Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/T1KU1tytSp3ZKaNzfPcRE1_RG4k.roa
File: T1KU1tytSp3ZKaNzfPcRE1_RG4k.roa (raw, json)
Hash identifier: /zyQyKxWDCVLpPEUHC2bgNohqL9wygDU7gNrxw0a8/I=
Subject key identifier: 4F:52:94:D6:DC:AD:4A:9D:D9:29:A3:73:7C:F7:11:13:5F:D1:1B:89
Certificate issuer: /CN=0c1037c17bc15a7c9d8569887f5b05835ce32d27
Certificate serial: 0F153509
Authority key identifier: 0C:10:37:C1:7B:C1:5A:7C:9D:85:69:88:7F:5B:05:83:5C:E3:2D:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DBA3wXvBWnydhWmIf1sFg1zjLSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/T1KU1tytSp3ZKaNzfPcRE1_RG4k.roa
Signing time: Sat 01 Jan 2022 06:04:34 +0000
ROA not before: Sat 01 Jan 2022 06:04:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41557
IP address blocks: 89.205.0.0/17 maxlen: 17
89.205.0.0/21 maxlen: 21
89.205.8.0/21 maxlen: 21
89.205.16.0/21 maxlen: 21
89.205.24.0/21 maxlen: 21
185.47.56.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253048073 (0xf153509)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c1037c17bc15a7c9d8569887f5b05835ce32d27
Validity
Not Before: Jan 1 06:04:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f5294d6dcad4a9dd929a3737cf711135fd11b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:57:ce:ce:9e:06:1f:59:ee:14:ff:69:a7:a8:
c5:a9:79:65:28:e5:a1:e6:08:4a:57:7b:3c:36:eb:
76:aa:7d:8e:09:88:b4:30:33:7f:f2:1d:55:80:f4:
04:c4:24:c3:5d:d9:13:93:76:1d:7e:0f:06:68:9e:
32:98:ab:25:78:d1:90:72:f9:4a:01:8b:b7:f1:35:
99:40:05:f0:c6:67:88:3e:f1:30:2a:03:55:fc:2c:
72:d2:25:e0:f9:5d:b5:17:8a:28:b1:51:ab:d2:17:
70:a6:8b:8c:49:b4:ad:cd:83:54:4c:5f:d8:4c:e9:
a4:94:53:51:01:12:73:49:64:97:ab:26:2c:b5:18:
9a:63:79:34:5c:32:03:1b:1d:c3:b1:db:65:83:a4:
b3:48:18:fc:16:b8:28:09:5e:33:be:ff:95:58:65:
9e:b0:0e:dd:e8:b5:96:fe:50:82:ed:e2:15:69:00:
ff:af:fe:4a:2e:bd:8c:81:99:fc:9c:62:23:04:bd:
27:32:ef:89:68:f6:d3:3b:ec:87:a9:7e:3c:41:d4:
27:03:4c:76:6b:9e:b6:c2:b4:be:4a:74:50:d4:f0:
55:89:94:ae:12:b6:0f:c6:3b:db:6a:55:16:bc:36:
c0:d1:54:9f:05:79:cf:16:c8:d8:b3:03:00:34:ff:
7a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:52:94:D6:DC:AD:4A:9D:D9:29:A3:73:7C:F7:11:13:5F:D1:1B:89
X509v3 Authority Key Identifier:
keyid:0C:10:37:C1:7B:C1:5A:7C:9D:85:69:88:7F:5B:05:83:5C:E3:2D:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DBA3wXvBWnydhWmIf1sFg1zjLSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/T1KU1tytSp3ZKaNzfPcRE1_RG4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/DBA3wXvBWnydhWmIf1sFg1zjLSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.205.0.0/17
