Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/3VZKA5IsIqZKNjYKhhQMV2j3tEw.roa
File: 3VZKA5IsIqZKNjYKhhQMV2j3tEw.roa (raw, json)
Hash identifier: H6YqhsNZfftzGiZEhBW7SvaxpuBp9nnE/RTn3BQWuw8=
Subject key identifier: DD:56:4A:03:92:2C:22:A6:4A:36:36:0A:86:14:0C:57:68:F7:B4:4C
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01853043CD6E51711E18C0DF8266AF56C3C9
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/3VZKA5IsIqZKNjYKhhQMV2j3tEw.roa
Signing time: Tue 20 Dec 2022 16:00:27 +0000
ROA not before: Tue 20 Dec 2022 16:00:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 89.42.29.0/24 maxlen: 24
91.250.244.0/24 maxlen: 24
89.37.128.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:43:cd:6e:51:71:1e:18:c0:df:82:66:af:56:c3:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Dec 20 16:00:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dd564a03922c22a64a36360a86140c5768f7b44c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7d:df:fa:5c:8e:ee:86:c5:02:a9:68:05:a5:
3e:a6:48:f1:c7:76:a5:6d:a0:26:c5:a2:81:e5:54:
4b:58:b1:cb:91:64:9b:a8:e9:60:ba:75:05:22:87:
67:ed:16:2f:20:e1:02:36:63:c0:1b:26:d7:4f:15:
e9:b1:ea:f1:78:2d:19:d3:b1:c3:6f:81:ac:db:dd:
fc:5f:46:84:77:1f:52:fa:70:f7:af:14:55:62:2e:
72:c2:a2:64:2c:69:03:1d:13:29:ad:9e:27:18:d0:
22:5d:bd:73:85:29:1a:8d:65:f1:0c:5e:d4:72:8e:
f5:80:67:f9:cb:97:13:ef:71:9d:4f:55:99:35:af:
2d:03:83:70:a2:b3:cd:95:32:45:fa:ae:0d:ff:fe:
a9:c0:2b:76:cd:a3:6b:e0:fc:f0:69:6e:91:58:2e:
86:93:91:77:d8:0d:fe:89:2e:cf:39:0b:cc:e6:c5:
c8:9e:7b:40:f2:0b:66:6f:e4:09:94:db:c2:bd:26:
e5:23:ee:19:99:d5:45:bf:c4:f3:a8:12:f8:8d:6c:
3d:f2:60:87:7d:84:98:a5:3d:26:2c:5d:2b:c5:ab:
0a:89:cd:38:36:00:50:4a:fc:f1:bf:c3:39:4d:a8:
20:ba:13:6f:45:26:61:7d:2c:a7:f8:8b:87:a8:c5:
44:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:56:4A:03:92:2C:22:A6:4A:36:36:0A:86:14:0C:57:68:F7:B4:4C
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/3VZKA5IsIqZKNjYKhhQMV2j3tEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.128.0/24
89.42.29.0/24
91.250.244.0/24
176.223.190.0/24
Signature Algorithm: sha256WithRSAEncryption
98:b2:05:e4:bb:07:e5:0f:3b:0d:c4:0c:ba:e4:cf:34:a7:fb:
29:b0:a8:a6:8d:5f:8b:3d:c3:1b:87:90:ef:24:2e:b8:f7:ed:
e1:ec:49:76:56:95:95:76:03:ef:58:e4:4f:c1:06:42:0f:7f:
99:9f:a4:0d:c8:9d:5c:c3:dd:92:19:bd:33:41:61:16:f0:30:
33:b7:46:25:19:24:a0:a4:e0:86:f3:83:b1:c2:e6:fc:c1:5e:
fe:4f:1d:53:90:9f:1c:20:53:f1:bd:29:06:9e:30:9b:60:e4:
01:79:5a:34:3d:70:b5:bb:c8:ce:76:f7:60:66:70:7b:9e:df:
45:bd:40:6a:c5:1f:25:c3:f8:d9:e1:d5:62:55:9c:4f:c2:ce:
ee:2d:17:06:b7:1f:9b:69:a3:00:c1:f4:91:6a:c5:a5:15:57:
1c:8e:9f:d8:ea:9e:85:15:10:e7:fc:8d:15:47:fd:41:d2:06:
59:ac:e3:1b:80:23:86:d1:d2:0d:cf:ce:05:2d:97:70:ca:2a:
ac:a1:8a:5f:3d:cb:fe:f6:16:11:17:11:a2:2c:d8:ee:d5:bc:
bf:38:63:57:98:d9:10:d5:66:e9:6e:8b:a3:15:e9:66:99:aa:
c7:79:6f:b6:f0:7a:4b:78:9b:a3:a0:e8:ff:e0:3c:f1:ea:75:
73:83:70:2d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUwQ81uUXEeGMDfgmavVsPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjIxMjIwMTYwMDI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDU2NGEwMzkyMmMyMmE2NGEzNjM2MGE4NjE0MGM1NzY4ZjdiNDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqn3f+lyO7obFAqloBaU+pkjxx3al
baAmxaKB5VRLWLHLkWSbqOlgunUFIodn7RYvIOECNmPAGybXTxXpserxeC0Z07HD
b4Gs2938X0aEdx9S+nD3rxRVYi5ywqJkLGkDHRMprZ4nGNAiXb1zhSkajWXxDF7U
co71gGf5y5cT73GdT1WZNa8tA4NworPNlTJF+q4N//6pwCt2zaNr4PzwaW6RWC6G
k5F32A3+iS7POQvM5sXInntA8gtmb+QJlNvCvSblI+4ZmdVFv8TzqBL4jWw98mCH
fYSYpT0mLF0rxasKic04NgBQSvzxv8M5TagguhNvRSZhfSyn+IuHqMVEnQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFN1WSgOSLCKmSjY2CoYUDFdo97RMMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvM1ZaS0E1SXNJcVpLTmpZS2hoUU1WMmozdEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSWAAwQA
WSodAwQAW/r0AwQAsN++MA0GCSqGSIb3DQEBCwUAA4IBAQCYsgXkuwflDzsNxAy6
5M80p/spsKimjV+LPcMbh5DvJC649+3h7El2VpWVdgPvWORPwQZCD3+Zn6QNyJ1c
w92SGb0zQWEW8DAzt0YlGSSgpOCG84Oxwub8wV7+Tx1TkJ8cIFPxvSkGnjCbYOQB
eVo0PXC1u8jOdvdgZnB7nt9FvUBqxR8lw/jZ4dViVZxPws7uLRcGtx+baaMAwfSR
asWlFVccjp/Y6p6FFRDn/I0VR/1B0gZZrOMbgCOG0dINz84FLZdwyiqsoYpfPcv+
9hYRFxGiLNju1by/OGNXmNkQ1WbpboujFelmmarHeW+28HpLeJujoOj/4Dzx6nVz
g3At
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:04 2023 by rpki-client on console-fra.rpki-client.org