Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/xTIS8po6tAyF8iVbMohYT6gxFn0.roa
File: xTIS8po6tAyF8iVbMohYT6gxFn0.roa (raw, json)
Hash identifier: eYVbdIhV3CtGjbgRnqz+dVcsuRUChk/82IR04mYqD7I=
Subject key identifier: C5:32:12:F2:9A:3A:B4:0C:85:F2:25:5B:32:88:58:4F:A8:31:16:7D
Certificate issuer: /CN=9bb350a905df3fdbbc2456d5c81c2f209ae752f3
Certificate serial: 018407
Authority key identifier: 9B:B3:50:A9:05:DF:3F:DB:BC:24:56:D5:C8:1C:2F:20:9A:E7:52:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m7NQqQXfP9u8JFbVyBwvIJrnUvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/xTIS8po6tAyF8iVbMohYT6gxFn0.roa
Signing time: Tue 31 May 2022 21:53:13 +0000
ROA not before: Tue 31 May 2022 21:53:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206348
IP address blocks: 89.47.8.0/23 maxlen: 24
2a12:bb40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99335 (0x18407)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bb350a905df3fdbbc2456d5c81c2f209ae752f3
Validity
Not Before: May 31 21:53:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c53212f29a3ab40c85f2255b3288584fa831167d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:1b:0c:2b:50:9c:23:fe:23:49:12:7a:8d:53:
0b:76:9f:85:d0:3b:e3:91:fb:df:80:46:14:a3:8d:
32:cc:0b:88:fe:a9:fc:86:82:3f:7f:5c:74:33:22:
d6:20:b2:b6:9f:91:e6:3f:41:3e:7d:d0:d3:d3:f5:
0c:c3:8e:e1:10:b5:e2:b6:37:b7:94:8a:ad:c6:a5:
75:43:4c:56:1a:99:a3:d3:a8:4e:87:e6:51:09:41:
d2:7a:26:d4:0f:f9:7d:33:41:0a:d4:86:e0:75:fd:
d6:be:f6:62:c6:c0:83:9d:17:81:6b:21:d9:75:da:
c1:b5:d2:2c:43:e8:12:e7:21:0c:c0:8e:90:ce:3e:
5b:7e:ee:ad:df:96:9a:fc:0d:e5:0a:f9:f8:9c:73:
d9:6d:33:cb:79:26:6a:6a:ad:92:74:a2:22:6b:b6:
11:89:7f:20:c9:1e:8f:a2:8d:3c:b2:9a:7a:1d:8b:
21:35:37:7e:6d:b8:14:2d:e4:08:74:4a:da:f7:7e:
bf:bd:54:23:65:b2:73:1e:f7:2b:25:8e:ff:00:ab:
6a:79:7b:c4:b4:1d:77:6e:71:ba:8d:9e:b6:3c:c0:
4d:c5:b9:1f:23:cc:eb:97:9b:48:26:be:06:6b:b8:
a2:ce:4b:7a:9b:86:60:bb:47:96:6e:15:e8:bf:3e:
fe:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:32:12:F2:9A:3A:B4:0C:85:F2:25:5B:32:88:58:4F:A8:31:16:7D
X509v3 Authority Key Identifier:
keyid:9B:B3:50:A9:05:DF:3F:DB:BC:24:56:D5:C8:1C:2F:20:9A:E7:52:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m7NQqQXfP9u8JFbVyBwvIJrnUvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/xTIS8po6tAyF8iVbMohYT6gxFn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/b14ddd-afda-408c-9c46-9c1f69a242ba/1/m7NQqQXfP9u8JFbVyBwvIJrnUvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.8.0/23
IPv6:
2a12:bb40::/29
Signature Algorithm: sha256WithRSAEncryption
