Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ce95be-a37a-4c23-b9cb-706554f88046/1/24bZ9su78MbEDrMfBxhBCq5De30.roa
File: 24bZ9su78MbEDrMfBxhBCq5De30.roa (raw, json)
Hash identifier: hbsKE0hDYqRnbNc28caZXrcUegJ1x5qgtefhqKXAaNY=
Subject key identifier: DB:86:D9:F6:CB:BB:F0:C6:C4:0E:B3:1F:07:18:41:0A:AE:43:7B:7D
Certificate issuer: /CN=e79dc5435a2dc97e365ff49570c04d513f6fced2
Certificate serial: D88E01
Authority key identifier: E7:9D:C5:43:5A:2D:C9:7E:36:5F:F4:95:70:C0:4D:51:3F:6F:CE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/553FQ1otyX42X_SVcMBNUT9vztI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/ce95be-a37a-4c23-b9cb-706554f88046/1/24bZ9su78MbEDrMfBxhBCq5De30.roa
Signing time: Sat 01 Jan 2022 01:54:41 +0000
ROA not before: Sat 01 Jan 2022 01:54:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208355
IP address blocks: 152.89.72.0/22 maxlen: 22
2a06:8200::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14192129 (0xd88e01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e79dc5435a2dc97e365ff49570c04d513f6fced2
Validity
Not Before: Jan 1 01:54:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db86d9f6cbbbf0c6c40eb31f0718410aae437b7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:99:31:6f:ae:36:a9:1d:cc:27:da:c4:98:75:
6b:b9:a9:57:80:3e:f6:3b:7c:94:47:b6:28:e8:b1:
bc:98:84:c0:04:a7:87:52:1a:cb:6c:cd:29:28:47:
92:cb:fc:cb:a5:6c:ca:2d:41:61:34:5b:e3:35:08:
1d:bf:d1:8f:01:c2:ff:4c:fe:f6:85:63:8e:07:e1:
35:0e:44:6d:94:01:80:de:ce:9f:18:3a:34:24:a6:
fc:11:b4:55:c4:72:0e:cf:1e:2d:3f:a4:79:52:92:
26:55:61:f4:e3:ab:cd:6b:98:55:8b:c8:4f:d4:cf:
da:75:8e:6f:c2:20:75:c2:96:ff:ed:39:4a:e7:9f:
9a:78:88:5e:00:fc:82:c5:0d:8c:c2:f7:b4:00:b5:
b4:3c:1b:79:90:5d:81:a9:a8:0f:6a:79:78:11:5c:
c8:be:86:bb:40:41:27:8d:28:5a:86:9a:f5:3d:e7:
12:62:f1:84:b0:1c:b0:45:70:c1:8b:6e:3e:5e:d5:
1c:8b:a5:9e:f5:7b:47:ac:5a:a0:91:32:52:87:64:
46:de:d5:cd:02:18:2e:7d:c8:ef:bd:1c:c2:46:3e:
f3:de:38:c4:a5:d2:79:9d:58:5c:b3:d9:ea:2c:c8:
4a:ef:aa:ae:62:ab:01:37:8e:af:5d:f7:e3:ca:5c:
e1:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:86:D9:F6:CB:BB:F0:C6:C4:0E:B3:1F:07:18:41:0A:AE:43:7B:7D
X509v3 Authority Key Identifier:
keyid:E7:9D:C5:43:5A:2D:C9:7E:36:5F:F4:95:70:C0:4D:51:3F:6F:CE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/553FQ1otyX42X_SVcMBNUT9vztI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ce95be-a37a-4c23-b9cb-706554f88046/1/24bZ9su78MbEDrMfBxhBCq5De30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ce95be-a37a-4c23-b9cb-706554f88046/1/553FQ1otyX42X_SVcMBNUT9vztI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.72.0/22
