Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/4fqVa1yIZ2BlAShM5OPGjzxADLM.roa
File: 4fqVa1yIZ2BlAShM5OPGjzxADLM.roa (raw, json)
Hash identifier: 0NsqZuJj52GGXXUhx0gXjYT5tv0crN9i0yQ2hlaLqWw=
Subject key identifier: E1:FA:95:6B:5C:88:67:60:65:01:28:4C:E4:E3:C6:8F:3C:40:0C:B3
Certificate issuer: /CN=c1b050211219d18e996e086cb7f6309178804860
Certificate serial: 340DE6E0
Authority key identifier: C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/4fqVa1yIZ2BlAShM5OPGjzxADLM.roa
Signing time: Sat 01 Jan 2022 09:00:48 +0000
ROA not before: Sat 01 Jan 2022 09:00:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62144
IP address blocks: 89.108.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 873326304 (0x340de6e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1b050211219d18e996e086cb7f6309178804860
Validity
Not Before: Jan 1 09:00:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1fa956b5c8867606501284ce4e3c68f3c400cb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:d1:0f:22:b8:8c:82:41:74:77:f6:e1:10:cf:
a4:db:67:76:f3:f4:10:c9:ab:7f:5d:d8:d8:67:78:
1f:c6:7e:cc:87:89:42:4e:07:b0:97:80:82:00:15:
40:33:1b:78:16:eb:a8:2c:bb:ac:95:9a:7b:88:de:
35:13:8e:e8:bf:7b:1b:41:d2:54:5d:fd:25:37:43:
2f:0b:7c:76:26:c5:47:ac:9d:61:fc:14:42:57:88:
73:bd:d2:ed:15:c1:3b:87:3f:9c:d8:57:fd:d7:fe:
32:ab:5d:27:bc:17:e0:68:00:68:d0:ab:02:1c:f8:
30:58:07:a7:e3:58:1a:dd:1d:2b:84:09:87:95:c3:
dc:49:c1:3a:f4:88:5d:5e:d5:e5:69:2b:20:58:0a:
c8:a7:15:7a:16:99:8b:ab:08:b1:11:1b:00:19:df:
ac:de:a7:54:f8:32:65:6f:de:02:8f:14:56:15:5a:
ec:38:1d:f1:a6:59:9a:88:f3:16:81:8c:8d:60:0c:
d7:d2:b6:8b:30:b4:a0:85:5c:fc:b2:3a:40:6c:96:
e4:30:3e:db:3c:2d:8e:cc:1a:64:2f:62:9e:10:1c:
3c:3a:35:08:36:df:1e:6e:c2:a6:52:29:5a:07:a5:
5d:b3:20:20:d6:72:07:77:e1:e3:37:1e:ef:02:b5:
40:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:FA:95:6B:5C:88:67:60:65:01:28:4C:E4:E3:C6:8F:3C:40:0C:B3
X509v3 Authority Key Identifier:
keyid:C1:B0:50:21:12:19:D1:8E:99:6E:08:6C:B7:F6:30:91:78:80:48:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wbBQIRIZ0Y6Zbghst_YwkXiASGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/4fqVa1yIZ2BlAShM5OPGjzxADLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/28a8f3-889e-4549-a44e-ce225187fc38/1/wbBQIRIZ0Y6Zbghst_YwkXiASGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.136.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:43:a3:88:1f:fd:37:fb:b8:d5:ec:34:d3:6b:ba:0f:c8:07:
