Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/4dYV0pAIV2UQEUUVSgatQZhckbE.roa
File: 4dYV0pAIV2UQEUUVSgatQZhckbE.roa (raw, json)
Hash identifier: 0ZhFgbL1VeoTPPctBz0QW79QTLqxBkeKPwqC828KXfA=
Subject key identifier: E1:D6:15:D2:90:08:57:65:10:11:45:15:4A:06:AD:41:98:5C:91:B1
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 19AAC6DA
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/4dYV0pAIV2UQEUUVSgatQZhckbE.roa
Signing time: Sat 01 Jan 2022 05:52:40 +0000
ROA not before: Sat 01 Jan 2022 05:52:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208371
IP address blocks: 89.223.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 430622426 (0x19aac6da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 05:52:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1d615d290085765101145154a06ad41985c91b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:fe:c6:d4:42:52:47:3c:3b:22:33:02:d2:14:
df:fb:04:0e:ac:01:89:59:17:a1:59:9f:e0:c3:c0:
35:74:7f:5f:03:d8:ee:fb:8c:b0:53:de:d2:dc:fd:
88:38:55:e6:fc:5e:69:60:40:48:7b:f4:80:98:64:
e6:0d:bf:24:f3:4f:72:cf:04:96:79:fd:97:08:4b:
01:84:06:54:7f:f4:32:28:72:df:2e:ec:c0:aa:60:
90:40:16:ec:7a:70:9d:b6:ed:22:45:55:bc:5e:57:
34:95:af:9a:b3:b3:c8:1a:41:99:35:9e:43:83:b1:
f6:37:35:10:25:8b:5f:75:6f:a7:23:b7:21:41:0e:
7c:f8:c1:4d:5a:54:fa:0a:3f:6a:55:21:da:76:e1:
f1:18:20:c2:7a:39:c5:0d:6d:ab:e4:1f:4b:9b:88:
51:1b:b3:65:8e:ca:fb:a8:c3:9c:13:3a:70:94:35:
86:a5:17:de:fa:a1:a0:70:5b:f4:b8:6b:19:08:fe:
89:b7:30:9c:15:f2:cf:55:aa:d6:d8:ea:8e:95:cf:
3d:4c:58:3b:84:5e:dc:2d:7e:65:81:30:e6:e7:bd:
eb:a0:d2:df:18:0f:6b:00:4b:6a:f7:11:c6:01:e9:
d9:1e:1e:fb:fd:79:6a:69:50:af:21:ee:d2:a9:b4:
cb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:D6:15:D2:90:08:57:65:10:11:45:15:4A:06:AD:41:98:5C:91:B1
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/4dYV0pAIV2UQEUUVSgatQZhckbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.98.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:52:5a:89:06:35:b3:9d:3a:8b:df:4f:5a:e9:82:a6:7f:11:
3d:8b:73:9c:77:6d:5a:0b:bd:71:83:79:20:3b:8e:e2:31:b8:
3c:f2:21:f4:33:2b:48:eb:7d:af:2c:97:c7:f8:1c:41:67:1f:
85:3c:be:a6:5b:23:ee:80:4b:76:62:81:cb:b8:cd:9e:27:6c:
8a:86:fc:76:8e:34:cb:ae:55:8b:34:f4:d6:08:f2:02:f7:e5:
f8:f3:18:1d:68:bb:16:75:f9:68:5c:a5:cf:66:33:2f:76:f5:
8c:a8:9c:23:69:71:ec:94:8c:ae:e3:19:6c:21:ea:59:5b:cd:
6b:46:0e:41:00:05:7b:6b:96:8c:cf:3b:56:af:3b:a7:22:06:
61:5b:63:c8:51:44:43:63:74:13:5e:ac:d2:e6:9e:39:b0:7f:
58:7d:28:5c:be:5f:9f:31:c3:56:75:0d:72:d6:61:29:66:22:
68:fb:55:4e:33:15:b9:71:ca:ef:44:0c:40:08:ff:65:2a:52:
03:d6:fe:2f:96:5f:90:93:de:7c:e2:ef:a5:8f:27:fd:42:8a:
80:66:77:1e:67:5d:80:b1:10:e5:d3:5b:61:7a:df:ef:1b:d6:
b0:52:e8:ba:32:f9:13:a1:26:4a:4d:5f:ac:87:90:c5:32:11:
c6:cf:ee:11
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGarG2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDgzMTNlNDFlNjQ2YTA5Y2QwMWUyZTZmNDczOWQzYmQyMzZjNGZmMB4XDTIyMDEw
MTA1NTI0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFkNjE1ZDI5MDA4
NTc2NTEwMTE0NTE1NGEwNmFkNDE5ODVjOTFiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJv+xtRCUkc8OyIzAtIU3/sEDqwBiVkXoVmf4MPANXR/XwPY
7vuMsFPe0tz9iDhV5vxeaWBASHv0gJhk5g2/JPNPcs8Elnn9lwhLAYQGVH/0Mihy
3y7swKpgkEAW7HpwnbbtIkVVvF5XNJWvmrOzyBpBmTWeQ4Ox9jc1ECWLX3VvpyO3
IUEOfPjBTVpU+go/alUh2nbh8Rggwno5xQ1tq+QfS5uIURuzZY7K+6jDnBM6cJQ1
hqUX3vqhoHBb9LhrGQj+ibcwnBXyz1Wq1tjqjpXPPUxYO4Re3C1+ZYEw5ue966DS
3xgPawBLavcRxgHp2R4e+/15amlQryHu0qm0y9UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTh1hXSkAhXZRARRRVKBq1BmFyRsTAfBgNVHSMEGDAWgBTNgxPkHmRqCc0B
4ub0c5070jbE/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pZTVQ1QjVrYWduTkFlTG05SE9kTzlJMnhQOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMzQ2NWYzLTAzYzItNGVhYS1hNjc0LTg4NjJiNTE3MzE3Yy8x
LzRkWVYwcEFJVjJVUUVVVVZTZ2F0UVpoY2tiRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MzQ2NWYzLTAzYzItNGVhYS1hNjc0LTg4NjJiNTE3MzE3Yy8xL3pZTVQ1QjVrYWdu
TkFlTG05SE9kTzlJMnhQOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFnfYjANBgkqhkiG9w0BAQsFAAOC
AQEArVJaiQY1s506i99PWumCpn8RPYtznHdtWgu9cYN5IDuO4jG4PPIh9DMrSOt9
ryyXx/gcQWcfhTy+plsj7oBLdmKBy7jNnidsiob8do40y65VizT01gjyAvfl+PMY
HWi7FnX5aFylz2YzL3b1jKicI2lx7JSMruMZbCHqWVvNa0YOQQAFe2uWjM87Vq87
pyIGYVtjyFFEQ2N0E16s0uaeObB/WH0oXL5fnzHDVnUNctZhKWYiaPtVTjMVuXHK
70QMQAj/ZSpSA9b+L5ZfkJPefOLvpY8n/UKKgGZ3HmddgLEQ5dNbYXrf7xvWsFLo
ujL5E6EmSk1frIeQxTIRxs/uEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org