Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/IWV4rdbJhuP-CbrboyRLqB8F57w.roa
File: IWV4rdbJhuP-CbrboyRLqB8F57w.roa (raw, json)
Hash identifier: ZN7VKppoH/EfqeLDLFiSp5x4xjDqwYQXxZJJnD2KFdQ=
Subject key identifier: 21:65:78:AD:D6:C9:86:E3:FE:09:BA:DB:A3:24:4B:A8:1F:05:E7:BC
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41E2B368B8B51B752013AE6FA039F8
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/IWV4rdbJhuP-CbrboyRLqB8F57w.roa
Signing time: Sun 01 Jan 2023 16:54:49 +0000
ROA not before: Sun 01 Jan 2023 16:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61059
IP address blocks: 89.44.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:e2:b3:68:b8:b5:1b:75:20:13:ae:6f:a0:39:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=216578add6c986e3fe09badba3244ba81f05e7bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8b:71:6c:f2:00:69:4c:6d:99:13:d1:25:22:
c1:bc:52:94:b5:ec:29:c3:bd:bc:00:04:e9:64:15:
e8:ed:ad:ae:7c:78:70:a7:34:0b:28:e8:29:64:99:
a5:53:56:15:43:b0:c1:97:62:91:20:a5:49:24:2b:
76:f2:c3:e1:c5:9c:9f:b7:6d:59:76:76:d4:d9:a6:
c0:fb:28:6e:d4:f1:d1:e4:3a:77:75:0d:79:ba:3d:
3b:5e:25:95:12:9f:ec:ac:d8:7f:3a:80:fa:9a:1f:
9f:3d:37:68:a9:03:3e:3d:41:0e:9e:98:ce:53:ed:
fc:07:47:e8:63:ec:ff:d1:ef:2b:27:81:7f:bb:49:
50:0c:f8:1e:10:6e:e9:46:e9:90:bc:c4:2c:ae:52:
d7:7b:07:94:6d:22:4d:71:4b:cd:bd:6d:8e:19:76:
5c:2e:e1:d5:e2:e3:37:48:a1:9c:a2:2d:9e:80:43:
ec:61:89:4b:07:88:03:48:03:ff:aa:77:3f:cd:a3:
92:ad:50:d8:e4:eb:ca:72:e7:53:d2:90:ab:de:5e:
da:54:0d:d0:53:e2:59:78:29:18:7a:41:56:c7:0d:
f7:75:73:e3:64:6e:82:12:50:cf:b1:92:fb:7a:00:
9a:aa:bf:44:df:2e:a3:33:2a:13:b6:e3:b6:4e:9e:
5f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:65:78:AD:D6:C9:86:E3:FE:09:BA:DB:A3:24:4B:A8:1F:05:E7:BC
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/IWV4rdbJhuP-CbrboyRLqB8F57w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.88.0/22
Signature Algorithm: sha256WithRSAEncryption
20:66:9b:a5:8f:c3:db:dc:64:3f:ef:c5:3f:86:43:80:4e:5e:
fe:67:40:11:da:2d:6d:3d:1a:59:14:47:e5:74:22:c2:06:d9:
e8:10:cf:dc:4c:70:01:f2:5f:5a:27:dc:8a:d4:75:38:fb:8a:
2a:c8:78:9d:33:04:a0:18:d6:c9:f0:ac:05:fd:cd:53:17:4e:
16:98:85:cd:43:7d:3c:ce:af:31:65:0b:1d:41:c5:cd:68:e7:
a2:f4:e4:76:0e:37:ad:7d:04:9a:39:e5:64:1e:25:af:f7:6e:
bf:c4:6b:6f:d2:9f:60:a3:a4:12:b3:6f:af:b4:59:01:30:72:
9a:cc:29:9d:d1:ab:14:de:5b:94:3f:6d:dc:a0:13:57:03:e7:
54:ae:f2:54:53:f8:cf:54:b7:71:17:cf:bc:07:d6:e7:60:d0:
81:02:12:05:1a:31:c8:b4:b6:2c:df:4a:a0:1f:8c:e4:1d:01:
c0:05:fd:8f:e8:3b:c2:dc:65:8d:39:85:4c:06:3e:a4:d6:eb:
f5:68:44:9a:8f:a0:fe:e5:1c:53:d0:e6:18:5b:6f:33:8f:68:
ed:a8:43:83:e6:81:10:85:5e:c3:57:07:70:8f:ea:00:a5:26:
94:10:ec:1f:bf:96:4d:20:08:ed:02:04:3a:53:ea:1f:88:f7:
99:dc:76:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQeKzaLi1G3UgE65voDn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTY1NzhhZGQ2Yzk4NmUzZmUwOWJhZGJhMzI0NGJhODFmMDVlN2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqotxbPIAaUxtmRPRJSLBvFKUtewp
w728AATpZBXo7a2ufHhwpzQLKOgpZJmlU1YVQ7DBl2KRIKVJJCt28sPhxZyft21Z
dnbU2abA+yhu1PHR5Dp3dQ15uj07XiWVEp/srNh/OoD6mh+fPTdoqQM+PUEOnpjO
U+38B0foY+z/0e8rJ4F/u0lQDPgeEG7pRumQvMQsrlLXeweUbSJNcUvNvW2OGXZc
LuHV4uM3SKGcoi2egEPsYYlLB4gDSAP/qnc/zaOSrVDY5OvKcudT0pCr3l7aVA3Q
U+JZeCkYekFWxw33dXPjZG6CElDPsZL7egCaqr9E3y6jMyoTtuO2Tp5fewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCFleK3WyYbj/gm626MkS6gfBee8MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvSVdWNHJkYkpodVAtQ2JyYm95UkxxQjhGNTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSxYMA0G
CSqGSIb3DQEBCwUAA4IBAQAgZpulj8Pb3GQ/78U/hkOATl7+Z0AR2i1tPRpZFEfl
dCLCBtnoEM/cTHAB8l9aJ9yK1HU4+4oqyHidMwSgGNbJ8KwF/c1TF04WmIXNQ308
zq8xZQsdQcXNaOei9OR2DjetfQSaOeVkHiWv926/xGtv0p9go6QSs2+vtFkBMHKa
zCmd0asU3luUP23coBNXA+dUrvJUU/jPVLdxF8+8B9bnYNCBAhIFGjHItLYs30qg
H4zkHQHABf2P6DvC3GWNOYVMBj6k1uv1aESaj6D+5RxT0OYYW28zj2jtqEOD5oEQ
hV7DVwdwj+oApSaUEOwfv5ZNIAjtAgQ6U+ofiPeZ3Hbl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:06 2025 by rpki-client