Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/iCx2pBe8ftpNLcxCY2SfQ3V0r5k.roa
File: iCx2pBe8ftpNLcxCY2SfQ3V0r5k.roa (raw, json)
Hash identifier: 5emjZzkWyGKNQQlmAMIdOaMiwIlpSgNzmkF4JSdd/9g=
Subject key identifier: 88:2C:76:A4:17:BC:7E:DA:4D:2D:CC:42:63:64:9F:43:75:74:AF:99
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 19AEAB77
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/iCx2pBe8ftpNLcxCY2SfQ3V0r5k.roa
Signing time: Sat 01 Jan 2022 05:52:41 +0000
ROA not before: Sat 01 Jan 2022 05:52:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211590
IP address blocks: 89.104.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 430877559 (0x19aeab77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 05:52:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=882c76a417bc7eda4d2dcc4263649f437574af99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4d:28:4c:fe:17:b0:e4:6b:82:97:1e:e8:ad:
a8:57:31:a5:fe:eb:d0:77:42:d2:ab:cc:b2:32:57:
0a:ae:75:d9:a6:58:0c:57:b4:4b:b9:98:3a:eb:2f:
d6:38:bb:26:48:fc:2b:77:61:c4:c9:e2:a2:b7:09:
89:bf:31:ca:c9:f1:00:c2:6f:ea:70:ca:87:9a:a1:
8f:f9:22:99:f9:fe:86:70:1b:9e:fc:e0:8f:22:17:
84:13:99:b2:43:ad:aa:0a:ea:55:91:2e:7d:63:a6:
77:73:25:5c:c2:86:48:06:70:92:dc:b1:5b:a2:c6:
03:db:50:ee:45:cb:78:06:bc:95:60:5d:92:f3:75:
8d:f0:7d:d2:80:99:a4:a2:83:e6:83:0b:0a:0b:3f:
6e:b3:8c:7e:2b:a9:33:71:d6:79:30:2d:51:d8:d0:
e5:eb:17:93:83:6c:4f:7e:af:8d:c6:25:56:02:d0:
24:28:04:20:35:68:a1:b2:20:0e:f9:06:4f:ae:41:
54:b0:15:dc:79:fa:5a:b9:02:5e:d5:fd:c3:35:a5:
53:ab:0d:23:98:da:d2:da:89:fb:0a:6e:00:db:94:
9f:46:fa:fd:37:db:f4:79:96:65:d0:32:09:0e:26:
80:3a:f1:00:38:06:ce:4a:dd:df:4f:0e:a6:a2:b2:
0d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2C:76:A4:17:BC:7E:DA:4D:2D:CC:42:63:64:9F:43:75:74:AF:99
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/iCx2pBe8ftpNLcxCY2SfQ3V0r5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.126.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:12:ea:12:72:4e:f6:58:b8:15:03:d1:26:7e:1d:49:6e:f7:
0f:d7:97:11:af:76:14:3f:a4:63:c3:f3:8d:50:97:4c:67:6c:
df:c1:c1:fa:21:26:85:50:f4:cb:6e:f2:34:06:3b:9e:1e:2a:
0e:8e:5e:ae:95:89:cf:1d:de:8b:cc:01:6b:a0:36:3d:30:d1:
91:0c:3c:f3:24:0a:f3:cf:c6:9e:ce:8b:d4:b4:5f:0e:a5:51:
76:88:d9:29:01:1d:c0:26:df:66:cf:36:24:d7:83:86:3f:da:
ef:85:20:12:7f:6a:14:ec:44:05:7e:d2:b3:d0:a6:4f:4a:02:
7d:5c:5b:f5:63:d9:7c:e7:e8:c3:be:e1:ce:90:0f:fd:12:ff:
24:82:ab:a7:d0:39:94:f3:a5:ac:a5:b4:b9:41:48:8d:3c:15:
0f:85:53:32:8a:7c:2f:e3:7c:4b:09:12:4c:68:ee:83:62:52:
65:db:df:2a:6d:fe:3b:fc:fd:18:fd:70:f9:3e:bf:13:8e:bf:
ab:eb:05:ec:3e:3b:4e:9f:23:14:69:2e:bb:ec:36:98:b3:fe:
07:47:be:9c:c0:fd:30:22:1f:7c:62:26:6f:2b:31:79:04:b5:
aa:72:87:08:10:8d:8e:72:4f:e3:25:63:9f:d7:97:61:6c:e6:
41:ae:ed:b1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGa6rdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZDgzMTNlNDFlNjQ2YTA5Y2QwMWUyZTZmNDczOWQzYmQyMzZjNGZmMB4XDTIyMDEw
MTA1NTI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODgyYzc2YTQxN2Jj
N2VkYTRkMmRjYzQyNjM2NDlmNDM3NTc0YWY5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1NKEz+F7Dka4KXHuitqFcxpf7r0HdC0qvMsjJXCq512aZY
DFe0S7mYOusv1ji7Jkj8K3dhxMniorcJib8xysnxAMJv6nDKh5qhj/kimfn+hnAb
nvzgjyIXhBOZskOtqgrqVZEufWOmd3MlXMKGSAZwktyxW6LGA9tQ7kXLeAa8lWBd
kvN1jfB90oCZpKKD5oMLCgs/brOMfiupM3HWeTAtUdjQ5esXk4NsT36vjcYlVgLQ
JCgEIDVoobIgDvkGT65BVLAV3Hn6WrkCXtX9wzWlU6sNI5ja0tqJ+wpuANuUn0b6
/Tfb9HmWZdAyCQ4mgDrxADgGzkrd308OpqKyDR0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSILHakF7x+2k0tzEJjZJ9DdXSvmTAfBgNVHSMEGDAWgBTNgxPkHmRqCc0B
4ub0c5070jbE/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pZTVQ1QjVrYWduTkFlTG05SE9kTzlJMnhQOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMzQ2NWYzLTAzYzItNGVhYS1hNjc0LTg4NjJiNTE3MzE3Yy8x
L2lDeDJwQmU4ZnRwTkxjeENZMlNmUTNWMHI1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MzQ2NWYzLTAzYzItNGVhYS1hNjc0LTg4NjJiNTE3MzE3Yy8xL3pZTVQ1QjVrYWdu
TkFlTG05SE9kTzlJMnhQOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFlofjANBgkqhkiG9w0BAQsFAAOC
AQEAXRLqEnJO9li4FQPRJn4dSW73D9eXEa92FD+kY8PzjVCXTGds38HB+iEmhVD0
y27yNAY7nh4qDo5erpWJzx3ei8wBa6A2PTDRkQw88yQK88/Gns6L1LRfDqVRdojZ
KQEdwCbfZs82JNeDhj/a74UgEn9qFOxEBX7Ss9CmT0oCfVxb9WPZfOfow77hzpAP
/RL/JIKrp9A5lPOlrKW0uUFIjTwVD4VTMop8L+N8SwkSTGjug2JSZdvfKm3+O/z9
GP1w+T6/E46/q+sF7D47Tp8jFGkuu+w2mLP+B0e+nMD9MCIffGImbysxeQS1qnKH
CBCNjnJP4yVjn9eXYWzmQa7tsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:02 2024 by rpki-client on console-fra.rpki-client.org