Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/K7wbL7jpWR6lXzMK-k2-HzhLi84.roa
File: K7wbL7jpWR6lXzMK-k2-HzhLi84.roa (raw, json)
Hash identifier: pBkXdid7BYfyu9T49wh73ztS9ArrOxxk4uutGuyo5k4=
Subject key identifier: 2B:BC:1B:2F:B8:E9:59:1E:A5:5F:33:0A:FA:4D:BE:1F:38:4B:8B:CE
Certificate issuer: /CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Certificate serial: 1421DAB7
Authority key identifier: 74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/K7wbL7jpWR6lXzMK-k2-HzhLi84.roa
Signing time: Sat 01 Jan 2022 07:03:34 +0000
ROA not before: Sat 01 Jan 2022 07:03:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 36351
IP address blocks: 89.38.52.0/24 maxlen: 24
89.38.54.0/24 maxlen: 24
89.38.53.0/24 maxlen: 24
185.69.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 337762999 (0x1421dab7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Validity
Not Before: Jan 1 07:03:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2bbc1b2fb8e9591ea55f330afa4dbe1f384b8bce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:0e:27:f4:3a:f9:be:aa:61:29:7a:64:71:
51:88:86:2e:8e:87:a0:a1:32:66:94:9d:42:2d:eb:
90:c8:db:a1:90:a6:ba:1b:be:d4:8c:3b:89:ce:16:
eb:fe:f9:f4:d4:95:ba:19:04:0e:9d:2c:af:75:22:
7b:d6:d9:8b:e4:45:b8:8f:3f:eb:28:6a:16:e1:9d:
b7:6e:3c:6f:04:e7:a1:7b:70:a6:ff:6e:32:e4:8a:
f3:92:c6:b0:c0:8d:be:a4:40:d1:3f:85:00:c8:d5:
4c:27:64:5b:d6:3e:fc:b8:63:a1:51:9a:7b:b8:37:
f0:e3:f4:fe:c5:5b:e7:62:ec:94:43:49:3e:50:c1:
25:e6:5c:c3:8c:29:78:e2:ae:c9:d3:e7:0a:62:f1:
45:79:9c:b5:a4:a9:74:c1:3b:be:90:ec:85:d5:22:
4b:7d:6f:8a:00:3a:cd:f7:19:a0:7d:1a:1f:2b:f6:
fe:72:ee:4e:1b:63:5f:f9:0c:bc:13:f5:0f:9b:07:
72:af:3c:2f:d7:bf:b0:6a:35:4f:76:fb:bb:f2:58:
14:4a:88:dc:8d:9e:96:be:2c:96:c9:a5:a3:20:36:
41:fe:49:65:96:f9:84:93:b8:39:d8:cd:13:6a:04:
c8:3f:3d:61:4d:98:ff:58:6b:9f:5c:00:0c:fb:5b:
62:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BC:1B:2F:B8:E9:59:1E:A5:5F:33:0A:FA:4D:BE:1F:38:4B:8B:CE
X509v3 Authority Key Identifier:
keyid:74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/K7wbL7jpWR6lXzMK-k2-HzhLi84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.52.0-89.38.54.255
185.69.240.0/24
Signature Algorithm: sha256WithRSAEncryption
20:db:02:86:6f:8a:ce:79:79:d5:8d:c0:6e:da:2c:27:48:24:
a1:48:8b:40:0b:2e:07:4b:91:5c:39:a2:e7:b8:26:4a:a5:65:
e2:a3:e4:df:78:cf:40:66:eb:f0:cf:0c:96:01:68:77:aa:68:
66:18:dc:7c:c9:da:7c:6b:98:b6:33:87:75:a4:bf:b4:9e:b9:
5a:6b:e6:59:2a:a2:da:96:fb:b0:e6:aa:2b:38:ab:1e:89:41:
a6:e8:a1:85:87:64:6d:e3:90:63:52:bd:fe:c0:b4:46:19:ec:
6f:f0:f0:d4:64:d2:c8:46:c7:d9:0f:d7:72:4f:26:6e:21:16:
42:db:53:dd:0d:71:18:65:0a:c4:2c:7f:52:a1:c4:d7:5d:3f:
c0:b2:97:60:ee:4f:03:68:f0:68:d9:2e:87:9b:06:35:b9:bf:
51:50:cb:65:6e:24:29:21:4b:c6:45:e3:ae:a7:6d:2c:90:d4:
69:f3:e9:3f:cd:17:d3:1d:30:dd:bd:68:b6:a5:c5:05:ff:9a:
7e:a3:f2:e3:91:c7:df:b6:87:90:e5:3e:3f:8d:35:49:f2:90:
21:39:09:95:9d:8e:fe:c5:1c:1f:3e:77:37:f2:a1:cf:d6:87:
bf:3d:d5:03:48:1c:71:3f:de:e5:e7:ce:10:33:3a:7c:85:c0:
36:e9:0e:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEFCHatzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDg5NmM1NDRiNDYxZDhiMDYyZWZmOWUzZDJjMjljZDNjYzk2MGVjMB4XDTIyMDEw
MTA3MDMzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmJiYzFiMmZiOGU5
NTkxZWE1NWYzMzBhZmE0ZGJlMWYzODRiOGJjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9xDif0Ovm+qmEpemRxUYiGLo6HoKEyZpSdQi3rkMjboZCm
uhu+1Iw7ic4W6/759NSVuhkEDp0sr3Uie9bZi+RFuI8/6yhqFuGdt248bwTnoXtw
pv9uMuSK85LGsMCNvqRA0T+FAMjVTCdkW9Y+/LhjoVGae7g38OP0/sVb52LslENJ
PlDBJeZcw4wpeOKuydPnCmLxRXmctaSpdME7vpDshdUiS31vigA6zfcZoH0aHyv2
/nLuThtjX/kMvBP1D5sHcq88L9e/sGo1T3b7u/JYFEqI3I2elr4slsmloyA2Qf5J
ZZb5hJO4OdjNE2oEyD89YU2Y/1hrn1wADPtbYrUCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQrvBsvuOlZHqVfMwr6Tb4fOEuLzjAfBgNVHSMEGDAWgBR0iWxUS0YdiwYu
/549LCnNPMlg7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RJbHNWRXRHSFlzR0x2LWVQU3dwelR6SllPdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvYmMyMmE5LWY4NzEtNDAwYy04ZmNmLWNmMTc0MDgyMzQwMC8x
L0s3d2JMN2pwV1I2bFh6TUstazItSHpoTGk4NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
YmMyMmE5LWY4NzEtNDAwYy04ZmNmLWNmMTc0MDgyMzQwMC8xL2RJbHNWRXRHSFlz
R0x2LWVQU3dwelR6SllPdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQCWSY0AwQAWSY2AwQAuUXwMA0G
CSqGSIb3DQEBCwUAA4IBAQAg2wKGb4rOeXnVjcBu2iwnSCShSItACy4HS5FcOaLn
uCZKpWXio+TfeM9AZuvwzwyWAWh3qmhmGNx8ydp8a5i2M4d1pL+0nrlaa+ZZKqLa
lvuw5qorOKseiUGm6KGFh2Rt45BjUr3+wLRGGexv8PDUZNLIRsfZD9dyTyZuIRZC
21PdDXEYZQrELH9SocTXXT/Aspdg7k8DaPBo2S6HmwY1ub9RUMtlbiQpIUvGReOu
p20skNRp8+k/zRfTHTDdvWi2pcUF/5p+o/LjkcfftoeQ5T4/jTVJ8pAhOQmVnY7+
xRwfPnc38qHP1oe/PdUDSBxxP97l584QMzp8hcA26Q5u
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org