Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-FMKpvOEYab3SVdWlKCO6ZsESsI.roa
File: 1-FMKpvOEYab3SVdWlKCO6ZsESsI.roa (raw, json)
Hash identifier: LbeWoU3LdnqOjaf3R2a71jM9mbYbT5EPeM0U2bgwG60=
Subject key identifier: F8:53:0A:A6:F3:84:61:A6:F7:49:57:56:94:A0:8E:E9:9B:04:4A:C2
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 03484E45
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-FMKpvOEYab3SVdWlKCO6ZsESsI.roa
Signing time: Thu 10 Mar 2022 19:19:44 +0000
ROA not before: Thu 10 Mar 2022 19:19:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 89.37.106.0/24 maxlen: 24
94.177.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55070277 (0x3484e45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Mar 10 19:19:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8530aa6f38461a6f749575694a08ee99b044ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:dc:0d:cf:d8:82:d4:73:2b:35:58:36:91:e2:
25:01:3c:59:71:c9:00:2b:8e:19:bb:11:90:05:6b:
86:1e:52:4c:d8:68:b8:c1:e3:c3:c3:60:df:33:70:
60:78:78:e5:93:83:ee:12:94:36:68:2b:7f:bb:a8:
24:32:d4:72:a4:30:9b:ff:e2:bc:a4:5b:14:8e:8d:
b5:fd:9f:c9:c1:fd:10:19:f7:e5:59:a3:41:07:8f:
f5:af:2d:fe:b0:0b:4c:de:b8:c7:6b:a9:1a:d3:f0:
12:d1:75:f6:e0:77:33:f7:c2:0d:d8:32:db:e1:2e:
0f:c7:3f:38:ee:ab:a3:54:a9:ff:3b:86:1e:c4:9c:
56:f7:3d:5d:9c:91:f1:2d:24:4e:3d:b5:f0:c4:41:
a9:70:8b:66:1b:2a:69:36:f3:5b:25:5b:61:9a:58:
b7:ca:ec:94:5e:de:71:b7:ea:ed:c5:df:6e:de:fd:
88:78:98:a9:42:d0:d2:9d:cc:58:63:24:eb:c7:a3:
c6:b5:78:56:4d:5a:4d:ec:39:5c:ad:bc:8b:c9:d4:
07:ab:45:86:51:27:16:a2:e6:3f:b6:a9:90:e0:81:
d7:21:1c:29:46:ad:36:78:ce:9c:a2:4e:09:3b:f8:
43:10:e8:f7:02:df:f4:c8:39:41:d9:68:4b:96:63:
ff:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:53:0A:A6:F3:84:61:A6:F7:49:57:56:94:A0:8E:E9:9B:04:4A:C2
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/1-FMKpvOEYab3SVdWlKCO6ZsESsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.106.0/24
94.177.65.0/24
Signature Algorithm: sha256WithRSAEncryption
53:37:9c:39:5c:b2:48:0e:98:07:4b:7a:5e:f7:e7:57:63:39:
c2:43:85:29:45:c1:f0:41:a2:37:73:d1:11:70:c8:c0:13:73:
4c:6a:ca:34:1a:72:2e:c0:b3:e1:1e:4f:ca:73:dc:7a:ef:8d:
7d:61:62:c9:41:9e:cf:ea:68:50:cd:ca:c2:98:c4:fc:cb:18:
ec:41:29:02:a3:de:91:1d:22:a3:f3:1f:f3:98:3c:e0:76:57:
7b:2e:5a:a2:ba:b6:cc:ef:4b:8c:ff:59:c9:69:41:cc:0b:f4:
9b:ed:01:cf:34:e8:14:e2:10:8f:07:03:5f:bb:a7:17:c8:19:
22:6c:e8:02:93:a5:19:bd:27:93:ff:d2:13:d2:d7:52:8c:84:
7d:1c:2e:d0:3f:9b:b2:94:31:a7:51:c1:94:1c:db:1a:f6:06:
67:6c:a5:55:4e:a5:e9:5f:1c:43:43:79:db:f3:87:22:ca:dd:
c3:47:7f:00:06:51:33:56:a0:bd:8a:4e:05:6d:ea:9b:6d:09:
ef:8b:6c:9d:a1:47:18:80:59:5d:bd:f7:85:4f:85:b6:a0:d3:
1a:4a:05:20:79:bb:b2:ef:be:c2:b1:53:68:48:28:80:c7:45:
bf:ff:1e:86:2a:70:1d:df:1a:7c:a0:8f:4d:d8:ee:fe:a7:54:
52:e8:db:e4
-----BEGIN CERTIFICATE-----
MIIE9jCCA96gAwIBAgIEA0hORTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTAwZTk4MTk1MzA2MTk3MmM4OTZiZDZkMjc3MzhkMDgzYWFkYjBlMB4XDTIyMDMx
MDE5MTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg1MzBhYTZmMzg0
NjFhNmY3NDk1NzU2OTRhMDhlZTk5YjA0NGFjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALrcDc/YgtRzKzVYNpHiJQE8WXHJACuOGbsRkAVrhh5STNho
uMHjw8Ng3zNwYHh45ZOD7hKUNmgrf7uoJDLUcqQwm//ivKRbFI6Ntf2fycH9EBn3
5VmjQQeP9a8t/rALTN64x2upGtPwEtF19uB3M/fCDdgy2+EuD8c/OO6ro1Sp/zuG
HsScVvc9XZyR8S0kTj218MRBqXCLZhsqaTbzWyVbYZpYt8rslF7ecbfq7cXfbt79
iHiYqULQ0p3MWGMk68ejxrV4Vk1aTew5XK28i8nUB6tFhlEnFqLmP7apkOCB1yEc
KUatNnjOnKJOCTv4QxDo9wLf9Mg5QdloS5Zj/98CAwEAAaOCAhAwggIMMB0GA1Ud
DgQWBBT4Uwqm84RhpvdJV1aUoI7pmwRKwjAfBgNVHSMEGDAWgBTaAOmBlTBhlyyJ
a9bSdzjQg6rbDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8x
LzEtRk1LcHZPRVlhYjNTVmRXbEtDTzZac0VTc0kucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Zm
LzgyYTdkNi05MmE5LTQyMDQtOWFlMC05YTQ4ZWNmOWUxNWUvMS8yZ0RwZ1pVd1la
Y3NpV3ZXMG5jNDBJT3EydzQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
JQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABZJWoDBABesUEwDQYJKoZIhvcN
AQELBQADggEBAFM3nDlcskgOmAdLel7351djOcJDhSlFwfBBojdz0RFwyMATc0xq
yjQaci7As+EeT8pz3HrvjX1hYslBns/qaFDNysKYxPzLGOxBKQKj3pEdIqPzH/OY
POB2V3suWqK6tszvS4z/WclpQcwL9JvtAc806BTiEI8HA1+7pxfIGSJs6AKTpRm9
J5P/0hPS11KMhH0cLtA/m7KUMadRwZQc2xr2BmdspVVOpelfHENDedvzhyLK3cNH
fwAGUTNWoL2KTgVt6pttCe+LbJ2hRxiAWV2994VPhbag0xpKBSB5u7LvvsKxU2hI
KIDHRb//HoYqcB3fGnygj03Y7v6nVFLo2+Q=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-fra.rpki-client.org