IPv6:
2a06:8200::/32
Signature Algorithm: sha256WithRSAEncryption
78:cc:37:93:65:7f:90:1f:95:84:ab:f3:ca:e4:eb:61:b7:36:
4c:41:c7:e9:49:73:d6:93:f9:af:b3:a4:e3:48:af:0b:9a:17:
bf:4a:50:a9:92:e2:36:b1:0f:2c:ea:d3:61:18:85:c5:01:67:
c2:d7:1e:db:1e:55:6c:5d:41:37:ac:08:d9:f3:cb:08:70:09:
33:f6:e3:96:65:6e:b8:93:b7:3f:a2:40:f4:ad:0a:c9:17:9b:
9c:25:98:db:a0:68:fd:1a:c5:47:62:c7:79:5b:6b:53:59:ff:
53:ee:60:ff:00:50:3c:48:08:9e:23:15:d7:bc:aa:9e:b5:94:
ae:f4:39:c8:e6:fb:3d:c6:40:d5:20:f6:e3:65:05:24:ce:81:
29:58:29:fe:9e:c7:fb:ac:0f:79:b2:cc:00:34:01:d8:81:ed:
25:45:98:e7:a6:d3:c9:e2:1d:75:b6:4b:b4:bf:1d:91:5d:58:
8a:7e:09:c3:2a:b7:40:8a:4e:c0:e7:34:72:58:0a:8e:d6:98:
32:8e:3b:bb:86:87:1c:fe:6f:1a:9d:84:d1:b4:3f:45:8b:45:
0a:58:8a:cb:c3:48:5a:a2:f3:4e:c5:db:ea:e4:08:e4:00:05:
ec:1e:80:1b:cf:c5:3c:40:fb:a8:9b:42:82:f1:58:9f:fe:a2:
d2:7e:bc:ee
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEANiOATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzlkYzU0MzVhMmRjOTdlMzY1ZmY0OTU3MGMwNGQ1MTNmNmZjZWQyMB4XDTIyMDEw
MTAxNTQ0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI4NmQ5ZjZjYmJi
ZjBjNmM0MGViMzFmMDcxODQxMGFhZTQzN2I3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqZMW+uNqkdzCfaxJh1a7mpV4A+9jt8lEe2KOixvJiEwASn
h1Iay2zNKShHksv8y6Vsyi1BYTRb4zUIHb/RjwHC/0z+9oVjjgfhNQ5EbZQBgN7O
nxg6NCSm/BG0VcRyDs8eLT+keVKSJlVh9OOrzWuYVYvIT9TP2nWOb8IgdcKW/+05
SuefmniIXgD8gsUNjML3tAC1tDwbeZBdgamoD2p5eBFcyL6Gu0BBJ40oWoaa9T3n
EmLxhLAcsEVwwYtuPl7VHIulnvV7R6xaoJEyUodkRt7VzQIYLn3I770cwkY+8944
xKXSeZ1YXLPZ6izISu+qrmKrATeOr13348pc4fMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTbhtn2y7vwxsQOsx8HGEEKrkN7fTAfBgNVHSMEGDAWgBTnncVDWi3JfjZf
9JVwwE1RP2/O0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzU1M0ZRMW90eVg0MlhfU1ZjTUJOVVQ5dnp0SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvY2U5NWJlLWEzN2EtNGMyMy1iOWNiLTcwNjU1NGY4ODA0Ni8x
LzI0Ylo5c3U3OE1iRURyTWZCeGhCQ3E1RGUzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
Y2U5NWJlLWEzN2EtNGMyMy1iOWNiLTcwNjU1NGY4ODA0Ni8xLzU1M0ZRMW90eVg0
MlhfU1ZjTUJOVVQ5dnp0SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAphZSDANBAIAAjAHAwUAKgaCADAN
BgkqhkiG9w0BAQsFAAOCAQEAeMw3k2V/kB+VhKvzyuTrYbc2TEHH6Ulz1pP5r7Ok
40ivC5oXv0pQqZLiNrEPLOrTYRiFxQFnwtce2x5VbF1BN6wI2fPLCHAJM/bjlmVu
uJO3P6JA9K0KyRebnCWY26Bo/RrFR2LHeVtrU1n/U+5g/wBQPEgIniMV17yqnrWU
rvQ5yOb7PcZA1SD242UFJM6BKVgp/p7H+6wPebLMADQB2IHtJUWY56bTyeIddbZL
tL8dkV1Yin4Jwyq3QIpOwOc0clgKjtaYMo47u4aHHP5vGp2E0bQ/RYtFCliKy8NI
WqLzTsXb6uQI5AAF7B6AG8/FPED7qJtCgvFYn/6i0n687g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:41 2024 by rpki-client on console-fra.rpki-client.org