Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/py1FFhGqkUGCNcojp1IWglxK55k.roa
File: py1FFhGqkUGCNcojp1IWglxK55k.roa (raw, json)
Hash identifier: /UhEZAbrEr9XTiqTPCCZ2nlUq828em4CgAi5GzJEzmQ=
Subject key identifier: A7:2D:45:16:11:AA:91:41:82:35:CA:23:A7:52:16:82:5C:4A:E7:99
Certificate issuer: /CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Certificate serial: 0383555C
Authority key identifier: AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/py1FFhGqkUGCNcojp1IWglxK55k.roa
Signing time: Sat 01 Jan 2022 01:59:21 +0000
ROA not before: Sat 01 Jan 2022 01:59:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50733
IP address blocks: 89.221.83.0/24 maxlen: 24
89.221.82.0/24 maxlen: 24
89.221.82.0/23 maxlen: 23
89.221.81.0/24 maxlen: 24
89.221.80.0/24 maxlen: 24
89.221.80.0/22 maxlen: 22
89.221.80.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 58938716 (0x383555c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Validity
Not Before: Jan 1 01:59:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a72d451611aa91418235ca23a75216825c4ae799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ae:b6:0f:28:95:74:61:13:b4:42:ab:0a:67:
11:68:f7:dc:48:aa:ac:78:4b:ea:71:dd:b2:25:82:
97:b2:cc:c8:c3:ec:98:d5:e2:e0:b1:d5:de:ce:f6:
22:d9:aa:28:18:51:d2:6e:0f:95:64:5e:f0:db:01:
c2:65:57:76:cb:2e:ae:e2:42:ac:ab:e5:e0:93:6c:
ca:06:d6:09:47:17:7e:67:e6:41:a9:f8:5f:fb:f1:
2b:07:2a:13:80:a4:c3:95:f8:e9:8d:95:d9:49:98:
89:8a:77:7b:0b:34:14:55:24:b2:aa:ef:0a:c5:40:
56:1c:0d:35:fd:ee:90:1d:4e:8d:fb:6f:42:c6:9f:
fb:5f:48:c1:1d:0c:6e:4e:f9:cc:f2:f2:13:e5:70:
e8:5d:af:c9:ad:c2:5d:7b:1f:65:61:05:c7:58:12:
f6:d1:06:b1:15:cd:8e:7a:03:69:18:b3:52:04:e4:
12:9d:08:c5:c6:60:3b:35:bf:d0:f2:a7:be:5b:e9:
21:8a:4c:8a:98:7b:32:d6:d9:0c:c0:15:c0:1d:7c:
7b:40:f2:7f:12:bd:ea:14:dd:3d:0c:8c:cf:9c:07:
ab:bc:06:9e:e2:35:ac:29:77:06:85:6a:c5:71:ed:
bb:72:9c:26:61:35:04:d5:37:db:50:5e:28:c5:13:
76:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:2D:45:16:11:AA:91:41:82:35:CA:23:A7:52:16:82:5C:4A:E7:99
X509v3 Authority Key Identifier:
keyid:AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/py1FFhGqkUGCNcojp1IWglxK55k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.221.80.0/22
Signature Algorithm: sha256WithRSAEncryption
28:10:4d:63:dc:08:43:03:e9:31:88:2d:d8:21:35:c7:fe:6c:
ae:8a:11:aa:3e:6c:6b:82:ad:a3:31:b8:c4:7b:c3:fd:2e:39:
