Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/63295f-18cb-4bfe-92e3-4ab5331cd935/1/3k0huARO1CAcC8owSETcKniuz6E.roa
File: 3k0huARO1CAcC8owSETcKniuz6E.roa (raw, json)
Hash identifier: f8y2nohmdC8OCNSQT+zgPv+5h7moD6nqwIWHUTuFwlM=
Subject key identifier: DE:4D:21:B8:04:4E:D4:20:1C:0B:CA:30:48:44:DC:2A:78:AE:CF:A1
Certificate issuer: /CN=eb7bbbfef59509e7263986f780589ab1e7998423
Certificate serial: 018317215656B65EDFED87F3F90B3934C623
Authority key identifier: EB:7B:BB:FE:F5:95:09:E7:26:39:86:F7:80:58:9A:B1:E7:99:84:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/63u7_vWVCecmOYb3gFiaseeZhCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/63295f-18cb-4bfe-92e3-4ab5331cd935/1/3k0huARO1CAcC8owSETcKniuz6E.roa
Signing time: Wed 07 Sep 2022 08:46:44 +0000
ROA not before: Wed 07 Sep 2022 08:46:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41207
IP address blocks: 89.191.160.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:17:21:56:56:b6:5e:df:ed:87:f3:f9:0b:39:34:c6:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb7bbbfef59509e7263986f780589ab1e7998423
Validity
Not Before: Sep 7 08:46:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de4d21b8044ed4201c0bca304844dc2a78aecfa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ca:03:45:c7:10:37:09:b3:97:0b:95:d7:7e:
61:6c:20:b9:5b:5d:82:83:1e:ab:95:28:e0:5c:51:
fb:5c:30:c5:29:ed:2d:6d:78:d9:08:29:33:05:b2:
da:d2:50:b7:01:38:2d:ee:d2:91:0c:29:0c:a0:95:
b6:00:37:60:53:3b:31:20:4a:33:42:a2:e5:15:3b:
2e:19:db:da:69:27:e5:f2:e4:de:62:f2:35:f8:ad:
b1:02:ff:59:eb:30:25:d9:b4:65:47:da:77:e3:07:
a2:92:9c:d9:b0:42:4a:e8:01:70:72:5e:97:87:91:
71:bd:47:ff:39:ef:71:70:a9:0d:54:40:1f:1a:0a:
b0:63:b0:98:d2:ef:61:a3:07:2b:9e:46:0e:2a:56:
ec:7c:f4:60:df:4c:70:6c:8c:36:92:7f:de:b7:8a:
2c:7d:89:9e:c1:9b:8f:68:65:dd:09:f3:e2:48:2c:
f2:ec:11:5a:3b:b2:d3:ce:4e:6e:6f:98:88:6e:f2:
40:4d:17:99:17:ce:69:0f:c6:09:fa:76:98:d3:71:
fe:22:19:6f:d0:7d:53:5c:72:a5:c1:9e:2c:9b:de:
92:69:5d:7a:25:ad:46:3f:ec:b6:10:f2:25:3f:da:
48:a4:72:e9:0d:d0:b8:7e:bb:ee:0a:f7:4b:16:9a:
83:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:4D:21:B8:04:4E:D4:20:1C:0B:CA:30:48:44:DC:2A:78:AE:CF:A1
X509v3 Authority Key Identifier:
keyid:EB:7B:BB:FE:F5:95:09:E7:26:39:86:F7:80:58:9A:B1:E7:99:84:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/63u7_vWVCecmOYb3gFiaseeZhCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/63295f-18cb-4bfe-92e3-4ab5331cd935/1/3k0huARO1CAcC8owSETcKniuz6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/63295f-18cb-4bfe-92e3-4ab5331cd935/1/63u7_vWVCecmOYb3gFiaseeZhCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.191.160.0/20
