Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/89EvzFxdWAT0yfKJZ95-nPsOe-s.roa
File: 89EvzFxdWAT0yfKJZ95-nPsOe-s.roa (raw, json)
Hash identifier: nssNvbbmP22T1wvnO98YlTR0lsFQLyXm0SG65ZbbYdw=
Subject key identifier: F3:D1:2F:CC:5C:5D:58:04:F4:C9:F2:89:67:DE:7E:9C:FB:0E:7B:EB
Certificate issuer: /CN=d737824e0ffa79f18b9fc49d6cb0dd81c9a6ca28
Certificate serial: 017C2405
Authority key identifier: D7:37:82:4E:0F:FA:79:F1:8B:9F:C4:9D:6C:B0:DD:81:C9:A6:CA:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/89EvzFxdWAT0yfKJZ95-nPsOe-s.roa
Signing time: Mon 17 Jan 2022 20:21:14 +0000
ROA not before: Mon 17 Jan 2022 20:21:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 91.232.229.0/24 maxlen: 24
2001:7f8:66::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24912901 (0x17c2405)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d737824e0ffa79f18b9fc49d6cb0dd81c9a6ca28
Validity
Not Before: Jan 17 20:21:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3d12fcc5c5d5804f4c9f28967de7e9cfb0e7beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:29:6b:6c:7b:08:07:de:c7:f5:ab:76:37:87:
9e:af:9f:0f:a4:97:6b:93:6c:9b:11:ff:4a:52:87:
93:f8:a1:9c:39:3e:66:f0:64:6f:5b:4b:a6:a9:8d:
bf:37:32:fe:ac:89:fb:2f:a9:fc:a5:20:76:d2:12:
54:5f:63:35:f8:71:e5:3f:37:69:d0:4a:4b:f9:3e:
bc:83:2c:2c:dc:b3:5f:b1:4f:91:5f:d0:29:69:cc:
fa:6c:3f:c4:99:a3:1e:02:c1:7c:c3:f2:14:7e:6f:
0f:36:d2:50:44:14:ef:ea:91:f8:4c:a7:3e:03:fa:
44:76:86:40:3f:1e:09:8e:b9:4f:5e:dd:56:03:c0:
03:2a:50:20:e6:2e:87:61:64:f4:df:e2:16:75:45:
fb:2c:a7:c9:79:df:c8:69:b5:8f:04:60:78:c4:4d:
eb:ab:cc:11:f1:93:dd:76:c1:8a:0a:30:1c:5f:29:
21:1a:34:b1:77:a5:0d:7c:30:ea:7e:cf:98:37:bf:
83:42:63:68:88:ec:ba:96:cb:ff:bc:09:97:85:0f:
7c:92:3e:1e:ca:a5:fd:ab:d6:e8:f8:fc:87:18:61:
a2:66:94:e7:27:d9:70:50:12:d0:53:56:89:dc:d2:
57:0d:25:cc:c8:91:4d:d0:62:6e:5d:b9:96:5b:f8:
c0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D1:2F:CC:5C:5D:58:04:F4:C9:F2:89:67:DE:7E:9C:FB:0E:7B:EB
X509v3 Authority Key Identifier:
keyid:D7:37:82:4E:0F:FA:79:F1:8B:9F:C4:9D:6C:B0:DD:81:C9:A6:CA:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zeCTg_6efGLn8SdbLDdgcmmyig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/89EvzFxdWAT0yfKJZ95-nPsOe-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/446d40-5782-4de0-a2c5-b68f5d8f651a/1/1zeCTg_6efGLn8SdbLDdgcmmyig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.229.0/24
IPv6:
2001:7f8:66::/48
Signature Algorithm: sha256WithRSAEncryption
43:1a:1f:1b:a9:f3:9c:32:61:2d:22:49:61:dc:28:38:20:5e:
20:9e:67:ec:fd:06:bb:5f:98:f4:e4:f8:b6:23:3b:86:e8:30:
3d:5c:04:00:5c:ef:70:8c:95:32:27:ab:78:e5:41:22:d2:f7:
f2:53:96:72:77:04:9e:21:4c:ff:15:0b:7e:ca:98:bc:1a:99:
75:07:6c:1e:88:cb:72:ca:9d:85:73:5f:55:ba:bf:a3:a1:cc:
b4:94:63:65:1e:6d:6a:1e:b0:77:91:4e:ea:48:a1:f5:47:8a:
3e:d3:7d:16:07:0e:f6:1d:56:2c:25:f3:9d:08:85:81:d4:3c:
72:05:1c:56:34:93:da:dd:48:44:05:f7:9b:fa:96:86:15:41:
91:05:1d:d6:bb:d9:ea:38:23:db:6e:87:a0:07:24:d2:09:57:
8b:fc:df:ea:aa:4a:d4:42:54:aa:0c:58:fa:d0:c0:38:69:da:
4f:1f:e8:72:55:7d:5e:45:6d:e1:f2:7a:d3:f7:ce:a7:e2:68:
77:21:fe:25:9f:2f:07:f0:86:7d:06:68:1d:29:1e:a0:0e:90:
9d:06:93:7a:f5:e6:90:3b:21:98:45:c2:7e:fd:7c:7f:49:9d:
e6:17:3e:09:32:c1:57:f7:2d:73:72:27:5f:ab:05:58:b6:0d:
92:0b:c8:e6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAXwkBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzM3ODI0ZTBmZmE3OWYxOGI5ZmM0OWQ2Y2IwZGQ4MWM5YTZjYTI4MB4XDTIyMDEx
NzIwMjExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNkMTJmY2M1YzVk
NTgwNGY0YzlmMjg5NjdkZTdlOWNmYjBlN2JlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8pa2x7CAfex/WrdjeHnq+fD6SXa5NsmxH/SlKHk/ihnDk+
ZvBkb1tLpqmNvzcy/qyJ+y+p/KUgdtISVF9jNfhx5T83adBKS/k+vIMsLNyzX7FP
kV/QKWnM+mw/xJmjHgLBfMPyFH5vDzbSUEQU7+qR+EynPgP6RHaGQD8eCY65T17d
VgPAAypQIOYuh2Fk9N/iFnVF+yynyXnfyGm1jwRgeMRN66vMEfGT3XbBigowHF8p
IRo0sXelDXww6n7PmDe/g0JjaIjsupbL/7wJl4UPfJI+Hsql/avW6Pj8hxhhomaU
5yfZcFAS0FNWidzSVw0lzMiRTdBibl25llv4wMUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTz0S/MXF1YBPTJ8oln3n6c+w576zAfBgNVHSMEGDAWgBTXN4JOD/p58Yuf
xJ1ssN2ByabKKDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzF6ZUNUZ182ZWZHTG44U2RiTERkZ2NtbXlpZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNDQ2ZDQwLTU3ODItNGRlMC1hMmM1LWI2OGY1ZDhmNjUxYS8x
Lzg5RXZ6RnhkV0FUMHlmS0paOTUtblBzT2Utcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NDQ2ZDQwLTU3ODItNGRlMC1hMmM1LWI2OGY1ZDhmNjUxYS8xLzF6ZUNUZ182ZWZH
TG44U2RiTERkZ2NtbXlpZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAFvo5TAPBAIAAjAJAwcAIAEH+ABm
MA0GCSqGSIb3DQEBCwUAA4IBAQBDGh8bqfOcMmEtIklh3Cg4IF4gnmfs/Qa7X5j0
5Pi2IzuG6DA9XAQAXO9wjJUyJ6t45UEi0vfyU5ZydwSeIUz/FQt+ypi8Gpl1B2we
iMtyyp2Fc19Vur+jocy0lGNlHm1qHrB3kU7qSKH1R4o+030WBw72HVYsJfOdCIWB
1DxyBRxWNJPa3UhEBfeb+paGFUGRBR3Wu9nqOCPbboegByTSCVeL/N/qqkrUQlSq
DFj60MA4adpPH+hyVX1eRW3h8nrT986n4mh3If4lny8H8IZ9BmgdKR6gDpCdBpN6
9eaQOyGYRcJ+/Xx/SZ3mFz4JMsFX9y1zcidfqwVYtg2SC8jm
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:56 2023 by rpki-client on console-fra.rpki-client.org