Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/MrV7xRpkIUHX8bfeYvseLAxQNLQ.roa
File: MrV7xRpkIUHX8bfeYvseLAxQNLQ.roa (raw, json)
Hash identifier: tM1BBjmbAwBKE96RmFVo8FRI2UZBalQBO27mfksOoQg=
Subject key identifier: 32:B5:7B:C5:1A:64:21:41:D7:F1:B7:DE:62:FB:1E:2C:0C:50:34:B4
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 365C0197
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/MrV7xRpkIUHX8bfeYvseLAxQNLQ.roa
Signing time: Sat 01 Jan 2022 13:57:18 +0000
ROA not before: Sat 01 Jan 2022 13:57:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34630
IP address blocks: 89.42.80.0/21 maxlen: 21
89.42.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 911999383 (0x365c0197)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 13:57:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32b57bc51a642141d7f1b7de62fb1e2c0c5034b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:da:f1:5f:b3:62:e2:66:c0:20:43:c8:a7:39:
b7:d8:c2:05:81:bd:ca:d9:ae:de:f6:af:a7:6a:69:
3d:a5:76:37:2a:4f:51:1f:64:84:df:d0:22:41:7d:
76:31:77:b2:bd:6c:45:f6:ec:46:42:09:d8:97:e4:
49:3c:34:4c:69:86:e7:fc:f6:dd:e9:39:12:39:cc:
81:22:65:a3:aa:19:74:1b:59:88:5e:2e:59:bb:96:
6c:51:3a:7b:0d:c6:73:1a:ad:39:91:f5:cc:05:1e:
ba:25:a6:d9:35:cb:b2:f6:ac:a2:ed:59:6a:fc:ab:
49:ed:af:c5:df:f8:df:a1:36:b7:9f:8b:96:68:f7:
ce:85:67:5c:14:25:47:cb:e6:f2:e8:66:85:58:bf:
1d:d3:ce:a3:65:83:11:b1:eb:a0:d2:40:a6:b6:63:
86:3b:b5:c6:1a:1a:06:b9:8d:4a:0f:68:f0:b0:6c:
86:b1:ce:11:8f:67:b2:e4:08:a2:da:e2:6a:d5:e4:
6c:ec:d7:9d:67:ba:77:5b:56:4b:6e:08:12:d5:df:
94:b2:6f:d4:d0:55:37:5d:43:a9:8e:b0:3e:49:79:
d1:56:a5:89:40:a0:52:62:4b:dd:b1:32:b1:f5:ea:
ae:f1:c2:b2:44:08:ee:9f:dc:e6:5d:6d:65:68:4f:
67:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:B5:7B:C5:1A:64:21:41:D7:F1:B7:DE:62:FB:1E:2C:0C:50:34:B4
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/MrV7xRpkIUHX8bfeYvseLAxQNLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.80.0/20
Signature Algorithm: sha256WithRSAEncryption
15:5a:e0:39:34:fe:c6:9b:b9:95:e9:31:71:d0:d4:3f:23:25:
60:aa:c1:ea:ed:b3:af:b6:95:3e:71:83:5f:95:ee:20:e8:9b:
1c:51:4f:1b:bb:b6:3b:a2:59:a7:3b:a0:f0:9c:0f:34:41:d1:
03:14:02:f9:65:68:9e:34:2e:78:fe:27:54:e7:00:df:74:ed:
a0:fb:f1:eb:2e:29:5e:5f:b7:01:b7:54:ba:b7:89:dd:91:0a:
11:eb:2e:b8:1d:55:60:28:f3:cb:5e:31:1f:7c:74:71:ff:7f:
9b:71:0b:bb:8f:5a:9e:5f:60:96:82:9e:a3:7b:16:82:45:6e:
ff:1d:38:94:c5:29:28:17:a6:e9:af:33:8f:ee:5d:8f:87:58:
e7:8a:b4:de:59:18:5f:05:ae:ac:43:39:ce:18:af:90:79:80:
c8:89:4f:8c:46:24:22:15:a3:56:11:97:ff:9f:cb:c6:0c:11:
f7:c5:27:da:46:16:66:92:8c:59:e4:9f:bb:98:a0:d6:66:10:
e4:e1:df:2a:3a:69:d7:8f:fe:5b:36:cc:ee:a6:04:43:6a:82:
9a:e5:d7:f3:6b:0a:40:43:88:83:0b:09:10:e3:4d:54:6d:18:
54:fe:b8:80:f4:fb:d0:29:fd:c3:9f:ae:04:4e:c7:cd:ac:52:
50:f6:5e:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENlwBlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWQ0NmUwZTNlOGNhYWFlZDRhNTI5YmQ3ZDczMDhiZDFlZjAxYzFkMB4XDTIyMDEw
MTEzNTcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzJiNTdiYzUxYTY0
MjE0MWQ3ZjFiN2RlNjJmYjFlMmMwYzUwMzRiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANza8V+zYuJmwCBDyKc5t9jCBYG9ytmu3vavp2ppPaV2NypP
UR9khN/QIkF9djF3sr1sRfbsRkIJ2JfkSTw0TGmG5/z23ek5EjnMgSJlo6oZdBtZ
iF4uWbuWbFE6ew3GcxqtOZH1zAUeuiWm2TXLsvasou1ZavyrSe2vxd/436E2t5+L
lmj3zoVnXBQlR8vm8uhmhVi/HdPOo2WDEbHroNJAprZjhju1xhoaBrmNSg9o8LBs
hrHOEY9nsuQIotriatXkbOzXnWe6d1tWS24IEtXflLJv1NBVN11DqY6wPkl50Val
iUCgUmJL3bEysfXqrvHCskQI7p/c5l1tZWhPZ48CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQytXvFGmQhQdfxt95i+x4sDFA0tDAfBgNVHSMEGDAWgBTx1G4OPoyqrtSl
Kb19cwi9HvAcHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8x
L01yVjd4UnBrSVVIWDhiZmVZdnNlTEF4UU5MUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
ODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8xLzhkUnVEajZNcXE3
VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFkqUDANBgkqhkiG9w0BAQsFAAOC
AQEAFVrgOTT+xpu5lekxcdDUPyMlYKrB6u2zr7aVPnGDX5XuIOibHFFPG7u2O6JZ
pzug8JwPNEHRAxQC+WVonjQueP4nVOcA33TtoPvx6y4pXl+3AbdUureJ3ZEKEesu
uB1VYCjzy14xH3x0cf9/m3ELu49anl9gloKeo3sWgkVu/x04lMUpKBem6a8zj+5d
j4dY54q03lkYXwWurEM5zhivkHmAyIlPjEYkIhWjVhGX/5/LxgwR98Un2kYWZpKM
WeSfu5ig1mYQ5OHfKjpp14/+WzbM7qYEQ2qCmuXX82sKQEOIgwsJEONNVG0YVP64
gPT70Cn9w5+uBE7HzaxSUPZeRA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org