Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/J-YOkqdT7bYigdtVQNlXHFXVBmU.roa
File: J-YOkqdT7bYigdtVQNlXHFXVBmU.roa (raw, json)
Hash identifier: 1brGdzf6AC6WPDnSg5khlcsv9uZhtpfanf9a0hSlopQ=
Subject key identifier: 27:E6:0E:92:A7:53:ED:B6:22:81:DB:55:40:D9:57:1C:55:D5:06:65
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 380C437D
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/J-YOkqdT7bYigdtVQNlXHFXVBmU.roa
Signing time: Sat 01 Jan 2022 04:04:08 +0000
ROA not before: Sat 01 Jan 2022 04:04:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208685
IP address blocks: 89.47.1.0/24 maxlen: 24
2a00:1ca8:8a::/48 maxlen: 48
2a03:3f40:35::/48 maxlen: 48
2a03:3f40:89::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 940327805 (0x380c437d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 1 04:04:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27e60e92a753edb62281db5540d9571c55d50665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:18:1d:2c:a9:99:c1:06:e3:4d:35:19:06:45:
30:79:a9:f1:e2:11:92:70:ab:9f:2e:20:8f:47:1b:
9e:4d:48:4e:8d:02:23:0a:6f:42:3a:39:76:e5:eb:
65:78:c5:a1:a4:cb:0f:57:f8:14:f9:86:0a:7f:07:
ba:97:d1:a4:00:68:12:62:48:7f:20:a0:6d:b8:06:
c4:37:d4:6e:b9:61:f6:9c:16:58:73:8c:18:16:58:
6f:d8:d7:0a:77:bf:06:06:84:5b:af:ea:94:18:5e:
20:fd:a8:35:32:21:c3:d3:4d:5c:53:38:c3:83:85:
64:b2:2f:23:8a:22:63:14:8f:ee:78:e2:0e:dc:45:
be:63:7d:29:6f:59:e3:f3:f5:b9:ea:0c:12:cd:5b:
93:88:54:29:21:d5:fb:84:e5:78:0f:08:67:f5:5e:
7e:07:e5:18:2b:48:51:00:e4:ab:ee:92:79:24:e7:
3a:96:58:eb:20:87:72:75:c1:cb:1b:3b:65:2f:5b:
e2:3b:d0:7f:ec:1d:57:25:03:b3:b3:d9:aa:f6:95:
c8:d5:5e:44:ca:8c:06:43:42:14:d9:eb:2d:de:92:
c9:4c:13:e9:6e:ac:45:8e:f6:2e:90:da:e5:98:f4:
a6:5d:08:04:d0:c7:c0:0e:fe:33:fb:4a:c3:fd:cd:
72:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:E6:0E:92:A7:53:ED:B6:22:81:DB:55:40:D9:57:1C:55:D5:06:65
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/J-YOkqdT7bYigdtVQNlXHFXVBmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.1.0/24
IPv6:
2a00:1ca8:8a::/48
2a03:3f40:35::/48
2a03:3f40:89::/48
Signature Algorithm: sha256WithRSAEncryption
1c:63:d5:78:49:e8:49:78:13:3c:5b:61:03:82:11:1b:fa:cb:
b7:4a:c0:15:2a:27:3d:f4:20:03:14:13:91:27:54:9f:c7:b0:
e4:91:fc:16:9e:9e:92:af:f2:56:e6:d4:0a:b3:38:5f:63:15:
21:08:bc:fa:22:b0:63:3f:98:19:20:62:03:f7:33:28:a9:43:
f9:3f:6a:2d:32:0b:56:29:4c:2c:6b:ed:dc:c5:98:24:61:93:
0c:cd:fc:fc:ed:13:7f:a7:78:36:52:1f:bf:3f:23:0f:41:48:
c2:7f:f4:bf:a7:27:5e:7a:2d:b0:30:ee:c0:bc:98:e7:ab:56:
78:b7:e3:5f:c8:25:92:d0:d4:a5:d4:3e:2e:8b:57:c9:d1:bf:
fd:2c:0d:f9:87:4c:7a:59:10:03:c6:95:cb:93:c7:a8:be:5a:
0d:e7:cc:ca:ec:e7:02:e3:02:a7:ed:2a:c5:e2:64:c1:36:a9:
25:4a:55:f9:76:bc:77:3b:63:3d:89:aa:39:70:65:72:25:88:
31:4a:ca:79:d8:5e:8e:9e:fd:da:60:97:05:ee:0b:55:d7:17:
b6:22:33:75:df:8a:05:bd:d9:0b:01:90:da:b3:0e:12:1b:cf:
21:98:ac:b2:cc:68:1d:ca:94:0a:5a:6a:a2:cb:e2:fe:08:0b:
84:e1:a8:63
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEOAxDfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjMxMTY2ZGU3ODVhMzUzMWJkYzgzNjFmMTE5MGE4MzY5YTdlZDZhMB4XDTIyMDEw
MTA0MDQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjdlNjBlOTJhNzUz
ZWRiNjIyODFkYjU1NDBkOTU3MWM1NWQ1MDY2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0YHSypmcEG4001GQZFMHmp8eIRknCrny4gj0cbnk1ITo0C
IwpvQjo5duXrZXjFoaTLD1f4FPmGCn8HupfRpABoEmJIfyCgbbgGxDfUbrlh9pwW
WHOMGBZYb9jXCne/BgaEW6/qlBheIP2oNTIhw9NNXFM4w4OFZLIvI4oiYxSP7nji
DtxFvmN9KW9Z4/P1ueoMEs1bk4hUKSHV+4TleA8IZ/VefgflGCtIUQDkq+6SeSTn
OpZY6yCHcnXByxs7ZS9b4jvQf+wdVyUDs7PZqvaVyNVeRMqMBkNCFNnrLd6SyUwT
6W6sRY72LpDa5Zj0pl0IBNDHwA7+M/tKw/3NctMCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQn5g6Sp1PttiKB21VA2VccVdUGZTAfBgNVHSMEGDAWgBQmMRZt54WjUxvc
g2HxGQqDaaftajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pqRVdiZWVGbzFNYjNJTmg4UmtLZzJtbjdXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvZmIwMTU3LTY3NDYtNGIwMC04ZjhlLWI4OWEyNjE5OTk3Ni8x
L0otWU9rcWRUN2JZaWdkdFZRTmxYSEZYVkJtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
ZmIwMTU3LTY3NDYtNGIwMC04ZjhlLWI4OWEyNjE5OTk3Ni8xL0pqRVdiZWVGbzFN
YjNJTmg4UmtLZzJtbjdXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwDAQCAAEwBgMEAFkvATAhBAIAAjAbAwcAKgAcqACK
AwcAKgM/QAA1AwcAKgM/QACJMA0GCSqGSIb3DQEBCwUAA4IBAQAcY9V4SehJeBM8
W2EDghEb+su3SsAVKic99CADFBORJ1Sfx7DkkfwWnp6Sr/JW5tQKszhfYxUhCLz6
IrBjP5gZIGID9zMoqUP5P2otMgtWKUwsa+3cxZgkYZMMzfz87RN/p3g2Uh+/PyMP
QUjCf/S/pydeei2wMO7AvJjnq1Z4t+NfyCWS0NSl1D4ui1fJ0b/9LA35h0x6WRAD
xpXLk8eovloN58zK7OcC4wKn7SrF4mTBNqklSlX5drx3O2M9iao5cGVyJYgxSsp5
2F6Onv3aYJcF7gtV1xe2IjN134oFvdkLAZDasw4SG88hmKyyzGgdypQKWmqiy+L+
CAuE4ahj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:48 2024 by rpki-client on console-fra.rpki-client.org