Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/RY6A545FcjqYDicmo1SfWyFfxlE.roa
File: RY6A545FcjqYDicmo1SfWyFfxlE.roa (raw, json)
Hash identifier: KjFqke7lab+O/C2kJsTzJGa8eFgDL5wCZLr5ChIAdeU=
Subject key identifier: 45:8E:80:E7:8E:45:72:3A:98:0E:27:26:A3:54:9F:5B:21:5F:C6:51
Certificate issuer: /CN=09b4bf37f39eec62982c4b63709fab5d146c7373
Certificate serial: 0A19D3BF
Authority key identifier: 09:B4:BF:37:F3:9E:EC:62:98:2C:4B:63:70:9F:AB:5D:14:6C:73:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/RY6A545FcjqYDicmo1SfWyFfxlE.roa
Signing time: Sat 01 Jan 2022 15:01:24 +0000
ROA not before: Sat 01 Jan 2022 15:01:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44756
IP address blocks: 89.44.110.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169464767 (0xa19d3bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b4bf37f39eec62982c4b63709fab5d146c7373
Validity
Not Before: Jan 1 15:01:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=458e80e78e45723a980e2726a3549f5b215fc651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:73:aa:f1:45:c5:a2:1c:f3:ec:4d:24:89:e0:
56:b1:29:25:9a:66:5d:72:0f:41:99:65:f0:be:1b:
c8:a1:50:f0:44:b5:fc:45:ea:ab:18:3f:32:ef:f6:
02:e1:24:ea:dd:c1:de:8c:dc:56:c6:ca:c6:d8:45:
88:bb:ce:23:e5:00:13:a9:62:32:fa:fa:13:cd:93:
84:b8:fe:93:97:30:42:49:a1:2f:77:b3:6c:61:45:
44:cc:55:7e:e0:0b:38:2d:d7:07:ea:c6:e6:70:cd:
15:36:a8:f4:e7:e6:98:2a:5c:e1:3c:8b:76:e3:e6:
5f:93:f5:14:de:26:c0:2b:d9:c2:08:7e:eb:fb:e6:
a3:d1:33:2f:7d:f7:40:89:ac:76:f5:e0:55:9a:d1:
09:12:61:5b:73:fd:f4:9d:b5:9d:c8:24:b4:15:fa:
a0:7c:b1:a6:52:78:a9:ee:f3:37:0a:ca:a8:d3:d2:
f3:19:b9:e5:cc:c7:17:54:bb:68:20:20:f4:45:80:
9d:c6:e8:ed:5e:af:0f:54:0f:5d:74:e3:ca:b0:38:
d6:2c:c0:19:4b:76:62:32:eb:de:88:8b:4b:ab:ef:
fb:27:e5:ed:84:8f:f2:95:58:d4:21:7c:b6:8a:98:
7d:bd:14:f7:ae:60:7f:2a:43:ed:fb:ab:5f:81:6e:
8d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:8E:80:E7:8E:45:72:3A:98:0E:27:26:A3:54:9F:5B:21:5F:C6:51
X509v3 Authority Key Identifier:
keyid:09:B4:BF:37:F3:9E:EC:62:98:2C:4B:63:70:9F:AB:5D:14:6C:73:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/RY6A545FcjqYDicmo1SfWyFfxlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.110.0/23
Signature Algorithm: sha256WithRSAEncryption
96:f9:63:48:a3:94:77:34:74:c5:8d:70:6f:98:22:0a:e3:df:
12:0b:c1:ca:45:30:48:4d:49:bc:23:cf:2c:5b:9c:62:f5:86:
