Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/sJUtR2QpWuplCbRYO0uQn8Y9wKg.roa
File: sJUtR2QpWuplCbRYO0uQn8Y9wKg.roa (raw, json)
Hash identifier: nrHxM456u2NtvqgBH3RLFCpiAyDHBm7z7xuAzLZCAhM=
Subject key identifier: B0:95:2D:47:64:29:5A:EA:65:09:B4:58:3B:4B:90:9F:C6:3D:C0:A8
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 0182A1ED88F197CA6A3B1F148681DB145536
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/sJUtR2QpWuplCbRYO0uQn8Y9wKg.roa
Signing time: Mon 15 Aug 2022 14:34:35 +0000
ROA not before: Mon 15 Aug 2022 14:34:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205771
IP address blocks: 89.21.65.0/24 maxlen: 24
128.127.149.0/24 maxlen: 24
128.127.150.0/24 maxlen: 24
178.239.174.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:ed:88:f1:97:ca:6a:3b:1f:14:86:81:db:14:55:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Aug 15 14:34:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0952d4764295aea6509b4583b4b909fc63dc0a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a6:9d:1a:05:0d:f9:8c:d8:30:3a:b9:01:21:
0b:21:b5:a8:d1:a8:27:dd:55:8f:35:8a:d1:99:83:
80:2c:70:35:dc:d9:2b:34:18:c4:bf:3b:55:b3:d3:
15:73:b0:52:4f:89:8f:97:a8:2b:5a:5f:82:a8:ea:
d2:b9:30:3f:d2:93:fb:39:5b:49:ff:7a:7c:2f:74:
a0:26:05:1e:9a:e2:4b:79:f0:0c:02:2b:7a:53:19:
bc:0e:12:69:ac:47:2e:1c:c9:37:29:de:cd:7a:02:
39:37:e5:a4:a8:95:c8:88:24:e0:da:f2:36:02:b6:
fa:44:23:87:1c:a6:0a:53:e2:86:fd:3f:88:0d:bb:
69:cf:a6:f0:4d:65:ad:3a:c4:b7:4e:5d:98:f5:7c:
4a:f7:b6:66:6b:6f:1b:59:5c:de:a3:74:98:6c:99:
b6:90:d4:59:12:87:27:a3:9b:d4:9e:04:2f:f8:f7:
3a:57:eb:6c:72:ec:cc:ea:40:3f:d4:f7:af:75:66:
19:6f:2f:bd:43:b5:4f:75:45:b2:ac:88:f8:74:40:
34:a1:0b:6f:fd:76:b1:6e:68:24:d7:1f:5b:07:96:
94:15:33:a0:2d:08:0f:45:5a:bf:2e:25:cb:89:a1:
47:0e:70:c1:8f:a3:86:47:1d:50:d6:22:b8:03:a0:
8a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:95:2D:47:64:29:5A:EA:65:09:B4:58:3B:4B:90:9F:C6:3D:C0:A8
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/sJUtR2QpWuplCbRYO0uQn8Y9wKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.65.0/24
128.127.149.0-128.127.150.255
178.239.174.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:ce:71:79:f2:ba:5c:69:04:d2:6c:f3:81:c2:3a:e9:30:02:
87:97:4c:eb:e7:dd:5d:b8:eb:63:23:84:27:dd:6e:52:ac:57:
6d:f6:c1:23:59:60:c7:52:7f:9c:12:0f:a8:43:5d:a9:11:45:
87:92:c3:be:f0:3d:a1:44:e4:0f:29:b1:43:c9:3a:5e:16:dd:
cc:0e:01:0e:02:c9:bb:a4:97:61:48:a1:23:f6:07:72:d2:3e:
0f:ed:f5:b9:84:1a:6c:c7:ef:f2:e4:2e:26:24:90:79:5a:2d:
65:94:87:0d:83:6d:f5:85:db:f6:0b:60:22:cd:72:11:da:dd:
bf:74:22:a0:9e:a1:93:c1:6a:99:e8:23:bc:2b:78:08:4e:a4:
3c:c3:2f:a5:b7:c3:12:ff:ec:b6:fd:bc:0a:98:e3:5d:df:54:
cd:cf:0a:6d:cc:bd:44:35:7d:27:52:88:ef:c4:11:12:68:37:
6e:e9:d6:cf:24:0e:f5:a7:16:cc:91:95:05:c3:60:fe:66:d6:
78:3a:1c:de:c0:e4:1e:e6:f2:f0:14:92:33:88:9f:ce:0f:26:
6f:e8:32:e6:be:7f:5f:71:ac:3e:b4:7f:00:5a:f9:43:a4:93:
27:d5:0c:38:91:6a:f2:0c:f8:92:fe:f9:dc:88:0b:fe:67:0a:
d0:f1:80:d4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYKh7Yjxl8pqOx8UhoHbFFU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjIwODE1MTQzNDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk1MmQ0NzY0Mjk1YWVhNjUwOWI0NTgzYjRiOTA5ZmM2M2RjMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKadGgUN+YzYMDq5ASELIbWo0agn
3VWPNYrRmYOALHA13NkrNBjEvztVs9MVc7BST4mPl6grWl+CqOrSuTA/0pP7OVtJ
/3p8L3SgJgUemuJLefAMAit6Uxm8DhJprEcuHMk3Kd7NegI5N+WkqJXIiCTg2vI2
Arb6RCOHHKYKU+KG/T+IDbtpz6bwTWWtOsS3Tl2Y9XxK97Zma28bWVzeo3SYbJm2
kNRZEocno5vUngQv+Pc6V+tscuzM6kA/1PevdWYZby+9Q7VPdUWyrIj4dEA0oQtv
/Xaxbmgk1x9bB5aUFTOgLQgPRVq/LiXLiaFHDnDBj6OGRx1Q1iK4A6CKwQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLCVLUdkKVrqZQm0WDtLkJ/GPcCoMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvc0pVdFIyUXBXdXBsQ2JSWU8wdVFuOFk5d0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWRVBMAwD
BACAf5UDBACAf5YDBACy764wDQYJKoZIhvcNAQELBQADggEBAKXOcXnyulxpBNJs
84HCOukwAoeXTOvn3V2462MjhCfdblKsV232wSNZYMdSf5wSD6hDXakRRYeSw77w
PaFE5A8psUPJOl4W3cwOAQ4Cybukl2FIoSP2B3LSPg/t9bmEGmzH7/LkLiYkkHla
LWWUhw2DbfWF2/YLYCLNchHa3b90IqCeoZPBapnoI7wreAhOpDzDL6W3wxL/7Lb9
vAqY413fVM3PCm3MvUQ1fSdSiO/EERJoN27p1s8kDvWnFsyRlQXDYP5m1ng6HN7A
5B7m8vAUkjOIn84PJm/oMua+f19xrD60fwBa+UOkkyfVDDiRavIM+JL++dyIC/5n
CtDxgNQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:32 2024 by rpki-client on console-ams.rpki-client.org