88:e7:e1:32:a6:16:be:b8:33:d4:
6a:b3:91:29:d6:dd:0d:8f:25:f4:07:8f:68:73:a8:20:7e:a3:
ca:9a:b6:a5:87:56:a6:fd:e2:7e:cc:92:93:14:5b:ce:55:7e:
ba:47:4f:d7:ac:6a:7a:2d:65:60:53:3a:14:62:05:b3:de:8b:
c0:82:bf:a1:77:6f:b2:63:79:52:33:68:dc:92:62:04:f2:ef:
de:04:b9:1c:5c:06:6a:a3:61:1e:29:e5:1d:6e:3f:9c:5c:13:
9d:40:f5:c2:d1:72:a3:28:b4:da:00:8b:08:f0:30:63:e2:28:
10:b3:f4:34:1e:32:27:65:78:7e:bf:66:0a:e3:ca:ab:60:d0:
46:25:29:1c:5c:01:a1:bd:7d:75:8a:6f:d5:e0:80:36:ef:25:
01:f9:c5:9c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEFe+UMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MDc0N2ZiZTI2YzljZGQ3NjI4YWRmZWRiNTdiNzhiZThkZTc1ZTI5MB4XDTIyMDEw
MTA2NTkyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI0NzAxZTc3MjQ0
YTkyOTJlM2JiYzJjZjZmNDU2ZDcwMjk4ZGVkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhGOGipFzCbppc8+t+UXig8ivrQCgOX1YyS2hArjHilh8ze
Ew6oLlJQguJWavUxXuK+3WQaLeD89IAeuykgsVluSLyJOK/U8ZOR0sAlEkaPRE75
WOsxISINleQg48oIjfJK6j6SjBPboAWprjAbIApJKrTYxcCrur/vcBDFa0ZqNTU4
/cJ9IqaBKutlPC78HpowDeoWglMNHqKgUa8YylDcM2BsbQKHjTGo4JjvKvirEKNs
c8JywMvy699gBX1jM94JxdCc6tQvAncAGBQah1G6pvEbPcRonvkIjK3r9F7O4kuK
MehVpfWSO9aoJ53osp2uZ352rahM5t9r4El8e4cCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQiRwHnckSpKS47vCz29FbXApje3TAfBgNVHSMEGDAWgBTAdH++JsnN12KK
3+21e3i+jedeKTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dIUl92aWJKemRkaWl0X3R0WHQ0dm8zblhpay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvMjQwNmFiLTNiY2ItNDFiYy1hOTQyLTM2ODYwODM4NTg4My8x
L0lrY0I1M0pFcVNrdU83d3M5dlJXMXdLWTN0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
MjQwNmFiLTNiY2ItNDFiYy1hOTQyLTM2ODYwODM4NTg4My8xL3dIUl92aWJKemRk
aWl0X3R0WHQ0dm8zblhpay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFnP4AMEAFnP5TANBAIAAjAHAwUA
KgB54TANBgkqhkiG9w0BAQsFAAOCAQEAkbggt8PdTPMJ0B1omyrrBZaRm/VSV1aY
e6ak6XuE8hvnRK0Jt1kHolnG9msUdTWY79pBNTYAyAdUu+cbe473txTT+Unb2i8j
RvqVmVgMSrgT9tzuVme7ICh62xYA1LxIDi6I5+Eypha+uDPUarORKdbdDY8l9AeP
aHOoIH6jypq2pYdWpv3ifsySkxRbzlV+ukdP16xqei1lYFM6FGIFs96LwIK/oXdv
smN5UjNo3JJiBPLv3gS5HFwGaqNhHinlHW4/nFwTnUD1wtFyoyi02gCLCPAwY+Io
ELP0NB4yJ2V4fr9mCuPKq2DQRiUpHFwBob19dYpv1eCANu8lAfnFnA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:55 2024 by rpki-client on console-fra.rpki-client.org