Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/5176f6-bbd4-46e6-9c74-1543943aab73/1/u8jru14uQEMvzS0XS6RJ3nNGDBs.roa
File: u8jru14uQEMvzS0XS6RJ3nNGDBs.roa (raw, json)
Hash identifier: e70nqq4nPeJuaBnr1c8SMv0qW9qfcf2i0rar0Hc9A6A=
Subject key identifier: BB:C8:EB:BB:5E:2E:40:43:2F:CD:2D:17:4B:A4:49:DE:73:46:0C:1B
Certificate issuer: /CN=1d8bca2abce4beaeaba98656168846df0c46a3f3
Certificate serial: 01035FAD
Authority key identifier: 1D:8B:CA:2A:BC:E4:BE:AE:AB:A9:86:56:16:88:46:DF:0C:46:A3:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HYvKKrzkvq6rqYZWFohG3wxGo_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/5176f6-bbd4-46e6-9c74-1543943aab73/1/u8jru14uQEMvzS0XS6RJ3nNGDBs.roa
Signing time: Sat 01 Jan 2022 03:59:34 +0000
ROA not before: Sat 01 Jan 2022 03:59:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 89.248.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16998317 (0x1035fad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d8bca2abce4beaeaba98656168846df0c46a3f3
Validity
Not Before: Jan 1 03:59:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbc8ebbb5e2e40432fcd2d174ba449de73460c1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:74:57:9a:71:35:e4:4b:90:1c:9e:97:4c:67:
99:2c:2d:30:8b:20:48:c6:23:a2:bc:b4:4d:07:45:
e2:b1:e4:92:86:17:0e:7d:f0:3c:3a:d5:ac:4d:1c:
f0:89:b0:e4:bf:45:79:1f:44:c3:02:af:28:88:d7:
bb:55:26:b1:93:8d:15:48:f1:13:67:6b:26:f6:e9:
48:56:31:b3:34:4d:be:ce:64:94:a3:c2:38:6c:a8:
a4:16:f0:95:c3:4e:3b:66:ac:59:64:ec:5e:8c:9b:
cc:65:c9:20:0b:86:d1:02:61:1e:18:81:ec:46:33:
69:8e:c0:f2:84:bf:ce:99:06:00:ea:d5:5c:dd:28:
e8:82:40:43:c5:d6:fd:99:34:a6:1c:86:1a:df:93:
19:66:8a:1d:5a:76:c8:99:67:38:d2:b4:fb:4f:68:
b0:4b:e7:89:4a:5f:fb:0d:13:6f:78:97:3f:5b:33:
85:fa:c4:d2:ff:e4:4e:de:f8:8d:29:f5:5c:8e:df:
e8:71:94:5d:da:8b:d6:27:62:83:c2:cf:91:ee:bc:
6b:f8:1a:85:73:7f:2a:1d:f1:43:5f:71:fa:b4:e9:
3f:8a:22:0d:5f:2d:cc:c2:da:55:56:a6:1b:60:1e:
b3:e7:1c:63:dc:a5:d0:9a:1f:31:6c:f8:8c:6b:d0:
d7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C8:EB:BB:5E:2E:40:43:2F:CD:2D:17:4B:A4:49:DE:73:46:0C:1B
X509v3 Authority Key Identifier:
keyid:1D:8B:CA:2A:BC:E4:BE:AE:AB:A9:86:56:16:88:46:DF:0C:46:A3:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HYvKKrzkvq6rqYZWFohG3wxGo_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/5176f6-bbd4-46e6-9c74-1543943aab73/1/u8jru14uQEMvzS0XS6RJ3nNGDBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/5176f6-bbd4-46e6-9c74-1543943aab73/1/HYvKKrzkvq6rqYZWFohG3wxGo_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.64.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:b4:ed:cd:0c:b3:94:33:65:f0:42:ba:60:32:52:b5:bf:a8:
26:64:30:49:bc:f7:4e:45:35:8f:f5:58:38:c7:c0:44:e8:13:
16:13:2d:74:67:fd:62:d7:6b:b7:49:71:1b:d6:56:31:29:71:
e1:6c:68:7a:ab:17:a3:f5:94:72:48:bc:36:99:be:bf:e8:89:
b6:f8:d5:44:c9:9f:66:84:1a:3b:96:19:4f:89:2d:40:fa:34:
fd:0d:98:8d:fa:14:bd:d9:57:77:05:72:f3:c1:cf:5e:d2:2c:
1f:4e:b6:0e:7d:75:69:c6:89:53:9d:96:0f:e6:8c:21:1c:37:
33:36:14:36:e4:d8:a7:6d:fe:d1:28:be:b1:8a:73:f6:5c:0a:
59:7f:a0:8a:f9:c1:6e:02:ea:ff:a8:b5:06:d4:ca:47:93:50:
05:55:d0:0b:a9:e2:8d:62:db:1c:fd:da:98:ea:e7:e3:87:24:
5e:f8:ea:11:a5:37:23:40:67:b5:c5:3d:d1:c3:54:bc:38:7f:
ea:9f:6a:1c:b1:89:90:f2:50:f4:b2:61:9f:62:b4:b6:39:89:
fc:6a:4e:30:ae:7f:e2:ac:2d:66:b9:69:01:0f:85:a5:81:82:
7d:c2:06:99:08:d0:d0:96:eb:9a:97:ee:fe:2d:15:15:b4:fb:
59:18:e4:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQNfrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDhiY2EyYWJjZTRiZWFlYWJhOTg2NTYxNjg4NDZkZjBjNDZhM2YzMB4XDTIyMDEw
MTAzNTkzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJjOGViYmI1ZTJl
NDA0MzJmY2QyZDE3NGJhNDQ5ZGU3MzQ2MGMxYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALV0V5pxNeRLkByel0xnmSwtMIsgSMYjory0TQdF4rHkkoYX
Dn3wPDrVrE0c8Imw5L9FeR9EwwKvKIjXu1UmsZONFUjxE2drJvbpSFYxszRNvs5k
lKPCOGyopBbwlcNOO2asWWTsXoybzGXJIAuG0QJhHhiB7EYzaY7A8oS/zpkGAOrV
XN0o6IJAQ8XW/Zk0phyGGt+TGWaKHVp2yJlnONK0+09osEvniUpf+w0Tb3iXP1sz
hfrE0v/kTt74jSn1XI7f6HGUXdqL1idig8LPke68a/gahXN/Kh3xQ19x+rTpP4oi
DV8tzMLaVVamG2Aes+ccY9yl0JofMWz4jGvQ10sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS7yOu7Xi5AQy/NLRdLpEnec0YMGzAfBgNVHSMEGDAWgBQdi8oqvOS+rqup
hlYWiEbfDEaj8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hZdktLcnprdnE2cnFZWldGb2hHM3d4R29fTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvNTE3NmY2LWJiZDQtNDZlNi05Yzc0LTE1NDM5NDNhYWI3My8x
L3U4anJ1MTR1UUVNdnpTMFhTNlJKM25OR0RCcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
NTE3NmY2LWJiZDQtNDZlNi05Yzc0LTE1NDM5NDNhYWI3My8xL0hZdktLcnprdnE2
cnFZWldGb2hHM3d4R29fTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFn4QDANBgkqhkiG9w0BAQsFAAOC
AQEATrTtzQyzlDNl8EK6YDJStb+oJmQwSbz3TkU1j/VYOMfAROgTFhMtdGf9Ytdr
t0lxG9ZWMSlx4WxoeqsXo/WUcki8Npm+v+iJtvjVRMmfZoQaO5YZT4ktQPo0/Q2Y
jfoUvdlXdwVy88HPXtIsH062Dn11acaJU52WD+aMIRw3MzYUNuTYp23+0Si+sYpz
9lwKWX+givnBbgLq/6i1BtTKR5NQBVXQC6nijWLbHP3amOrn44ckXvjqEaU3I0Bn
tcU90cNUvDh/6p9qHLGJkPJQ9LJhn2K0tjmJ/GpOMK5/4qwtZrlpAQ+FpYGCfcIG
mQjQ0Jbrmpfu/i0VFbT7WRjkhg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:22 2023 by rpki-client on console-ams.rpki-client.org