Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/9CMrImJ-k_hHNdmkzaBpiWP4M1s.roa
File: 9CMrImJ-k_hHNdmkzaBpiWP4M1s.roa (raw, json)
Hash identifier: 4k7ONZrfzEil2fuzp54yp8R9dUlCEa6cau811j/dHjY=
Subject key identifier: F4:23:2B:22:62:7E:93:F8:47:35:D9:A4:CD:A0:69:89:63:F8:33:5B
Certificate issuer: /CN=9bb350a905df3fdbbc2456d5c81c2f209ae752f3
Certificate serial: 01835ACC58D172D52FCAA0C9BC50530A4E69
Authority key identifier: 9B:B3:50:A9:05:DF:3F:DB:BC:24:56:D5:C8:1C:2F:20:9A:E7:52:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7NQqQXfP9u8JFbVyBwvIJrnUvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/9CMrImJ-k_hHNdmkzaBpiWP4M1s.roa
Signing time: Tue 20 Sep 2022 12:08:05 +0000
ROA not before: Tue 20 Sep 2022 12:08:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206348
IP address blocks: 89.47.8.0/23 maxlen: 24
2a12:bb40::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:cc:58:d1:72:d5:2f:ca:a0:c9:bc:50:53:0a:4e:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bb350a905df3fdbbc2456d5c81c2f209ae752f3
Validity
Not Before: Sep 20 12:08:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4232b22627e93f84735d9a4cda0698963f8335b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4d:da:18:e4:63:34:4b:94:80:ba:64:ee:ef:
f9:d3:0e:64:93:14:e7:ff:95:d9:39:85:a4:96:7a:
bb:54:e3:58:25:37:42:65:e2:1b:33:92:19:ca:3d:
15:d0:bd:46:32:3c:83:dd:04:3c:ed:70:07:81:ad:
79:8d:1e:e6:2a:13:4b:47:7f:1c:cf:75:11:d6:8a:
65:79:24:66:98:f4:c5:9b:3a:07:aa:ca:ac:f3:4d:
41:3c:c2:fe:53:0a:7b:5e:87:97:ac:2c:99:ff:f8:
40:3c:8c:12:ae:5b:9d:d3:bd:87:21:1d:a5:b5:7e:
3b:68:fb:e3:00:85:64:9c:19:01:f1:5e:dc:9e:69:
0e:9d:00:e2:02:7a:98:cf:fe:a2:f6:f1:24:18:e5:
6b:fa:37:c7:06:fa:97:4d:20:54:e8:d7:4f:f7:ad:
f7:11:66:63:b6:c3:78:01:12:7d:a5:07:79:b4:72:
69:74:ab:f2:aa:bc:7a:c4:61:48:a8:47:96:9b:f1:
7e:39:44:b8:1b:f4:48:a4:71:b1:a9:76:0a:84:3f:
ac:55:78:7b:d2:9d:4d:47:32:d0:55:30:c5:21:00:
c0:02:06:81:72:c3:f8:a6:f8:aa:a3:27:13:7e:e4:
9d:d5:ae:e2:c0:98:93:79:2d:56:72:e6:f4:a5:a2:
7f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:23:2B:22:62:7E:93:F8:47:35:D9:A4:CD:A0:69:89:63:F8:33:5B
X509v3 Authority Key Identifier:
keyid:9B:B3:50:A9:05:DF:3F:DB:BC:24:56:D5:C8:1C:2F:20:9A:E7:52:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7NQqQXfP9u8JFbVyBwvIJrnUvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/9CMrImJ-k_hHNdmkzaBpiWP4M1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/m7NQqQXfP9u8JFbVyBwvIJrnUvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.8.0/23
IPv6:
2a12:bb40::/29
Signature Algorithm: sha256WithRSAEncryption
