Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/4KSXFT2XFqvDrENEIscChJhibP8.roa
File: 4KSXFT2XFqvDrENEIscChJhibP8.roa (raw, json)
Hash identifier: clQtCUWZo7JCqM6QiM0Vyo79OrOtDGjdyAJw1ciGa/Q=
Subject key identifier: E0:A4:97:15:3D:97:16:AB:C3:AC:43:44:22:C7:02:84:98:62:6C:FF
Certificate issuer: /CN=391a0ecc2b9beaba9eb76d5519fe787b4033fc12
Certificate serial: 018514E3850C70E13A2789B6146D05EE4A2C
Authority key identifier: 39:1A:0E:CC:2B:9B:EA:BA:9E:B7:6D:55:19:FE:78:7B:40:33:FC:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORoOzCub6rqet21VGf54e0Az_BI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/4KSXFT2XFqvDrENEIscChJhibP8.roa
Signing time: Thu 15 Dec 2022 08:25:33 +0000
ROA not before: Thu 15 Dec 2022 08:25:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212221
IP address blocks: 91.132.4.0/23 maxlen: 23
89.45.206.0/23 maxlen: 23
89.45.200.0/23 maxlen: 23
89.45.203.0/24 maxlen: 24
89.45.200.0/21 maxlen: 21
89.45.204.0/23 maxlen: 23
89.45.202.0/23 maxlen: 23
212.102.106.0/24 maxlen: 24
2a09:b780::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:14:e3:85:0c:70:e1:3a:27:89:b6:14:6d:05:ee:4a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=391a0ecc2b9beaba9eb76d5519fe787b4033fc12
Validity
Not Before: Dec 15 08:25:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0a497153d9716abc3ac434422c7028498626cff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:57:81:a8:8b:d5:78:68:8e:f0:81:cb:a7:89:
25:d1:e4:b6:63:e1:ef:7e:a8:67:ce:bf:af:c9:56:
b0:9a:9d:3e:de:18:44:6e:b6:fa:f1:84:75:b2:81:
88:cd:fb:80:d9:22:90:d3:71:59:28:3b:9c:64:8a:
d5:e1:ee:c7:f0:f7:7b:a9:fb:0c:eb:03:f0:aa:3e:
40:a2:aa:a2:8f:c5:6b:42:72:89:96:32:b8:b5:82:
93:48:57:75:20:26:13:80:23:a5:e2:a8:96:94:57:
5b:dc:54:a3:9e:53:ae:42:95:59:27:c9:6a:3c:d8:
04:1d:38:94:a7:02:7e:9d:bb:fb:45:59:b1:52:d9:
ec:28:cd:96:08:b8:a0:58:73:f2:5a:ab:a9:84:b2:
c4:55:f7:b1:b9:33:7d:56:2d:18:5e:21:03:60:95:
87:ab:09:36:5a:5d:4b:61:26:b1:9e:37:c1:3c:9e:
f1:b3:bb:0b:cf:b3:8e:4b:23:bc:0a:a5:90:2e:5b:
c7:68:0f:40:22:3a:7a:bb:72:6b:16:16:d1:4e:7d:
11:59:c4:a3:d4:60:34:03:b6:a1:c1:48:bd:b6:e0:
36:4b:a1:64:83:15:aa:cf:52:b7:0d:02:ee:0b:00:
af:ff:bb:0a:9f:ca:55:63:73:a9:0c:f8:38:c7:51:
f3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A4:97:15:3D:97:16:AB:C3:AC:43:44:22:C7:02:84:98:62:6C:FF
X509v3 Authority Key Identifier:
keyid:39:1A:0E:CC:2B:9B:EA:BA:9E:B7:6D:55:19:FE:78:7B:40:33:FC:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORoOzCub6rqet21VGf54e0Az_BI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/4KSXFT2XFqvDrENEIscChJhibP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/ORoOzCub6rqet21VGf54e0Az_BI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.200.0/21
