Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/LTfkI2I-JjD6obPYzAga8d4EDwY.roa
File: LTfkI2I-JjD6obPYzAga8d4EDwY.roa (raw, json)
Hash identifier: BO4heEMC0S9ebz+yQXEtNIsgMffDn+Gqlq9wFDmhaDI=
Subject key identifier: 2D:37:E4:23:62:3E:26:30:FA:A1:B3:D8:CC:08:1A:F1:DE:04:0F:06
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 042C4FB5
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/LTfkI2I-JjD6obPYzAga8d4EDwY.roa
Signing time: Fri 29 Apr 2022 13:26:51 +0000
ROA not before: Fri 29 Apr 2022 13:26:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208911
IP address blocks: 89.185.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70012853 (0x42c4fb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Apr 29 13:26:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d37e423623e2630faa1b3d8cc081af1de040f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:af:49:47:17:e5:19:ac:47:00:85:2e:4b:0e:
f9:ff:b7:dc:2d:fd:63:ac:ee:41:ee:55:14:5a:19:
eb:30:aa:3c:3f:68:a2:ff:1d:7f:7b:23:0c:4d:a4:
18:d6:a5:8a:c3:68:6c:90:27:53:61:2c:f6:a7:ad:
df:03:a3:84:f1:52:ea:36:44:4e:b1:c7:a1:08:49:
bd:df:51:d5:f3:85:fd:a8:dd:a4:08:89:1d:67:ea:
ef:09:7e:65:99:9c:90:ce:fd:d0:25:d5:84:8f:aa:
32:7b:72:c1:12:08:4c:cf:3d:df:8e:b0:ed:3f:f1:
b5:62:20:ea:8e:6c:63:36:bf:59:3f:46:4c:1a:8e:
d4:f0:bf:a7:2b:a4:36:43:26:b7:2e:d9:d8:5f:7e:
67:65:d8:d2:83:f3:8d:c6:ad:93:4b:57:f2:9d:ec:
60:34:db:e3:a8:0e:9f:23:b8:71:91:60:d0:9d:b9:
cc:6b:90:23:2d:04:d2:c6:1e:49:89:db:fa:76:76:
6a:40:2b:25:86:41:da:22:02:5f:9f:a7:bd:88:44:
9b:70:99:8f:10:5d:ee:ac:7d:7e:86:a3:d8:bc:91:
88:27:71:14:c2:82:9d:ee:83:1a:0b:cc:f3:2a:c3:
a2:9c:2a:58:43:69:22:1b:f3:10:a1:66:ff:94:ba:
f1:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:37:E4:23:62:3E:26:30:FA:A1:B3:D8:CC:08:1A:F1:DE:04:0F:06
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/LTfkI2I-JjD6obPYzAga8d4EDwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.85.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:c4:00:65:82:f7:d5:41:2d:ca:e3:ad:aa:b9:72:cc:7e:2c:
2a:84:55:c7:be:55:a4:90:ab:ff:09:bd:0f:c9:4e:b9:fa:d0:
3e:63:49:6a:6a:ea:65:39:f2:68:32:88:0a:37:a4:f7:66:6f:
56:c1:9e:74:d0:14:db:8e:5c:47:2a:8c:43:81:8e:f4:85:2a:
03:35:a7:36:b3:98:ee:3f:51:a1:0e:98:b3:51:10:68:2b:a5:
d8:83:3f:45:a0:63:8a:34:dc:9e:1e:d2:c8:99:73:e3:3d:24:
9d:8a:c1:6e:33:ac:2e:36:f0:8a:6b:b0:b1:1c:94:15:97:c3:
b8:ff:6b:7c:97:ce:e5:30:0b:49:89:39:8a:b2:0c:13:48:e6:
b4:b0:e7:a5:2f:d1:17:5b:82:3a:4f:fb:ec:47:b6:ee:e9:6a:
e4:e0:65:9c:30:f6:6c:8d:b7:85:3d:c3:7d:a4:ce:ef:01:e4:
34:15:ed:b4:fd:7b:e3:ff:4e:e9:55:fb:d7:c4:d1:af:1a:c2:
10:e3:5c:53:f1:36:67:21:d1:28:05:0c:74:9a:d4:60:4e:95:
e7:04:09:24:37:df:45:48:d4:b9:20:0e:d5:41:bb:73:d1:f5:
7a:52:41:ab:8b:ea:e7:20:f2:09:35:22:f6:ff:3f:df:4e:65:
7c:af:bf:54
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBCxPtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjU3YzJkOWQ5M2FjN2NmOWIyZjE3Y2FhNzg1OWI2OTg1YjM5YjlkMB4XDTIyMDQy
OTEzMjY1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQzN2U0MjM2MjNl
MjYzMGZhYTFiM2Q4Y2MwODFhZjFkZTA0MGYwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+vSUcX5RmsRwCFLksO+f+33C39Y6zuQe5VFFoZ6zCqPD9o
ov8df3sjDE2kGNalisNobJAnU2Es9qet3wOjhPFS6jZETrHHoQhJvd9R1fOF/ajd
pAiJHWfq7wl+ZZmckM790CXVhI+qMntywRIITM89346w7T/xtWIg6o5sYza/WT9G
TBqO1PC/pyukNkMmty7Z2F9+Z2XY0oPzjcatk0tX8p3sYDTb46gOnyO4cZFg0J25
zGuQIy0E0sYeSYnb+nZ2akArJYZB2iICX5+nvYhEm3CZjxBd7qx9foaj2LyRiCdx
FMKCne6DGgvM8yrDopwqWENpIhvzEKFm/5S68ScCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQtN+QjYj4mMPqhs9jMCBrx3gQPBjAfBgNVHSMEGDAWgBTvV8LZ2TrHz5sv
F8qnhZtphbObnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzcxZkMyZGs2eDgtYkx4ZktwNFdiYVlXem01MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8x
L0xUZmtJMkktSmpENm9iUFl6QWdhOGQ0RUR3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8xLzcxZkMyZGs2eDgt
Ykx4ZktwNFdiYVlXem01MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFm5VTANBgkqhkiG9w0BAQsFAAOC
AQEAPcQAZYL31UEtyuOtqrlyzH4sKoRVx75VpJCr/wm9D8lOufrQPmNJamrqZTny
aDKICjek92ZvVsGedNAU245cRyqMQ4GO9IUqAzWnNrOY7j9RoQ6Ys1EQaCul2IM/
RaBjijTcnh7SyJlz4z0knYrBbjOsLjbwimuwsRyUFZfDuP9rfJfO5TALSYk5irIM
E0jmtLDnpS/RF1uCOk/77Ee27ulq5OBlnDD2bI23hT3DfaTO7wHkNBXttP174/9O
6VX718TRrxrCEONcU/E2ZyHRKAUMdJrUYE6V5wQJJDffRUjUuSAO1UG7c9H1elJB
q4vq5yDyCTUi9v8/305lfK+/VA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:05 2023 by rpki-client on console-ams.rpki-client.org