b3:e7:de:d3:9d:47:08:4a:c3:f8:76:6c:c2:c4:aa:e3:9a:8a:
11:0f:ee:09:d0:a0:76:88:e7:ba:55:b3:01:4a:b9:ef:e8:76:
77:52:14:81:09:4a:60:c9:69:4f:da:3c:5a:86:b1:b3:fc:91:
10:5f:03:5e:f4:3c:00:5e:df:1f:18:ed:89:11:e1:a8:64:e2:
4d:8d:ca:db:eb:bf:c3:31:04:a0:17:2d:fa:bc:69:3c:a3:86:
84:dc:be:19:07:ef:4d:6d:6a:fb:47:e9:53:ef:c4:d8:1b:dc:
6a:ec:d0:c5:67:0f:09:c7:dc:d1:19:1d:96:87:d7:22:1f:58:
42:67:c9:9f:82:04:80:fb:e5:86:42:fa:13:38:62:e0:5d:8e:
86:8a:26:bf:9a:1d:02:aa:3d:a4:e3:4e:0f:c6:66:92:a4:ec:
66:7d:b0:b0:ca:7b:b4:7e:43:f0:c0:d6:2a:0c:ee:b9:77:fa:
e7:b2:8a:f1:e4:69:8b:61:a2:0d:00:f5:2e:42:0b:f1:7a:de:
6e:03:9a:60:0c:21:4a:77:1e:f7:e2:20:3c:66:16:36:19:10:
83:96:0e:4f:2a:42:ad:82:9a:fe:27:86:40:30:41:71:0a:6e:
4e:40:4a:2d:94:14:fe:49:cc:6f:76:71:2d:7f:0d:79:74:65:
2d:fd:37:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNazFjRctUvyqDJvFBTCk5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliYjM1MGE5MDVkZjNmZGJiYzI0NTZkNWM4MWMyZjIwOWFl
NzUyZjMwHhcNMjIwOTIwMTIwODA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDIzMmIyMjYyN2U5M2Y4NDczNWQ5YTRjZGEwNjk4OTYzZjgzMzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlk3aGORjNEuUgLpk7u/50w5kkxTn
/5XZOYWklnq7VONYJTdCZeIbM5IZyj0V0L1GMjyD3QQ87XAHga15jR7mKhNLR38c
z3UR1opleSRmmPTFmzoHqsqs801BPML+Uwp7XoeXrCyZ//hAPIwSrlud072HIR2l
tX47aPvjAIVknBkB8V7cnmkOnQDiAnqYz/6i9vEkGOVr+jfHBvqXTSBU6NdP9633
EWZjtsN4ARJ9pQd5tHJpdKvyqrx6xGFIqEeWm/F+OUS4G/RIpHGxqXYKhD+sVXh7
0p1NRzLQVTDFIQDAAgaBcsP4pviqoycTfuSd1a7iwJiTeS1Wcub0paJ/SwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPQjKyJifpP4RzXZpM2gaYlj+DNbMB8GA1UdIwQY
MBaAFJuzUKkF3z/bvCRW1cgcLyCa51LzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTdOUXFRWGZQOXU4SkZiVnlCd3ZJSnJuVXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9iMTRkZGQtYWZkYS00MDhjLTljNDYt
OWMxZjY5YTI0MmJhLzEvOUNNckltSi1rX2hITmRta3phQnBpV1A0TTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC9iMTRkZGQtYWZkYS00MDhjLTljNDYtOWMxZjY5YTI0MmJh
LzEvbTdOUXFRWGZQOXU4SkZiVnlCd3ZJSnJuVXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBWS8IMA0E
AgACMAcDBQMqErtAMA0GCSqGSIb3DQEBCwUAA4IBAQCz597TnUcISsP4dmzCxKrj
mooRD+4J0KB2iOe6VbMBSrnv6HZ3UhSBCUpgyWlP2jxahrGz/JEQXwNe9DwAXt8f
GO2JEeGoZOJNjcrb67/DMQSgFy36vGk8o4aE3L4ZB+9NbWr7R+lT78TYG9xq7NDF
Zw8Jx9zRGR2Wh9ciH1hCZ8mfggSA++WGQvoTOGLgXY6Giia/mh0Cqj2k404PxmaS
pOxmfbCwynu0fkPwwNYqDO65d/rnsorx5GmLYaINAPUuQgvxet5uA5pgDCFKdx73
4iA8ZhY2GRCDlg5PKkKtgpr+J4ZAMEFxCm5OQEotlBT+ScxvdnEtfw15dGUt/TdP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:28 2024 by rpki-client on console-fra.rpki-client.org