Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Z48lM_48_pBe9pMrqWKaPLfcxP4.roa
File: Z48lM_48_pBe9pMrqWKaPLfcxP4.roa (raw, json)
Hash identifier: 59gre6JrBSdUOIuNWQs31ZB1mTOx+cIFVGeWm1i8OsA=
Subject key identifier: 67:8F:25:33:FE:3C:FE:90:5E:F6:93:2B:A9:62:9A:3C:B7:DC:C4:FE
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 3664C777
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Z48lM_48_pBe9pMrqWKaPLfcxP4.roa
Signing time: Sat 01 Jan 2022 13:57:24 +0000
ROA not before: Sat 01 Jan 2022 13:57:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57673
IP address blocks: 185.101.104.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
89.34.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 912574327 (0x3664c777)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 13:57:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=678f2533fe3cfe905ef6932ba9629a3cb7dcc4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:72:4f:6f:3f:82:81:ca:db:f0:5f:1d:50:87:
c8:fe:31:05:4c:4d:21:15:bb:26:98:b7:b4:ca:f5:
d2:14:a1:57:cf:d7:67:c0:aa:11:16:5b:f4:29:2c:
5e:84:1b:b4:93:44:4b:5a:de:ee:fc:11:76:19:bf:
d0:e0:fd:98:31:1d:e8:51:a7:28:a3:05:d5:71:7e:
49:e4:7c:be:42:cc:9e:45:09:00:3c:1e:20:07:34:
63:43:5c:15:d4:f8:0c:9f:32:8d:3a:b5:7a:f1:64:
36:01:26:f8:06:74:35:18:8a:30:ea:5e:57:85:15:
79:43:d3:43:38:4b:b8:67:dd:ba:69:75:df:7d:58:
21:f2:70:a0:99:bb:d7:2c:b5:14:1e:c4:37:03:8c:
e8:ea:65:16:bd:20:0b:f2:e8:9f:eb:55:54:cc:2d:
ae:b4:55:80:59:fb:0e:86:11:06:f4:b1:4f:b3:2b:
31:4b:86:f4:ff:94:e7:ef:42:35:81:fc:1c:c9:f9:
2b:dc:db:b6:29:a2:6a:98:81:82:2d:a4:2c:74:d6:
3b:ab:9d:56:a8:e0:7a:8b:a9:72:5a:39:08:95:95:
2f:11:30:8d:bb:d0:9e:8f:80:6e:60:0b:6a:79:27:
32:8a:d7:63:b6:11:30:fd:59:49:d2:66:d2:4e:56:
85:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8F:25:33:FE:3C:FE:90:5E:F6:93:2B:A9:62:9A:3C:B7:DC:C4:FE
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/Z48lM_48_pBe9pMrqWKaPLfcxP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.26.0/24
185.101.104.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:33:40:0f:92:ed:7c:61:7f:68:97:1f:0a:87:52:94:8c:44:
60:87:3d:80:b7:3c:3b:61:25:29:7d:23:13:fc:fb:08:62:38:
5d:77:58:3c:03:4c:65:e0:fc:8d:1f:a4:b3:d0:5e:68:d7:db:
ce:19:ba:74:e4:96:f7:ba:52:8f:02:d9:1f:43:04:fc:67:15:
c4:39:20:70:fe:65:fe:3f:ec:e4:25:be:65:d9:e9:12:2e:5e:
c8:61:d2:fe:06:f8:27:1c:c3:24:6b:b9:f1:1e:39:e4:f3:c3:
aa:42:ee:5c:49:bb:ba:7f:d3:20:81:cb:82:96:77:45:98:05:
88:bf:74:56:e8:f5:5f:1a:8f:37:92:ea:f0:17:1a:36:a7:de:
76:01:e2:ff:51:8d:ba:5f:3f:bb:b3:35:bd:49:93:fd:e9:25:
3f:dc:5b:b1:44:a2:04:f3:fe:97:a5:93:52:35:97:ed:90:7f:
98:c5:62:95:03:51:82:e4:94:95:a4:71:78:05:2c:c6:19:f3:
ac:84:ce:7c:0f:16:ad:28:c1:5f:fd:82:a5:ba:be:73:30:e7:
02:e1:8e:8e:dc:0d:87:6e:3c:ba:a6:14:bd:fe:ab:16:78:81:
03:2e:c1:ed:eb:9a:c4:1f:a3:68:24:4e:8d:cc:b1:2a:c2:6f:
f2:10:55:88
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENmTHdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWQ0NmUwZTNlOGNhYWFlZDRhNTI5YmQ3ZDczMDhiZDFlZjAxYzFkMB4XDTIyMDEw
MTEzNTcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjc4ZjI1MzNmZTNj
ZmU5MDVlZjY5MzJiYTk2MjlhM2NiN2RjYzRmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhyT28/goHK2/BfHVCHyP4xBUxNIRW7Jpi3tMr10hShV8/X
Z8CqERZb9CksXoQbtJNES1re7vwRdhm/0OD9mDEd6FGnKKMF1XF+SeR8vkLMnkUJ
ADweIAc0Y0NcFdT4DJ8yjTq1evFkNgEm+AZ0NRiKMOpeV4UVeUPTQzhLuGfduml1
331YIfJwoJm71yy1FB7ENwOM6OplFr0gC/Lon+tVVMwtrrRVgFn7DoYRBvSxT7Mr
MUuG9P+U5+9CNYH8HMn5K9zbtimiapiBgi2kLHTWO6udVqjgeoupclo5CJWVLxEw
jbvQno+AbmALanknMorXY7YRMP1ZSdJm0k5Wha8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRnjyUz/jz+kF72kyupYpo8t9zE/jAfBgNVHSMEGDAWgBTx1G4OPoyqrtSl
Kb19cwi9HvAcHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8x
L1o0OGxNXzQ4X3BCZTlwTXJxV0thUExmY3hQNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
ODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8xLzhkUnVEajZNcXE3
VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFkiGgMEAbllaDANBgkqhkiG9w0B
AQsFAAOCAQEAWjNAD5LtfGF/aJcfCodSlIxEYIc9gLc8O2ElKX0jE/z7CGI4XXdY
PANMZeD8jR+ks9BeaNfbzhm6dOSW97pSjwLZH0ME/GcVxDkgcP5l/j/s5CW+Zdnp
Ei5eyGHS/gb4JxzDJGu58R455PPDqkLuXEm7un/TIIHLgpZ3RZgFiL90Vuj1XxqP
N5Lq8BcaNqfedgHi/1GNul8/u7M1vUmT/eklP9xbsUSiBPP+l6WTUjWX7ZB/mMVi
lQNRguSUlaRxeAUsxhnzrITOfA8WrSjBX/2Cpbq+czDnAuGOjtwNh248uqYUvf6r
FniBAy7B7euaxB+jaCROjcyxKsJv8hBViA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:56 2023 by rpki-client on console-ams.rpki-client.org