Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/ae8wEcFWcri7GDMsekoicR1-ZDY.roa
File: ae8wEcFWcri7GDMsekoicR1-ZDY.roa (raw, json)
Hash identifier: ee8JizVSaCl/Fr6F6RnniIHewx7w+2sxntxAbS4xH3k=
Subject key identifier: 69:EF:30:11:C1:56:72:B8:BB:18:33:2C:7A:4A:22:71:1D:7E:64:36
Certificate issuer: /CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Certificate serial: 01852ED0617FAA393EFD84E87D8AE3C8B642
Authority key identifier: AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/ae8wEcFWcri7GDMsekoicR1-ZDY.roa
Signing time: Tue 20 Dec 2022 09:14:46 +0000
ROA not before: Tue 20 Dec 2022 09:14:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57353
IP address blocks: 89.48.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:d0:61:7f:aa:39:3e:fd:84:e8:7d:8a:e3:c8:b6:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af801984cc38f0a4fc5afe1adeab680c1b89e95b
Validity
Not Before: Dec 20 09:14:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69ef3011c15672b8bb18332c7a4a22711d7e6436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c7:25:59:a8:64:3e:61:78:70:0c:e6:bb:44:
93:10:a6:ce:69:4a:d8:2a:a9:7f:5d:0c:83:fe:3d:
22:93:a5:c6:54:8d:97:4e:d7:47:0f:eb:22:09:d0:
e0:41:e4:e1:26:71:0e:01:f5:c2:02:84:b0:99:a0:
7c:fe:7a:f0:f7:f4:0a:13:52:1f:b5:b3:3b:ba:44:
85:2f:c5:34:69:8a:3c:1a:27:81:7d:63:17:a6:d0:
0e:2b:06:c1:94:bd:17:01:62:9f:95:f7:6f:b2:41:
a4:cf:29:3b:7d:ae:e9:32:78:7d:a9:4f:e7:52:ef:
77:e2:0a:02:79:08:c5:0c:b6:4d:2d:99:90:19:94:
29:63:b6:af:b0:3c:28:2a:d1:83:20:0f:23:01:20:
71:fd:6d:ad:02:da:29:2c:04:5b:d0:0b:f5:20:c3:
1c:39:ff:3e:c0:47:79:1b:62:6b:e6:ae:ef:83:d9:
16:c5:1b:c9:6e:42:b1:0c:d9:d4:99:77:80:f3:cb:
68:7c:88:0b:b4:7d:27:89:72:06:97:24:03:d2:15:
a8:8b:4e:3a:a2:74:6d:76:92:52:f4:20:e4:fd:24:
a6:27:7e:8a:78:96:b9:25:4e:fe:0a:2d:61:84:25:
9a:ef:bf:da:6d:55:c9:f7:25:75:1d:e6:50:1e:33:
ab:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EF:30:11:C1:56:72:B8:BB:18:33:2C:7A:4A:22:71:1D:7E:64:36
X509v3 Authority Key Identifier:
keyid:AF:80:19:84:CC:38:F0:A4:FC:5A:FE:1A:DE:AB:68:0C:1B:89:E9:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/ae8wEcFWcri7GDMsekoicR1-ZDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/bfd37c-cb12-4a9c-8f5d-4021265c39b0/1/r4AZhMw48KT8Wv4a3qtoDBuJ6Vs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.48.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:33:8e:54:fb:a4:03:d3:f6:fe:cb:32:89:c2:65:f3:56:21:
f3:62:d1:9c:fa:b2:bd:58:88:fe:71:dd:f0:76:d6:4e:b1:85:
d3:3b:12:3f:96:50:d9:c5:30:44:84:d2:4d:40:01:98:43:17:
c6:d9:14:e1:a5:46:bd:c1:d1:5b:25:3a:b4:5f:52:4c:c5:1f:
14:ab:27:29:e5:6e:43:81:2e:a9:13:a2:fb:44:2d:b7:b8:61:
fd:a9:01:f1:ab:40:55:a1:98:8f:64:d5:f0:09:4f:8b:c2:66:
d8:a6:08:c4:e3:8c:68:a2:17:0c:45:26:1b:1b:e0:38:dc:b4:
af:96:43:bc:79:00:5f:27:06:9b:37:ce:90:44:74:bd:45:68:
9b:90:10:12:23:57:57:73:b2:29:1b:2b:e6:19:7b:b7:5a:e2:
9f:53:30:71:7e:90:c5:54:ea:74:14:88:8c:39:5f:a0:06:d3:
79:f1:ba:ee:65:df:fe:f1:3a:aa:5e:7e:4c:2d:d6:8e:e2:1f:
9f:aa:c7:c4:e7:70:0f:c8:56:57:58:46:60:c6:16:ef:05:db:
42:aa:54:26:01:ea:6d:9c:ab:48:0f:81:7b:24:23:d7:00:ae:
6a:c3:1e:ed:81:ad:81:84:23:e5:08:fe:00:5d:50:f8:15:1b:
0a:23:ab:9e
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYUu0GF/qjk+/YTofYrjyLZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmODAxOTg0Y2MzOGYwYTRmYzVhZmUxYWRlYWI2ODBjMWI4
OWU5NWIwHhcNMjIxMjIwMDkxNDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWVmMzAxMWMxNTY3MmI4YmIxODMzMmM3YTRhMjI3MTFkN2U2NDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsclWahkPmF4cAzmu0STEKbOaUrY
Kql/XQyD/j0ik6XGVI2XTtdHD+siCdDgQeThJnEOAfXCAoSwmaB8/nrw9/QKE1If
tbM7ukSFL8U0aYo8GieBfWMXptAOKwbBlL0XAWKflfdvskGkzyk7fa7pMnh9qU/n
Uu934goCeQjFDLZNLZmQGZQpY7avsDwoKtGDIA8jASBx/W2tAtopLARb0Av1IMMc
Of8+wEd5G2Jr5q7vg9kWxRvJbkKxDNnUmXeA88tofIgLtH0niXIGlyQD0hWoi046
onRtdpJS9CDk/SSmJ36KeJa5JU7+Ci1hhCWa77/abVXJ9yV1HeZQHjOrvQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGnvMBHBVnK4uxgzLHpKInEdfmQ2MB8GA1UdIwQY
MBaAFK+AGYTMOPCk/Fr+Gt6raAwbielbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQt
NDAyMTI2NWMzOWIwLzEvYWU4d0VjRldjcmk3R0RNc2Vrb2ljUjEtWkRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9iZmQzN2MtY2IxMi00YTljLThmNWQtNDAyMTI2NWMzOWIw
LzEvcjRBWmhNdzQ4S1Q4V3Y0YTNxdG9EQnVKNlZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAWTAwDQYJ
KoZIhvcNAQELBQADggEBAF0zjlT7pAPT9v7LMonCZfNWIfNi0Zz6sr1YiP5x3fB2
1k6xhdM7Ej+WUNnFMESE0k1AAZhDF8bZFOGlRr3B0VslOrRfUkzFHxSrJynlbkOB
LqkTovtELbe4Yf2pAfGrQFWhmI9k1fAJT4vCZtimCMTjjGiiFwxFJhsb4DjctK+W
Q7x5AF8nBps3zpBEdL1FaJuQEBIjV1dzsikbK+YZe7da4p9TMHF+kMVU6nQUiIw5
X6AG03nxuu5l3/7xOqpefkwt1o7iH5+qx8TncA/IVldYRmDGFu8F20KqVCYB6m2c
q0gPgXskI9cArmrDHu2BrYGEI+UI/gBdUPgVGwojq54=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:45 2024 by rpki-client on console-fra.rpki-client.org