Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/PGmdi2klyC_kVjwcR42nDNfu1Qo.roa
File: PGmdi2klyC_kVjwcR42nDNfu1Qo.roa (raw, json)
Hash identifier: 9OZJg9sO62ookl8tWHPvbbjpcUDAKxLBvc/ON5dbyE8=
Subject key identifier: 3C:69:9D:8B:69:25:C8:2F:E4:56:3C:1C:47:8D:A7:0C:D7:EE:D5:0A
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 0108CD
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/PGmdi2klyC_kVjwcR42nDNfu1Qo.roa
Signing time: Tue 22 Mar 2022 18:39:39 +0000
ROA not before: Tue 22 Mar 2022 18:39:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8551
IP address blocks: 89.38.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67789 (0x108cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Mar 22 18:39:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c699d8b6925c82fe4563c1c478da70cd7eed50a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c0:5f:59:a4:eb:e3:a7:3c:6c:3e:2c:a2:10:
40:c7:99:ca:ed:7f:e0:ba:a4:0c:35:59:16:3e:7e:
0b:ce:7c:66:2e:2e:80:0f:97:6f:5f:8b:1d:0e:43:
06:bf:78:88:36:40:65:20:79:56:8c:09:0e:19:a0:
ab:94:d0:bf:4c:de:01:d5:5f:5a:df:7b:58:74:c5:
9b:e7:12:1a:0f:24:23:8e:99:bc:80:8b:7e:2d:6c:
55:aa:86:67:2a:04:a5:2b:9f:2b:54:df:25:11:ad:
1e:cf:a4:95:7b:8c:89:5c:51:05:d5:4b:5c:3c:7a:
04:46:96:4c:a2:90:bd:8c:6f:31:0d:d3:c3:c8:5b:
6b:38:04:8e:26:82:d3:86:7f:4e:b0:c6:69:9d:25:
91:3d:66:2b:95:85:01:75:7c:cc:50:2c:2b:72:9e:
31:03:f2:df:35:db:2d:8b:41:41:5f:4c:47:24:90:
12:05:a0:db:97:2c:f7:b4:92:67:82:0a:66:64:63:
78:a2:85:b4:e6:37:c6:15:8d:a4:14:40:61:c1:b0:
c7:dc:47:4f:89:71:f4:52:2b:7e:d7:ac:e0:7a:3d:
9b:79:35:19:a9:6d:34:4a:73:69:52:f0:47:a1:be:
84:6d:01:97:a2:89:ca:5f:4c:18:56:95:84:8f:ad:
88:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:69:9D:8B:69:25:C8:2F:E4:56:3C:1C:47:8D:A7:0C:D7:EE:D5:0A
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/PGmdi2klyC_kVjwcR42nDNfu1Qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.28.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:12:ca:e6:9f:f8:84:f0:d2:11:4b:88:57:b6:9b:ef:d1:93:
77:aa:27:25:2d:1e:83:6a:58:c2:c0:2f:d6:f7:e4:54:39:9a:
73:b9:f9:f8:56:8d:c0:73:19:99:34:f4:62:4c:25:cf:32:da:
78:ba:0c:a4:00:3b:ac:29:1f:b8:20:bf:64:cd:1a:1b:e6:b3:
4b:d6:62:89:4b:53:7f:dd:30:0b:60:ba:57:38:8a:d2:4b:4e:
cd:07:07:0b:57:7a:70:79:dc:c9:82:02:dd:3a:52:1d:8e:26:
5a:33:91:48:3a:e4:b6:31:4a:27:61:1e:8a:5b:19:59:27:bf:
41:62:4f:1b:f3:7a:4f:14:44:7e:df:80:1f:26:6f:80:fc:7a:
ad:5a:b1:b8:72:fb:d6:5b:0b:e7:0d:ab:ba:88:95:c3:85:d3:
84:49:8a:2d:03:f7:45:60:90:03:61:9d:6e:64:4b:80:78:ee:
0d:85:ca:d4:d8:7f:47:a7:7c:ed:2e:f8:3e:30:0c:e6:89:f5:
af:36:0c:d6:01:a5:2c:b3:d4:d2:78:3e:63:3f:3e:0e:dd:10:
cd:e9:38:02:3d:8b:86:28:c0:71:f8:60:19:fe:a4:34:09:72:
52:b9:63:0c:f2:ae:61:d9:c1:75:2a:8d:3d:3f:88:ff:f8:c8:
de:ed:dc:8b
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAQjNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkwYWI3NzAwHhcNMjIwMzIy
MTgzOTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygzYzY5OWQ4YjY5MjVj
ODJmZTQ1NjNjMWM0NzhkYTcwY2Q3ZWVkNTBhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAucBfWaTr46c8bD4sohBAx5nK7X/guqQMNVkWPn4LznxmLi6A
D5dvX4sdDkMGv3iINkBlIHlWjAkOGaCrlNC/TN4B1V9a33tYdMWb5xIaDyQjjpm8
gIt+LWxVqoZnKgSlK58rVN8lEa0ez6SVe4yJXFEF1UtcPHoERpZMopC9jG8xDdPD
yFtrOASOJoLThn9OsMZpnSWRPWYrlYUBdXzMUCwrcp4xA/LfNdsti0FBX0xHJJAS
BaDblyz3tJJnggpmZGN4ooW05jfGFY2kFEBhwbDH3EdPiXH0Uit+16zgej2beTUZ
qW00SnNpUvBHob6EbQGXoonKX0wYVpWEj62IXwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFDxpnYtpJcgv5FY8HEeNpwzX7tUKMB8GA1UdIwQYMBaAFNnv6dNvX4j98EdC
xBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4LzEv
UEdtZGkya2x5Q19rVmp3Y1I0Mm5ETmZ1MVFvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81
NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4LzEvMmVfcDAyOWZpUDN3
UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSYcMA0GCSqGSIb3DQEBCwUAA4IB
AQAfEsrmn/iE8NIRS4hXtpvv0ZN3qiclLR6DaljCwC/W9+RUOZpzufn4Vo3AcxmZ
NPRiTCXPMtp4ugykADusKR+4IL9kzRob5rNL1mKJS1N/3TALYLpXOIrSS07NBwcL
V3pwedzJggLdOlIdjiZaM5FIOuS2MUonYR6KWxlZJ79BYk8b83pPFER+34AfJm+A
/HqtWrG4cvvWWwvnDau6iJXDhdOESYotA/dFYJADYZ1uZEuAeO4NhcrU2H9Hp3zt
Lvg+MAzmifWvNgzWAaUss9TSeD5jPz4O3RDN6TgCPYuGKMBx+GAZ/qQ0CXJSuWMM
8q5h2cF1Ko09P4j/+Mje7dyL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:07 2023 by rpki-client on console-fra.rpki-client.org