Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/_2htelZn6v1tM70Uc3Fiu-mLSKA.roa
File: _2htelZn6v1tM70Uc3Fiu-mLSKA.roa (raw, json)
Hash identifier: kpmhGwk50DmmllAtmu9vwNG4wxKNeERIT+BYxq/fLpI=
Subject key identifier: FF:68:6D:7A:56:67:EA:FD:6D:33:BD:14:73:71:62:BB:E9:8B:48:A0
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 059A80B7
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/_2htelZn6v1tM70Uc3Fiu-mLSKA.roa
Signing time: Sat 01 Jan 2022 07:03:59 +0000
ROA not before: Sat 01 Jan 2022 07:03:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41732
IP address blocks: 89.42.133.0/24 maxlen: 24
2a03:9c00:d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94011575 (0x59a80b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 07:03:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff686d7a5667eafd6d33bd14737162bbe98b48a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:55:a7:aa:20:85:e1:0b:f3:89:35:93:4f:0c:
dc:a9:e4:bc:d4:39:25:10:60:66:a0:65:9d:d8:c2:
15:94:05:0d:8f:55:a9:35:df:00:d7:cb:47:bf:e9:
ce:d1:f5:a5:9e:09:96:47:11:9d:7f:fb:42:a6:c8:
19:5e:3f:c3:54:73:0d:3d:f5:35:7b:04:70:d0:ee:
9f:0a:bf:c5:c7:b6:23:7a:7f:d0:df:b5:8a:25:0c:
9f:2a:0a:8c:68:e9:26:37:eb:bb:9c:c8:96:89:9d:
40:ee:b7:a8:84:44:87:be:01:a8:b4:c9:70:31:01:
4d:f2:1d:54:59:4f:8c:93:c0:c5:58:9f:fb:b0:c1:
88:cf:d1:c2:29:7e:13:f6:7e:64:27:32:82:04:07:
a7:47:2f:c5:7b:60:4d:94:fd:12:98:7e:fd:c4:c1:
fd:df:cb:3e:86:03:01:a8:d3:ca:11:76:f9:12:e2:
df:6b:a3:01:ef:19:7e:99:15:df:ba:c1:9d:df:2d:
85:c7:b2:fb:4c:41:48:ec:db:2b:25:ff:8a:29:51:
81:14:f0:2c:81:d2:27:6f:f4:23:00:bc:52:b4:da:
f7:5e:07:71:42:89:be:cb:a3:84:d9:d9:61:b7:41:
01:d6:f6:51:dd:d9:d8:f9:45:b8:0e:40:58:a6:8e:
ea:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:68:6D:7A:56:67:EA:FD:6D:33:BD:14:73:71:62:BB:E9:8B:48:A0
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/_2htelZn6v1tM70Uc3Fiu-mLSKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.133.0/24
IPv6:
2a03:9c00:d::/48
Signature Algorithm: sha256WithRSAEncryption
56:9f:fe:d4:ae:b1:17:24:19:83:98:b3:98:59:47:b5:4b:84:
2f:a4:24:8d:20:39:b9:e8:00:5c:34:22:2c:32:da:b9:55:3b:
12:94:23:7e:fa:6f:ef:72:f8:93:af:6d:39:a4:4a:99:41:dd:
6b:c3:07:6e:20:d9:2b:56:eb:18:4d:51:7f:9c:87:6f:3b:e3:
22:02:21:db:09:dc:84:91:41:27:36:0b:73:d8:d2:e1:8a:b9:
f7:be:90:9b:24:a5:dd:14:2c:5e:5b:71:e2:bd:2d:77:44:ea:
e9:1a:8e:37:d9:0e:8b:f1:9b:73:ef:f0:e9:e8:86:34:ff:7a:
9b:37:12:a4:42:93:35:ae:0a:9b:26:27:8a:2a:fe:92:4e:f6:
3d:11:fc:02:7c:4b:ac:ed:f6:1a:6a:fd:67:b8:42:97:9b:e0:
40:94:92:6d:a7:11:ad:8f:33:91:7f:38:d0:4b:7a:38:a4:4c:
32:38:d7:6b:26:42:af:0d:d1:d7:1b:f2:03:cc:57:2a:e8:d3:
31:92:72:39:56:b5:e6:d6:8e:fe:f8:d0:6e:89:3c:a2:35:8b:
ce:b2:0e:d9:ec:b0:bc:90:d3:04:ee:37:bd:58:92:88:86:77:
77:a5:64:91:f0:3e:a5:51:dc:2e:6d:a5:89:6e:5c:59:78:86:
e8:e8:bc:91
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBZqAtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2VmNThkNGNmYTM1NTQzZjg0ODhhMjc1NmU2OTI0ZTY0N2I0NTg5MB4XDTIyMDEw
MTA3MDM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY2ODZkN2E1NjY3
ZWFmZDZkMzNiZDE0NzM3MTYyYmJlOThiNDhhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1Vp6ogheEL84k1k08M3KnkvNQ5JRBgZqBlndjCFZQFDY9V
qTXfANfLR7/pztH1pZ4JlkcRnX/7QqbIGV4/w1RzDT31NXsEcNDunwq/xce2I3p/
0N+1iiUMnyoKjGjpJjfru5zIlomdQO63qIREh74BqLTJcDEBTfIdVFlPjJPAxVif
+7DBiM/Rwil+E/Z+ZCcyggQHp0cvxXtgTZT9Eph+/cTB/d/LPoYDAajTyhF2+RLi
32ujAe8ZfpkV37rBnd8thcey+0xBSOzbKyX/iilRgRTwLIHSJ2/0IwC8UrTa914H
cUKJvsujhNnZYbdBAdb2Ud3Z2PlFuA5AWKaO6o8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT/aG16Vmfq/W0zvRRzcWK76YtIoDAfBgNVHSMEGDAWgBTc71jUz6NVQ/hI
iidW5pJOZHtFiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNPOVkxTS1qVlVQNFNJb25WdWFTVG1SN1JZay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8x
L18yaHRlbFpuNnYxdE03MFVjM0ZpdS1tTFNLQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZWE0NDU1LTc4MzYtNDRjNC1iMmEzLTJlY2UwNGUxODVjMi8xLzNPOVkxTS1qVlVQ
NFNJb25WdWFTVG1SN1JZay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFkqhTAPBAIAAjAJAwcAKgOcAAAN
MA0GCSqGSIb3DQEBCwUAA4IBAQBWn/7UrrEXJBmDmLOYWUe1S4QvpCSNIDm56ABc
NCIsMtq5VTsSlCN++m/vcviTr205pEqZQd1rwwduINkrVusYTVF/nIdvO+MiAiHb
CdyEkUEnNgtz2NLhirn3vpCbJKXdFCxeW3HivS13ROrpGo432Q6L8Ztz7/Dp6IY0
/3qbNxKkQpM1rgqbJieKKv6STvY9EfwCfEus7fYaav1nuEKXm+BAlJJtpxGtjzOR
fzjQS3o4pEwyONdrJkKvDdHXG/IDzFcq6NMxknI5VrXm1o7++NBuiTyiNYvOsg7Z
7LC8kNME7je9WJKIhnd3pWSR8D6lUdwubaWJblxZeIbo6LyR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org