6b:36:7f:f0:3f:58:bb:cf:e4:df:ff:15:f2:a0:bf:45:7d:2a:
c0:c1:d6:d9:d6:9b:18:78:8f:2f:56:04:be:c2:8c:0f:28:f6:
53:60:b6:65:9d:9f:3e:77:36:3b:30:dd:a2:48:fd:a4:95:ed:
0a:94:ba:8c:f0:5a:cd:30:79:ac:6e:df:bd:00:d8:64:99:0e:
05:83:61:e0:5a:05:39:80:12:16:25:32:cc:2e:e1:72:9e:b8:
d0:a6:fd:d9:72:cf:08:5c:27:bb:9e:51:2c:a9:79:ab:a1:40:
19:5e:24:c6:f7:69:2d:c9:b6:d0:6d:ee:a1:2e:03:06:8f:46:
5c:ae:78:82:4f:92:47:b1:52:f3:34:8b:58:a7:90:b4:3e:13:
dc:37:e8:ae:03:b3:0e:14:c4:cd:93:a7:c4:26:12:9e:cc:4a:
e9:4e:03:3f:09:28:85:92:b7:f2:50:39:e3:2b:a6:28:70:f8:
78:bd:88:d4:9f:a5:b2:37:60:6d:2f:c5:a3:d4:c8:ea:92:2c:
4f:db:57:34:21:14:64:f4:eb:21:b7:fe:e3:91:40:f7:2f:33:
dd:c7:c8:3d:e9:06:f8:a2:1c:50:f6:ee:f7:ab:21:c9:a0:0b:
71:02:ab:36:b7:9a:ae:18:0b:b6:88:75:bb:58:e4:57:5a:f5:
dc:69:51:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAYQHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDli
YjM1MGE5MDVkZjNmZGJiYzI0NTZkNWM4MWMyZjIwOWFlNzUyZjMwHhcNMjIwNTMx
MjE1MzEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjNTMyMTJmMjlhM2Fi
NDBjODVmMjI1NWIzMjg4NTg0ZmE4MzExNjdkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1hsMK1CcI/4jSRJ6jVMLdp+F0DvjkfvfgEYUo40yzAuI/qn8
hoI/f1x0MyLWILK2n5HmP0E+fdDT0/UMw47hELXitje3lIqtxqV1Q0xWGpmj06hO
h+ZRCUHSeibUD/l9M0EK1Ibgdf3WvvZixsCDnReBayHZddrBtdIsQ+gS5yEMwI6Q
zj5bfu6t35aa/A3lCvn4nHPZbTPLeSZqaq2SdKIia7YRiX8gyR6Poo08spp6HYsh
NTd+bbgULeQIdEra936/vVQjZbJzHvcrJY7/AKtqeXvEtB13bnG6jZ62PMBNxbkf
I8zrl5tIJr4Ga7iizkt6m4Zgu0eWbhXovz7+ywIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFMUyEvKaOrQMhfIlWzKIWE+oMRZ9MB8GA1UdIwQYMBaAFJuzUKkF3z/bvCRW
1cgcLyCa51LzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bTdOUXFRWGZQOXU4SkZiVnlCd3ZJSnJuVXZNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lNC9iMTRkZGQtYWZkYS00MDhjLTljNDYtOWMxZjY5YTI0MmJhLzEv
eFRJUzhwbzZ0QXlGOGlWYk1vaFlUNmd4Rm4wLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9i
MTRkZGQtYWZkYS00MDhjLTljNDYtOWMxZjY5YTI0MmJhLzEvbTdOUXFRWGZQOXU4
SkZiVnlCd3ZJSnJuVXZNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBWS8IMA0EAgACMAcDBQMqErtAMA0G
CSqGSIb3DQEBCwUAA4IBAQBrNn/wP1i7z+Tf/xXyoL9FfSrAwdbZ1psYeI8vVgS+
wowPKPZTYLZlnZ8+dzY7MN2iSP2kle0KlLqM8FrNMHmsbt+9ANhkmQ4Fg2HgWgU5
gBIWJTLMLuFynrjQpv3Zcs8IXCe7nlEsqXmroUAZXiTG92ktybbQbe6hLgMGj0Zc
rniCT5JHsVLzNItYp5C0PhPcN+iuA7MOFMTNk6fEJhKezErpTgM/CSiFkrfyUDnj
K6YocPh4vYjUn6WyN2BtL8Wj1MjqkixP21c0IRRk9Osht/7jkUD3LzPdx8g96Qb4
ohxQ9u73qyHJoAtxAqs2t5quGAu2iHW7WORXWvXcaVF4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:24 2023 by rpki-client on console-ams.rpki-client.org