Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/ounofyhzDeLlT8t25VXeqTcluOg.roa
File: ounofyhzDeLlT8t25VXeqTcluOg.roa (raw, json)
Hash identifier: knKEzMoCQdV2DAMMlm6TSBkmdEerDMhpRMX24T74MQ4=
Subject key identifier: A2:E9:E8:7F:28:73:0D:E2:E5:4F:CB:76:E5:55:DE:A9:37:25:B8:E8
Certificate issuer: /CN=e6d17b13653ff1e3e7822eb1e5e0a17f4d4f7881
Certificate serial: 0181D811690BC3CAF5072436AC2221029A93
Authority key identifier: E6:D1:7B:13:65:3F:F1:E3:E7:82:2E:B1:E5:E0:A1:7F:4D:4F:78:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5tF7E2U_8ePngi6x5eChf01PeIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/ounofyhzDeLlT8t25VXeqTcluOg.roa
Signing time: Thu 07 Jul 2022 09:50:28 +0000
ROA not before: Thu 07 Jul 2022 09:50:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57031
IP address blocks: 89.22.2.0/24 maxlen: 24
89.22.4.0/24 maxlen: 24
89.22.6.0/24 maxlen: 24
89.22.5.0/24 maxlen: 24
89.22.7.0/24 maxlen: 24
2001:67c:7c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d8:11:69:0b:c3:ca:f5:07:24:36:ac:22:21:02:9a:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6d17b13653ff1e3e7822eb1e5e0a17f4d4f7881
Validity
Not Before: Jul 7 09:50:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2e9e87f28730de2e54fcb76e555dea93725b8e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ae:00:84:bc:ce:e9:a8:9c:9b:7e:82:b2:a2:
54:6d:4c:62:66:1e:97:dd:9e:6b:76:50:de:73:60:
79:b3:59:37:c8:8f:21:30:92:18:86:f7:a5:5d:da:
cd:e8:b8:39:16:f6:e8:03:ba:2b:71:35:03:c1:ab:
17:94:ed:c0:e6:cf:c5:51:b5:32:92:29:8d:a0:e2:
87:95:8d:ee:82:ce:e8:74:e8:94:3e:24:7c:33:bb:
7b:32:b1:2b:4c:8f:fd:57:96:2d:6b:ad:5c:72:96:
55:9d:92:0c:73:1a:4a:b8:63:55:a4:5a:6c:5d:57:
d0:cf:cf:9a:30:da:5e:9e:47:6d:9e:8c:72:a1:51:
3f:3c:a6:56:ab:87:01:00:a3:0d:a4:3d:78:03:06:
36:ad:bb:d2:e9:9a:ed:12:72:82:b8:be:8b:99:e6:
74:11:b9:82:e4:ae:12:b5:95:e7:96:da:6d:38:1f:
26:25:ef:5e:b6:20:f2:00:75:f9:5e:21:52:8f:4a:
e6:e0:4e:1e:2c:b2:b4:a3:8e:97:1a:01:a8:a1:ea:
64:80:1a:6a:ba:d6:08:07:e1:14:a9:7c:76:30:0c:
44:91:92:93:36:7e:ee:88:b1:ae:ab:e3:62:0f:ba:
bc:9b:94:a4:a0:63:4e:f1:96:4d:52:d7:bd:e2:68:
dd:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:E9:E8:7F:28:73:0D:E2:E5:4F:CB:76:E5:55:DE:A9:37:25:B8:E8
X509v3 Authority Key Identifier:
keyid:E6:D1:7B:13:65:3F:F1:E3:E7:82:2E:B1:E5:E0:A1:7F:4D:4F:78:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5tF7E2U_8ePngi6x5eChf01PeIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/ounofyhzDeLlT8t25VXeqTcluOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/5tF7E2U_8ePngi6x5eChf01PeIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.2.0/24
89.22.4.0/22