91.132.4.0/23
212.102.106.0/24
IPv6:
2a09:b780::/48
Signature Algorithm: sha256WithRSAEncryption
7e:e0:9e:fe:cd:75:91:40:a9:b2:55:af:1f:71:9f:f8:4f:1b:
a6:fd:4c:6d:90:bd:15:0d:1d:b2:78:34:00:d6:fd:37:63:93:
5d:83:aa:fa:89:16:b3:ba:fe:0b:8c:f8:ee:01:be:bf:36:ec:
74:da:eb:6b:b9:34:a3:26:28:98:a4:f5:a0:f7:5a:a7:44:4c:
02:1f:0a:e7:9f:dc:3f:03:be:0d:a6:d5:a4:63:9c:75:37:c7:
58:e2:e3:26:01:b0:bc:f9:f7:62:fd:04:1c:aa:bc:9d:2a:37:
d9:62:78:72:61:ac:85:57:f4:2d:ca:26:69:3b:3f:03:47:6d:
6f:25:4e:dd:e7:35:45:76:40:c2:01:ab:d0:85:7d:d9:af:74:
2d:79:2d:5a:15:40:74:6f:3d:32:c2:dc:80:54:f7:59:79:87:
8d:84:20:fb:b1:bd:03:8d:91:4e:b0:a1:79:75:fd:71:e7:9d:
82:cf:55:12:30:9c:4a:c2:d9:82:92:e6:73:e9:36:2b:81:47:
12:55:72:3e:f3:f8:24:17:c3:a2:fb:8e:34:28:d8:1c:fe:9b:
f7:50:db:57:6b:65:a2:d9:83:cf:26:47:a8:17:b6:f8:7a:76:
49:78:62:98:6a:7d:9b:5f:ee:3d:a1:d4:f1:ac:c9:8a:b9:64:
29:d0:eb:f4
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYUU44UMcOE6J4m2FG0F7kosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWEwZWNjMmI5YmVhYmE5ZWI3NmQ1NTE5ZmU3ODdiNDAz
M2ZjMTIwHhcNMjIxMjE1MDgyNTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGE0OTcxNTNkOTcxNmFiYzNhYzQzNDQyMmM3MDI4NDk4NjI2Y2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7FeBqIvVeGiO8IHLp4kl0eS2Y+Hv
fqhnzr+vyVawmp0+3hhEbrb68YR1soGIzfuA2SKQ03FZKDucZIrV4e7H8Pd7qfsM
6wPwqj5Aoqqij8VrQnKJljK4tYKTSFd1ICYTgCOl4qiWlFdb3FSjnlOuQpVZJ8lq
PNgEHTiUpwJ+nbv7RVmxUtnsKM2WCLigWHPyWquphLLEVfexuTN9Vi0YXiEDYJWH
qwk2Wl1LYSaxnjfBPJ7xs7sLz7OOSyO8CqWQLlvHaA9AIjp6u3JrFhbRTn0RWcSj
1GA0A7ahwUi9tuA2S6FkgxWqz1K3DQLuCwCv/7sKn8pVY3OpDPg4x1Hz8wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOCklxU9lxarw6xDRCLHAoSYYmz/MB8GA1UdIwQY
MBaAFDkaDswrm+q6nrdtVRn+eHtAM/wSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JvT3pDdWI2cnFldDIxVkdmNTRlMEF6X0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9jMjdjZDEtNTcwYi00N2QxLWIyNTYt
MTgxNDIyM2Q5MmNlLzEvNEtTWEZUMlhGcXZEckVORUlzY0NoSmhpYlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9jMjdjZDEtNTcwYi00N2QxLWIyNTYtMTgxNDIyM2Q5MmNl
LzEvT1JvT3pDdWI2cnFldDIxVkdmNTRlMEF6X0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDWS3IAwQB
W4QEAwQA1GZqMA8EAgACMAkDBwAqCbeAAAAwDQYJKoZIhvcNAQELBQADggEBAH7g
nv7NdZFAqbJVrx9xn/hPG6b9TG2QvRUNHbJ4NADW/Tdjk12DqvqJFrO6/guM+O4B
vr827HTa62u5NKMmKJik9aD3WqdETAIfCuef3D8Dvg2m1aRjnHU3x1ji4yYBsLz5
92L9BByqvJ0qN9lieHJhrIVX9C3KJmk7PwNHbW8lTt3nNUV2QMIBq9CFfdmvdC15
LVoVQHRvPTLC3IBU91l5h42EIPuxvQONkU6woXl1/XHnnYLPVRIwnErC2YKS5nPp
NiuBRxJVcj7z+CQXw6L7jjQo2Bz+m/dQ21drZaLZg88mR6gXtvh6dkl4YphqfZtf
7j2h1PGsyYq5ZCnQ6/Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:28 2024 by rpki-client on console-ams.rpki-client.org