fd:c8:d4:23:1d:35:cb:61:52:40:56:9d:88:f2:b0:55:08:9b:
b6:ab:fd:b5:78:4c:f7:67:a8:f5:e1:60:a1:d3:e1:34:1b:1c:
22:50:f7:5b:1d:b4:74:61:2e:2a:28:22:6d:47:d0:90:e2:4d:
bd:f8:e1:2e:be:d8:29:c8:2d:9c:6b:8f:18:eb:21:6b:63:07:
a2:3b:44:31:74:b7:4d:3a:a0:aa:70:d9:e4:6c:82:8a:8b:0b:
0b:42:83:48:24:c4:1f:3d:e0:a2:a2:ce:59:a0:c5:a1:6c:7f:
c9:37:89:8c:9e:f7:42:6f:b6:bf:1c:71:f7:f1:25:1b:b4:dc:
9c:47:b2:57:ca:4a:30:2d:ad:62:c1:22:62:e1:8d:76:c6:21:
51:f4:82:9a:e9:ee:b4:5c:b3:5d:29:1c:14:bf:f4:d3:ff:d2:
fb:a8:8c:fd:19:59:2e:36:14:46:ba:01:2d:46:07:d5:e0:15:
23:0c:eb:2f:15:14:d3:0a:03:21:08:b3:ae:4a:9c:0f:bb:11:
59:ce:38:9a:fc:76:2f:c8:5f:f0:e7:bc:a0:65:ed:1d:9b:ac:
5c:51:25:9f:90:f8:af:cc:9b:35:c0:5a:e9:f4:31:b9:13:f0:
5e:9a:86:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENA3m4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWIwNTAyMTEyMTlkMThlOTk2ZTA4NmNiN2Y2MzA5MTc4ODA0ODYwMB4XDTIyMDEw
MTA5MDA0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFmYTk1NmI1Yzg4
Njc2MDY1MDEyODRjZTRlM2M2OGYzYzQwMGNiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTRDyK4jIJBdHf24RDPpNtndvP0EMmrf13Y2Gd4H8Z+zIeJ
Qk4HsJeAggAVQDMbeBbrqCy7rJWae4jeNROO6L97G0HSVF39JTdDLwt8dibFR6yd
YfwUQleIc73S7RXBO4c/nNhX/df+MqtdJ7wX4GgAaNCrAhz4MFgHp+NYGt0dK4QJ
h5XD3EnBOvSIXV7V5WkrIFgKyKcVehaZi6sIsREbABnfrN6nVPgyZW/eAo8UVhVa
7Dgd8aZZmojzFoGMjWAM19K2izC0oIVc/LI6QGyW5DA+2zwtjswaZC9inhAcPDo1
CDbfHm7CplIpWgelXbMgINZyB3fh4zce7wK1QNsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTh+pVrXIhnYGUBKEzk48aPPEAMszAfBgNVHSMEGDAWgBTBsFAhEhnRjplu
CGy39jCReIBIYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3diQlFJUklaMFk2WmJnaHN0X1l3a1hpQVNHQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvMjhhOGYzLTg4OWUtNDU0OS1hNDRlLWNlMjI1MTg3ZmMzOC8x
LzRmcVZhMXlJWjJCbEFTaE01T1BHanp4QURMTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
MjhhOGYzLTg4OWUtNDU0OS1hNDRlLWNlMjI1MTg3ZmMzOC8xL3diQlFJUklaMFk2
WmJnaHN0X1l3a1hpQVNHQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFlsiDANBgkqhkiG9w0BAQsFAAOC
AQEAXEOjiB/9N/u41ew002u6D8gH/cjUIx01y2FSQFadiPKwVQibtqv9tXhM92eo
9eFgodPhNBscIlD3Wx20dGEuKigibUfQkOJNvfjhLr7YKcgtnGuPGOsha2MHojtE
MXS3TTqgqnDZ5GyCiosLC0KDSCTEHz3goqLOWaDFoWx/yTeJjJ73Qm+2vxxx9/El
G7TcnEeyV8pKMC2tYsEiYuGNdsYhUfSCmunutFyzXSkcFL/00//S+6iM/RlZLjYU
RroBLUYH1eAVIwzrLxUU0woDIQizrkqcD7sRWc44mvx2L8hf8Oe8oGXtHZusXFEl
n5D4r8ybNcBa6fQxuRPwXpqGeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:44 2024 by rpki-client on console-ams.rpki-client.org