Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/Z7YmCNfGjOD7JY3PNFl5QQk72Xs.roa
File: Z7YmCNfGjOD7JY3PNFl5QQk72Xs.roa (raw, json)
Hash identifier: W1OOH3TGM61K3VdQwX4eDQTHxiVznAKop+Rv2Iy2Reg=
Subject key identifier: 67:B6:26:08:D7:C6:8C:E0:FB:25:8D:CF:34:59:79:41:09:3B:D9:7B
Certificate issuer: /CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Certificate serial: 0182ABA02E44C5BBA596ACF0129619A12363
Authority key identifier: 8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/Z7YmCNfGjOD7JY3PNFl5QQk72Xs.roa
Signing time: Wed 17 Aug 2022 11:46:17 +0000
ROA not before: Wed 17 Aug 2022 11:46:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207790
IP address blocks: 89.57.128.0/18 maxlen: 24
89.57.64.0/18 maxlen: 24
89.56.0.0/16 maxlen: 24
185.12.88.0/22 maxlen: 22
89.57.0.0/18 maxlen: 24
2a03:7840::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ab:a0:2e:44:c5:bb:a5:96:ac:f0:12:96:19:a1:23:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Validity
Not Before: Aug 17 11:46:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67b62608d7c68ce0fb258dcf34597941093bd97b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b7:80:4a:0f:de:0a:9a:fa:27:50:22:a4:56:
6c:be:0f:cd:f3:aa:3d:74:f5:d9:75:55:fd:88:53:
f2:7d:c5:9f:ac:73:b0:fb:09:1e:38:59:9a:e6:bc:
7d:20:ac:0d:9f:f1:46:6a:38:dd:b0:fe:bd:6e:df:
f6:96:b9:de:e9:6d:a3:f6:b0:43:1e:e6:9c:cc:ca:
f6:b7:04:61:e4:3e:b9:7a:1f:3d:23:c2:1b:18:66:
f8:91:19:8a:23:a9:82:2d:2a:6a:21:e8:77:9c:7e:
aa:48:00:ed:e6:9c:44:bc:fb:41:23:e2:14:92:42:
f0:34:7f:89:d1:31:d2:e8:79:64:f8:45:54:c1:34:
6d:f0:35:70:f3:24:e2:a0:e1:46:50:31:e7:81:1d:
0e:29:b0:d1:e2:08:c5:40:58:cb:54:0c:93:0c:8d:
32:b5:37:a8:a7:dd:3c:32:c3:0c:a8:8d:de:c5:e7:
42:1e:9d:85:e0:f3:07:31:b9:ae:f1:23:73:76:42:
d3:77:b3:6e:6e:44:01:67:50:a7:f6:e5:ca:c4:08:
1a:17:89:c3:25:fb:71:38:ac:73:dc:a0:34:22:20:
5e:f8:44:e5:3b:98:61:bc:5c:46:49:19:11:67:91:
56:34:6a:95:43:13:b0:02:4d:cd:89:ff:8e:b4:c9:
ac:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:B6:26:08:D7:C6:8C:E0:FB:25:8D:CF:34:59:79:41:09:3B:D9:7B
X509v3 Authority Key Identifier:
keyid:8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/Z7YmCNfGjOD7JY3PNFl5QQk72Xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/i542u2_vkyj1GOSxBfwhLBUqjGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.56.0.0-89.57.191.255
185.12.88.0/22
IPv6:
2a03:7840::/29
Signature Algorithm: sha256WithRSAEncryption
1b:ab:39:c1:67:c7:fd:f9:55:8b:f5:51:4c:59:2a:81:ca:96:
db:0a:bf:b5:bd:10:6e:8a:89:bc:a2:04:be:2e:5d:77:d9:db:
e7:84:cc:f9:49:0d:a5:73:10:06:6d:7b:15:e4:1c:be:a4:9b:
8f:a9:2e:c9:d0:df:1a:05:77:9c:b2:91:73:7c:ec:c5:31:fa:
19:9f:e1:e8:10:e0:6d:b6:2a:5c:38:b6:8b:a6:1d:7b:eb:3b:
0c:cb:b7:2e:a5:be:04:8f:e8:7f:0d:5d:99:57:aa:ed:a4:35:
11:a1:80:de:04:17:16:7c:95:81:e4:f1:95:60:80:d4:f8:bc:
7f:0a:a5:05:a5:ab:3b:d2:07:3b:a5:2f:63:79:14:b3:fa:ed:
d7:80:82:3b:1a:9b:8a:3a:63:f6:b2:7f:85:fd:e5:47:b9:05:
c4:37:c5:09:73:b8:29:eb:46:67:10:d6:23:37:05:92:aa:e4:
af:61:ba:c2:a9:a3:84:b1:41:fc:8b:f3:a3:85:fe:b0:93:f4:
26:38:e5:a5:dc:d2:e9:91:33:ed:40:d1:53:d3:a9:11:ce:1d:
f1:d0:15:66:7e:ac:17:3e:ac:b3:6d:7d:b0:2f:b4:f8:0a:02:
a5:8d:1b:00:34:69:5d:c7:31:50:dc:63:d1:88:e1:61:79:7a:
da:82:95:3c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYKroC5ExbullqzwEpYZoSNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOWUzNmJiNmZlZjkzMjhmNTE4ZTRiMTA1ZmMyMTJjMTUy
YThjNjgwHhcNMjIwODE3MTE0NjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2I2MjYwOGQ3YzY4Y2UwZmIyNThkY2YzNDU5Nzk0MTA5M2JkOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbeASg/eCpr6J1AipFZsvg/N86o9
dPXZdVX9iFPyfcWfrHOw+wkeOFma5rx9IKwNn/FGajjdsP69bt/2lrne6W2j9rBD
HuaczMr2twRh5D65eh89I8IbGGb4kRmKI6mCLSpqIeh3nH6qSADt5pxEvPtBI+IU
kkLwNH+J0THS6Hlk+EVUwTRt8DVw8yTioOFGUDHngR0OKbDR4gjFQFjLVAyTDI0y
tTeop908MsMMqI3exedCHp2F4PMHMbmu8SNzdkLTd7NubkQBZ1Cn9uXKxAgaF4nD
JftxOKxz3KA0IiBe+ETlO5hhvFxGSRkRZ5FWNGqVQxOwAk3Nif+OtMmsjQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGe2JgjXxozg+yWNzzRZeUEJO9l7MB8GA1UdIwQY
MBaAFIueNrtv75Mo9RjksQX8ISwVKoxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTU0MnUyX3ZreWoxR09TeEJmd2hMQlVxakdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80YTBlOGQtMGJiZS00MjEzLTk4YjEt
MWExMTZhNTM0NDgzLzEvWjdZbUNOZkdqT0Q3SlkzUE5GbDVRUWs3MlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80YTBlOGQtMGJiZS00MjEzLTk4YjEtMWExMTZhNTM0NDgz
LzEvaTU0MnUyX3ZreWoxR09TeEJmd2hMQlVxakdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATMAsDAwNZOAME
Blk5gAMEArkMWDANBAIAAjAHAwUDKgN4QDANBgkqhkiG9w0BAQsFAAOCAQEAG6s5
wWfH/flVi/VRTFkqgcqW2wq/tb0QboqJvKIEvi5dd9nb54TM+UkNpXMQBm17FeQc
vqSbj6kuydDfGgV3nLKRc3zsxTH6GZ/h6BDgbbYqXDi2i6Yde+s7DMu3LqW+BI/o
fw1dmVeq7aQ1EaGA3gQXFnyVgeTxlWCA1Pi8fwqlBaWrO9IHO6UvY3kUs/rt14CC
Oxqbijpj9rJ/hf3lR7kFxDfFCXO4KetGZxDWIzcFkqrkr2G6wqmjhLFB/Ivzo4X+
sJP0JjjlpdzS6ZEz7UDRU9OpEc4d8dAVZn6sFz6ss219sC+0+AoCpY0bADRpXccx
UNxj0YjhYXl62oKVPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org