IPv6:
2001:67c:7c2::/48
Signature Algorithm: sha256WithRSAEncryption
6f:bb:50:91:d1:b8:26:76:26:4f:b7:21:30:3a:c2:c5:3f:43:
5e:83:6d:ae:01:7f:27:d7:6b:52:09:39:7f:ed:8e:b0:c3:2a:
d8:aa:89:36:03:f4:57:68:94:d6:8c:35:bb:74:82:be:16:a0:
70:66:52:02:c3:d5:f2:ef:05:b5:70:03:6f:7c:64:23:37:d1:
47:5e:53:6c:c4:d3:db:10:65:e7:a8:21:9c:b9:d1:be:71:62:
d6:b4:ee:e0:4e:04:39:5e:81:91:c0:a0:8e:f1:35:5a:3f:e1:
9c:df:da:d7:de:01:51:33:18:06:ed:b4:c6:ad:7f:0c:b8:f5:
5a:97:92:47:9f:2c:70:8d:db:01:f9:be:21:e5:50:87:f2:2d:
31:74:db:0c:fb:7f:53:64:70:b3:f4:21:1a:84:88:a5:5f:a6:
dc:3c:f5:21:5c:67:9e:7b:09:e4:a7:62:8a:20:5e:6d:88:8d:
f6:58:e2:71:b9:25:d0:81:41:cf:1a:b0:d7:62:c8:b2:31:e9:
8c:81:42:b3:1b:aa:bb:1b:33:01:8c:4e:3e:af:52:ca:eb:17:
8d:a8:33:8f:6e:64:3f:5d:46:b7:88:8e:12:f5:a2:2d:f1:3b:
2e:31:d7:ff:4a:49:85:a0:bd:21:57:4a:68:e8:9b:2e:f0:2b:
33:09:2e:0a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYHYEWkLw8r1ByQ2rCIhApqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZDE3YjEzNjUzZmYxZTNlNzgyMmViMWU1ZTBhMTdmNGQ0
Zjc4ODEwHhcNMjIwNzA3MDk1MDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmU5ZTg3ZjI4NzMwZGUyZTU0ZmNiNzZlNTU1ZGVhOTM3MjViOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAha4AhLzO6aicm36CsqJUbUxiZh6X
3Z5rdlDec2B5s1k3yI8hMJIYhvelXdrN6Lg5FvboA7orcTUDwasXlO3A5s/FUbUy
kimNoOKHlY3ugs7odOiUPiR8M7t7MrErTI/9V5Yta61ccpZVnZIMcxpKuGNVpFps
XVfQz8+aMNpenkdtnoxyoVE/PKZWq4cBAKMNpD14AwY2rbvS6ZrtEnKCuL6LmeZ0
EbmC5K4StZXnltptOB8mJe9etiDyAHX5XiFSj0rm4E4eLLK0o46XGgGooepkgBpq
utYIB+EUqXx2MAxEkZKTNn7uiLGuq+NiD7q8m5SkoGNO8ZZNUte94mjd4QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKLp6H8ocw3i5U/LduVV3qk3JbjoMB8GA1UdIwQY
MBaAFObRexNlP/Hj54IuseXgoX9NT3iBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXRGN0UyVV84ZVBuZ2k2eDVlQ2hmMDFQZUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ODRlM2UtN2I1My00NzVjLTg2MWYt
NmFjZDU4MWQ0YjBmLzEvb3Vub2Z5aHpEZUxsVDh0MjVWWGVxVGNsdU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ODRlM2UtN2I1My00NzVjLTg2MWYtNmFjZDU4MWQ0YjBm
LzEvNXRGN0UyVV84ZVBuZ2k2eDVlQ2hmMDFQZUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAWRYCAwQC
WRYEMA8EAgACMAkDBwAgAQZ8B8IwDQYJKoZIhvcNAQELBQADggEBAG+7UJHRuCZ2
Jk+3ITA6wsU/Q16Dba4BfyfXa1IJOX/tjrDDKtiqiTYD9FdolNaMNbt0gr4WoHBm
UgLD1fLvBbVwA298ZCM30UdeU2zE09sQZeeoIZy50b5xYta07uBOBDlegZHAoI7x
NVo/4Zzf2tfeAVEzGAbttMatfwy49VqXkkefLHCN2wH5viHlUIfyLTF02wz7f1Nk
cLP0IRqEiKVfptw89SFcZ557CeSnYoogXm2IjfZY4nG5JdCBQc8asNdiyLIx6YyB
QrMbqrsbMwGMTj6vUsrrF42oM49uZD9dRreIjhL1oi3xOy4x1/9KSYWgvSFXSmjo
my7wKzMJLgo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:51 2023 by rpki-client on console-fra.rpki-client.org