34:8f:86:9e:36:21:72:06:58:ba:4a:10:93:f2:53:15:70:b7:
53:66:25:87:6d:61:a8:0a:4e:ba:a4:0a:ce:b9:19:6a:03:36:
35:7c:14:73:d7:2e:2e:f3:f4:d9:28:15:dc:65:97:46:a3:0c:
0a:fa:f1:a8:f4:95:bc:8e:59:4f:eb:d5:6b:8c:0b:50:15:c3:
9a:93:5f:f6:c7:1e:4b:99:7b:7b:46:80:c9:69:e7:50:84:e0:
dd:7a:1c:96:a5:84:d0:d7:de:91:b9:a7:54:35:b9:85:b8:9b:
0a:e9:f2:5c:b9:06:b4:40:f6:20:0c:58:f2:00:cd:01:b3:bf:
5e:e5:34:a2:17:a7:da:01:32:f9:73:f9:57:d1:2c:28:8a:1a:
5d:d2:b6:d7:d9:33:0f:ec:fd:78:ef:c0:a0:44:7a:f4:86:3f:
bf:3c:3e:6e:fa:2f:cc:81:5a:9d:06:6f:9e:bf:e1:84:19:ac:
f1:a2:f2:4d:6a:79:ab:38:5f:d0:32:ee:76:d0:e6:c5:23:28:
72:14:a1:13:e5:bd:b1:be:fe:1a:32:05:45:68:b5:44:6d:3f:
90:f4:28:95
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA4NVXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDk2ODFmMTQ0ZGIxNDMwYWMzMTVjODMwNmUxYzE0NzMwYzVmZWMyMB4XDTIyMDEw
MTAxNTkyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTcyZDQ1MTYxMWFh
OTE0MTgyMzVjYTIzYTc1MjE2ODI1YzRhZTc5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWutg8olXRhE7RCqwpnEWj33EiqrHhL6nHdsiWCl7LMyMPs
mNXi4LHV3s72ItmqKBhR0m4PlWRe8NsBwmVXdssuruJCrKvl4JNsygbWCUcXfmfm
Qan4X/vxKwcqE4Ckw5X46Y2V2UmYiYp3ews0FFUksqrvCsVAVhwNNf3ukB1Ojftv
Qsaf+19IwR0Mbk75zPLyE+Vw6F2vya3CXXsfZWEFx1gS9tEGsRXNjnoDaRizUgTk
Ep0IxcZgOzW/0PKnvlvpIYpMiph7MtbZDMAVwB18e0DyfxK96hTdPQyMz5wHq7wG
nuI1rCl3BoVqxXHtu3KcJmE1BNU321BeKMUTdnMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSnLUUWEaqRQYI1yiOnUhaCXErnmTAfBgNVHSMEGDAWgBStloHxRNsUMKwx
XIMG4cFHMMX+wjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JaYUI4VVRiRkRDc01WeURCdUhCUnpERl9zSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvNDA1YjVmLThkMjYtNGVlMy1iODdmLWEzYTEzZTNhN2Q4MC8x
L3B5MUZGaEdxa1VHQ05jb2pwMUlXZ2x4SzU1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
NDA1YjVmLThkMjYtNGVlMy1iODdmLWEzYTEzZTNhN2Q4MC8xL3JaYUI4VVRiRkRD
c01WeURCdUhCUnpERl9zSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlndUDANBgkqhkiG9w0BAQsFAAOC
AQEAKBBNY9wIQwPpMYgt2CE1x/5srooRqj5sa4KtozG4xHvD/S45NI+GnjYhcgZY
ukoQk/JTFXC3U2Ylh21hqApOuqQKzrkZagM2NXwUc9cuLvP02SgV3GWXRqMMCvrx
qPSVvI5ZT+vVa4wLUBXDmpNf9sceS5l7e0aAyWnnUITg3XoclqWE0NfekbmnVDW5
hbibCunyXLkGtED2IAxY8gDNAbO/XuU0ohen2gEy+XP5V9EsKIoaXdK219kzD+z9
eO/AoER69IY/vzw+bvovzIFanQZvnr/hhBms8aLyTWp5qzhf0DLudtDmxSMochSh
E+W9sb7+GjIFRWi1RG0/kPQolQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:35 2024 by rpki-client on console-ams.rpki-client.org