ad:ed:ec:fc:d8:1c:79:f1:44:ae:7f:f2:53:39:ad:dd:a3:ab:
d8:f0:12:20:fd:36:e8:4d:da:f6:63:73:49:67:8e:96:55:fd:
52:de:0f:48:29:b4:ff:32:e7:b9:f9:96:4d:76:f3:1b:5d:f2:
31:a6:a5:4e:91:9b:ab:9a:b5:1d:2b:4d:46:62:97:17:79:18:
e4:6d:10:61:91:33:e5:f7:53:df:19:01:7a:bd:18:1b:d9:a3:
a2:85:3c:fa:b4:ff:74:ca:01:63:5d:3d:bb:09:a9:55:b1:13:
cf:69:b8:d4:bd:87:23:90:3f:e9:d3:c6:9e:6f:3c:33:55:30:
50:fe:da:df:11:e3:ea:cc:54:75:bf:2d:00:b3:b5:07:b2:e6:
f7:a5:64:31:4c:d5:c4:06:3a:c2:d8:0f:f9:9b:69:1b:fa:27:
e1:c1:59:f4:cd:cf:43:09:b1:ad:85:84:20:04:f9:a8:de:e3:
62:56:3a:8d:b0:e9:b4:d3:8c:7f:ea:e5:be:df:96:08:8a:3b:
06:40:3f:17:cb:57:dd:2c:de:69:31:1c:22:24:77:18:b9:f1:
9d:97:21:b8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEChnTvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OWI0YmYzN2YzOWVlYzYyOTgyYzRiNjM3MDlmYWI1ZDE0NmM3MzczMB4XDTIyMDEw
MTE1MDEyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDU4ZTgwZTc4ZTQ1
NzIzYTk4MGUyNzI2YTM1NDlmNWIyMTVmYzY1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtzqvFFxaIc8+xNJIngVrEpJZpmXXIPQZll8L4byKFQ8ES1
/EXqqxg/Mu/2AuEk6t3B3ozcVsbKxthFiLvOI+UAE6liMvr6E82ThLj+k5cwQkmh
L3ezbGFFRMxVfuALOC3XB+rG5nDNFTao9OfmmCpc4TyLduPmX5P1FN4mwCvZwgh+
6/vmo9EzL333QImsdvXgVZrRCRJhW3P99J21ncgktBX6oHyxplJ4qe7zNwrKqNPS
8xm55czHF1S7aCAg9EWAncbo7V6vD1QPXXTjyrA41izAGUt2YjLr3oiLS6vv+yfl
7YSP8pVY1CF8toqYfb0U965gfypD7furX4FujScCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRFjoDnjkVyOpgOJyajVJ9bIV/GUTAfBgNVHSMEGDAWgBQJtL83857sYpgs
S2Nwn6tdFGxzczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NiU19OX09lN0dLWUxFdGpjSi1yWFJSc2MzTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvMzcxNmQ5LTQ3M2YtNGFmMy1hMWQzLTI0ZTZjMGQ0ZmFkNy8x
L1JZNkE1NDVGY2pxWURpY21vMVNmV3lGZnhsRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
MzcxNmQ5LTQ3M2YtNGFmMy1hMWQzLTI0ZTZjMGQ0ZmFkNy8xL0NiU19OX09lN0dL
WUxFdGpjSi1yWFJSc2MzTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVksbjANBgkqhkiG9w0BAQsFAAOC
AQEAlvljSKOUdzR0xY1wb5giCuPfEgvBykUwSE1JvCPPLFucYvWGre3s/NgcefFE
rn/yUzmt3aOr2PASIP026E3a9mNzSWeOllX9Ut4PSCm0/zLnufmWTXbzG13yMaal
TpGbq5q1HStNRmKXF3kY5G0QYZEz5fdT3xkBer0YG9mjooU8+rT/dMoBY109uwmp
VbETz2m41L2HI5A/6dPGnm88M1UwUP7a3xHj6sxUdb8tALO1B7Lm96VkMUzVxAY6
wtgP+ZtpG/on4cFZ9M3PQwmxrYWEIAT5qN7jYlY6jbDptNOMf+rlvt+WCIo7BkA/
F8tX3SzeaTEcIiR3GLnxnZchuA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:09 2023 by rpki-client on console-fra.rpki-client.org