Signature Algorithm: sha256WithRSAEncryption
67:b9:be:a2:51:4e:ff:6a:e9:10:cd:5f:d2:80:f4:5d:ce:dd:
ab:09:08:3f:c8:20:64:e1:aa:f9:1b:50:e1:21:2a:73:fe:82:
80:78:9c:ec:4c:c7:c7:8f:fd:ae:34:51:fb:e8:7e:ba:f8:bd:
76:af:b8:df:3c:07:e3:02:91:07:09:30:e0:fb:f2:28:5d:9d:
65:7f:3e:3a:dd:af:e8:5d:86:76:bc:be:57:d7:2c:cf:26:24:
68:9b:42:36:19:bb:1e:20:47:1c:c0:80:fe:a4:51:47:5b:66:
1f:ad:e6:20:c8:22:bf:aa:2d:8e:fc:cf:9e:4e:19:5b:dc:4b:
11:2e:bc:c0:a1:5f:c5:e6:32:d6:e2:05:1f:b1:39:02:a3:ca:
a6:b7:de:eb:9f:a2:48:43:05:1e:72:c7:38:90:0b:25:79:89:
d1:5d:90:b4:22:9a:2e:34:ba:89:7d:1a:59:34:54:0f:69:7c:
2b:ec:40:0c:a9:b8:fd:e8:ac:27:63:ac:4a:c6:74:a5:e1:ee:
22:c4:27:fa:dd:11:4b:9f:80:e1:e9:fa:14:93:56:7b:45:e3:
fa:e8:08:9b:a7:ed:25:56:72:14:be:5f:b6:7c:10:7f:0f:75:
94:8e:9b:d6:d2:06:1e:0b:25:b9:17:1e:a6:39:40:d8:f3:e2:
ba:7c:c9:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMXIVZWtl7f7Yfz+Qs5NMYjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViN2JiYmZlZjU5NTA5ZTcyNjM5ODZmNzgwNTg5YWIxZTc5
OTg0MjMwHhcNMjIwOTA3MDg0NjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTRkMjFiODA0NGVkNDIwMWMwYmNhMzA0ODQ0ZGMyYTc4YWVjZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1soDRccQNwmzlwuV135hbCC5W12C
gx6rlSjgXFH7XDDFKe0tbXjZCCkzBbLa0lC3ATgt7tKRDCkMoJW2ADdgUzsxIEoz
QqLlFTsuGdvaaSfl8uTeYvI1+K2xAv9Z6zAl2bRlR9p34weikpzZsEJK6AFwcl6X
h5FxvUf/Oe9xcKkNVEAfGgqwY7CY0u9howcrnkYOKlbsfPRg30xwbIw2kn/et4os
fYmewZuPaGXdCfPiSCzy7BFaO7LTzk5ub5iIbvJATReZF85pD8YJ+naY03H+Ihlv
0H1TXHKlwZ4sm96SaV16Ja1GP+y2EPIlP9pIpHLpDdC4frvuCvdLFpqDwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5NIbgETtQgHAvKMEhE3Cp4rs+hMB8GA1UdIwQY
MBaAFOt7u/71lQnnJjmG94BYmrHnmYQjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjN1N192V1ZDZWNtT1liM2dGaWFzZWVaaENNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82MzI5NWYtMThjYi00YmZlLTkyZTMt
NGFiNTMzMWNkOTM1LzEvM2swaHVBUk8xQ0FjQzhvd1NFVGNLbml1ejZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82MzI5NWYtMThjYi00YmZlLTkyZTMtNGFiNTMzMWNkOTM1
LzEvNjN1N192V1ZDZWNtT1liM2dGaWFzZWVaaENNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWb+gMA0G
CSqGSIb3DQEBCwUAA4IBAQBnub6iUU7/aukQzV/SgPRdzt2rCQg/yCBk4ar5G1Dh
ISpz/oKAeJzsTMfHj/2uNFH76H66+L12r7jfPAfjApEHCTDg+/IoXZ1lfz463a/o
XYZ2vL5X1yzPJiRom0I2GbseIEccwID+pFFHW2YfreYgyCK/qi2O/M+eThlb3EsR
LrzAoV/F5jLW4gUfsTkCo8qmt97rn6JIQwUecsc4kAsleYnRXZC0IpouNLqJfRpZ
NFQPaXwr7EAMqbj96KwnY6xKxnSl4e4ixCf63RFLn4Dh6foUk1Z7ReP66Aibp+0l
VnIUvl+2fBB/D3WUjpvW0gYeCyW5Fx6mOUDY8+K6fMlF
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:45 2023 by rpki-client on console-ams.rpki-client.org