Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/kcmpaDWm22x9hi8bNNhataclyUU.roa
File: kcmpaDWm22x9hi8bNNhataclyUU.roa (raw, json)
Hash identifier: ZZnYe+pRgrB/r2kElguiKvKYBItbI1nPKx9wSPmiMro=
Subject key identifier: 91:C9:A9:68:35:A6:DB:6C:7D:86:2F:1B:34:D8:5A:B5:A7:25:C9:45
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 040AEE5B
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/kcmpaDWm22x9hi8bNNhataclyUU.roa
Signing time: Wed 20 Apr 2022 12:31:15 +0000
ROA not before: Wed 20 Apr 2022 12:31:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207967
IP address blocks: 89.185.85.0/24 maxlen: 24
89.185.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67825243 (0x40aee5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Apr 20 12:31:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91c9a96835a6db6c7d862f1b34d85ab5a725c945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5e:a1:8e:f5:85:d7:28:a5:56:cd:46:f9:4a:
2a:a5:b6:d1:2d:10:3e:e3:f0:6a:af:e8:b0:02:0a:
cd:60:c3:18:28:f4:fd:78:90:e5:eb:8c:2f:f3:03:
2a:e2:f1:64:85:96:bb:04:e5:be:67:99:43:44:06:
71:40:42:f0:8e:c7:29:57:11:6b:7c:76:e4:a1:4e:
28:c3:09:ac:f6:4e:91:1a:59:7b:d1:ad:5b:4c:31:
06:99:02:16:33:71:55:40:f5:73:26:7f:45:8a:15:
aa:00:74:e7:32:f4:f6:1f:56:9d:d0:01:fc:f6:88:
35:0b:ef:a0:72:68:5c:b0:bf:61:1e:68:a6:fd:e3:
72:f9:fd:a2:93:5f:7a:ea:96:38:2a:10:b9:cc:d2:
00:a5:36:5a:55:68:f5:5f:8b:2e:98:20:63:e2:99:
c5:27:63:ba:70:52:87:15:44:b7:17:b2:d1:9c:a3:
b3:33:03:52:05:36:ef:b5:79:a7:fe:78:24:49:c9:
c4:23:6d:ef:b6:5a:9f:f0:25:52:5b:6c:54:dc:11:
bf:db:50:d3:35:25:f3:a4:49:14:10:d0:b6:0a:de:
df:15:19:a1:1d:38:29:70:f6:a4:39:25:6e:19:0f:
93:8a:a8:02:b6:ea:27:fc:b0:db:d2:18:c1:98:b2:
26:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C9:A9:68:35:A6:DB:6C:7D:86:2F:1B:34:D8:5A:B5:A7:25:C9:45
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/kcmpaDWm22x9hi8bNNhataclyUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.84.0/23
Signature Algorithm: sha256WithRSAEncryption
30:31:33:da:b2:be:4e:f0:c2:4a:47:77:5f:7e:72:ba:7b:03:
11:60:5a:d1:46:08:56:56:8f:0e:2c:11:23:55:c0:0e:a3:02:
cb:9e:18:23:61:97:ff:4c:73:f4:97:a7:40:87:58:97:11:99:
86:15:02:8e:af:b5:9b:81:cd:41:ab:07:e0:d9:27:2f:2d:a1:
6f:a1:05:2f:bc:a5:62:63:4f:e5:c9:1a:5c:75:82:d9:8e:ab:
77:e8:9a:ff:8b:34:02:d6:6f:19:98:71:ee:82:ae:1a:a1:77:
8f:0a:24:ce:f5:28:72:24:fc:a2:98:5d:2f:13:ce:a9:cd:2b:
f6:b4:f8:60:e7:d1:f0:66:08:bf:d2:b1:67:8b:93:2f:6a:3e:
1c:29:f5:ca:39:fa:36:a7:09:04:db:fa:8e:8e:25:34:d1:35:
01:e2:4f:4e:19:7d:b9:71:fc:aa:2d:03:02:21:df:cd:9d:dc:
80:8d:62:08:c6:56:bc:02:97:84:fd:20:64:c6:3a:fb:bf:72:
b9:21:52:c9:21:2c:19:06:0f:f2:ff:fe:3b:e3:f6:17:56:51:
12:e7:52:a5:85:29:5e:e7:26:ba:2b:fb:f3:5f:84:f4:5e:96:
a7:84:f2:48:7e:44:05:7a:33:3a:9c:3b:5b:a1:fb:b7:ca:ff:
59:fb:31:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBAruWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjU3YzJkOWQ5M2FjN2NmOWIyZjE3Y2FhNzg1OWI2OTg1YjM5YjlkMB4XDTIyMDQy
MDEyMzExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFjOWE5NjgzNWE2
ZGI2YzdkODYyZjFiMzRkODVhYjVhNzI1Yzk0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFeoY71hdcopVbNRvlKKqW20S0QPuPwaq/osAIKzWDDGCj0
/XiQ5euML/MDKuLxZIWWuwTlvmeZQ0QGcUBC8I7HKVcRa3x25KFOKMMJrPZOkRpZ
e9GtW0wxBpkCFjNxVUD1cyZ/RYoVqgB05zL09h9WndAB/PaINQvvoHJoXLC/YR5o
pv3jcvn9opNfeuqWOCoQuczSAKU2WlVo9V+LLpggY+KZxSdjunBShxVEtxey0Zyj
szMDUgU277V5p/54JEnJxCNt77Zan/AlUltsVNwRv9tQ0zUl86RJFBDQtgre3xUZ
oR04KXD2pDklbhkPk4qoArbqJ/yw29IYwZiyJhsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSRyaloNabbbH2GLxs02Fq1pyXJRTAfBgNVHSMEGDAWgBTvV8LZ2TrHz5sv
F8qnhZtphbObnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzcxZkMyZGs2eDgtYkx4ZktwNFdiYVlXem01MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8x
L2tjbXBhRFdtMjJ4OWhpOGJOTmhhdGFjbHlVVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8xLzcxZkMyZGs2eDgt
Ykx4ZktwNFdiYVlXem01MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVm5VDANBgkqhkiG9w0BAQsFAAOC
AQEAMDEz2rK+TvDCSkd3X35yunsDEWBa0UYIVlaPDiwRI1XADqMCy54YI2GX/0xz
9JenQIdYlxGZhhUCjq+1m4HNQasH4NknLy2hb6EFL7ylYmNP5ckaXHWC2Y6rd+ia
/4s0AtZvGZhx7oKuGqF3jwokzvUociT8ophdLxPOqc0r9rT4YOfR8GYIv9KxZ4uT
L2o+HCn1yjn6NqcJBNv6jo4lNNE1AeJPThl9uXH8qi0DAiHfzZ3cgI1iCMZWvAKX
hP0gZMY6+79yuSFSySEsGQYP8v/+O+P2F1ZREudSpYUpXucmuiv781+E9F6Wp4Ty
SH5EBXozOpw7W6H7t8r/WfsxpA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:14 2023 by rpki-client on console-fra.rpki-client.org