185.47.56.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:09:0d:a9:24:44:26:ea:15:bd:8f:e9:87:4a:39:83:62:97:
64:b6:49:c6:65:f2:2c:46:ff:64:ac:6d:55:cf:b3:df:24:74:
d4:f8:5a:cf:4a:a5:4d:78:2e:39:91:ca:d4:96:3c:d1:06:f2:
84:11:b2:77:5e:55:0e:88:7a:cf:ad:07:f9:f9:d1:98:b5:1e:
d2:97:31:a9:c7:57:8e:6b:e9:91:da:13:a4:d4:07:24:0b:91:
8f:19:8c:bf:fd:06:b1:fa:f5:a2:6c:43:64:33:bb:14:1b:20:
74:7a:54:0b:82:10:d9:e5:ba:66:e1:db:c0:e7:a3:13:2e:7b:
99:b8:2f:42:1a:c9:8f:a2:4f:ee:08:7b:39:18:57:06:b6:a4:
55:34:d3:d3:81:fd:3f:f7:62:1d:5c:01:f7:a1:81:23:b2:24:
9b:70:b4:a5:f1:f1:ca:fb:de:26:b9:c3:91:88:ca:7f:40:d4:
0d:e8:d4:b3:b3:5a:6d:02:50:de:89:3f:df:0c:e2:cb:7f:7c:
00:c4:fc:15:95:0b:10:42:98:a2:d4:d2:b4:cd:52:5d:75:ce:
74:e7:fc:6d:90:c7:fb:02:f3:d2:ca:f1:e5:3c:85:76:3f:87:
7c:d2:ad:5a:f7:e2:67:8d:60:38:78:54:8c:9e:c8:65:50:27:
68:40:f4:00
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDxU1CTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzEwMzdjMTdiYzE1YTdjOWQ4NTY5ODg3ZjViMDU4MzVjZTMyZDI3MB4XDTIyMDEw
MTA2MDQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY1Mjk0ZDZkY2Fk
NGE5ZGQ5MjlhMzczN2NmNzExMTM1ZmQxMWI4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRXzs6eBh9Z7hT/aaeoxal5ZSjloeYISld7PDbrdqp9jgmI
tDAzf/IdVYD0BMQkw13ZE5N2HX4PBmieMpirJXjRkHL5SgGLt/E1mUAF8MZniD7x
MCoDVfwsctIl4PldtReKKLFRq9IXcKaLjEm0rc2DVExf2EzppJRTUQESc0lkl6sm
LLUYmmN5NFwyAxsdw7HbZYOks0gY/Ba4KAleM77/lVhlnrAO3ei1lv5Qgu3iFWkA
/6/+Si69jIGZ/JxiIwS9JzLviWj20zvsh6l+PEHUJwNMdmuetsK0vkp0UNTwVYmU
rhK2D8Y722pVFrw2wNFUnwV5zxbI2LMDADT/enUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRPUpTW3K1Kndkpo3N89xETX9EbiTAfBgNVHSMEGDAWgBQMEDfBe8FafJ2F
aYh/WwWDXOMtJzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RCQTN3WHZCV255ZGhXbUlmMXNGZzF6akxTYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvYTYyYTdiLThmNzYtNDg5OS1hMTUzLThjNTAwMjk1Y2I5Ni8x
L1QxS1UxdHl0U3AzWkthTnpmUGNSRTFfUkc0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
YTYyYTdiLThmNzYtNDg5OS1hMTUzLThjNTAwMjk1Y2I5Ni8xL0RCQTN3WHZCV255
ZGhXbUlmMXNGZzF6akxTYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEB1nNAAMEArkvODANBgkqhkiG9w0B
AQsFAAOCAQEAGgkNqSREJuoVvY/ph0o5g2KXZLZJxmXyLEb/ZKxtVc+z3yR01Pha
z0qlTXguOZHK1JY80QbyhBGyd15VDoh6z60H+fnRmLUe0pcxqcdXjmvpkdoTpNQH
JAuRjxmMv/0Gsfr1omxDZDO7FBsgdHpUC4IQ2eW6ZuHbwOejEy57mbgvQhrJj6JP
7gh7ORhXBrakVTTT04H9P/diHVwB96GBI7Ikm3C0pfHxyvveJrnDkYjKf0DUDejU
s7NabQJQ3ok/3wziy398AMT8FZULEEKYotTStM1SXXXOdOf8bZDH+wLz0srx5TyF
dj+HfNKtWvfiZ41gOHhUjJ7IZVAnaED0AA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:52 2023 by rpki-client on console-fra.rpki-client.org