Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CTRzuvXiRKL-ORNTj4xyCXZPNeI.roa
File: CTRzuvXiRKL-ORNTj4xyCXZPNeI.roa (raw, json)
Hash identifier: xBkjp0QbNXIe2c2S6+mN2IyNDkyU8FHx22nNqezGabg=
Subject key identifier: 09:34:73:BA:F5:E2:44:A2:FE:39:13:53:8F:8C:72:09:76:4F:35:E2
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0320F9AA
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CTRzuvXiRKL-ORNTj4xyCXZPNeI.roa
Signing time: Wed 23 Feb 2022 01:42:42 +0000
ROA not before: Wed 23 Feb 2022 01:42:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396073
IP address blocks: 89.36.236.0/22 maxlen: 24
185.64.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52492714 (0x320f9aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 23 01:42:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=093473baf5e244a2fe3913538f8c7209764f35e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9e:16:49:3d:b9:e9:dd:cd:5d:ed:e9:6e:c2:
63:a7:85:fe:d0:57:14:14:6f:27:01:b7:1a:93:40:
42:19:77:ed:49:07:d3:2e:1a:2d:20:35:40:cb:f2:
9e:08:e0:0d:14:4a:a9:25:45:7a:2b:de:00:9a:96:
e6:a6:a4:b7:79:47:47:a5:06:ea:c0:33:8f:32:02:
c6:ca:db:0a:11:0d:fd:cc:8b:6a:20:97:33:a0:4d:
56:0e:45:8f:c7:fa:74:f7:d4:65:6b:90:d7:12:99:
b2:67:bb:0b:e3:62:46:9e:f0:df:18:3b:84:4a:23:
f7:2d:9e:54:e2:ce:ea:14:b7:47:e6:94:2d:a5:1e:
ba:ef:ec:1c:7b:46:19:66:b5:7b:eb:70:5a:63:53:
60:8d:34:7c:e8:a7:d8:d9:f0:ba:06:68:7a:6f:7d:
70:99:03:2f:cd:6d:36:05:6c:35:19:ab:7d:c7:04:
52:41:6f:cb:9a:b1:2c:96:6e:63:ad:1c:fc:fa:3a:
35:59:1f:8b:46:d4:83:61:49:65:53:cb:89:b7:4c:
cd:a5:9e:da:e5:4c:a6:f8:22:e1:7d:fb:4a:e9:51:
b6:86:0c:6e:71:6a:1b:3b:10:2f:ae:54:ed:d8:cf:
3b:29:27:fb:90:71:15:71:f4:4d:54:1b:48:bc:b7:
78:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:34:73:BA:F5:E2:44:A2:FE:39:13:53:8F:8C:72:09:76:4F:35:E2
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CTRzuvXiRKL-ORNTj4xyCXZPNeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.236.0/22
185.64.100.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:2f:b4:64:73:f0:57:e4:d3:b6:c1:d3:69:51:5c:5d:60:54:
64:66:37:88:38:36:ac:aa:3c:b9:c2:87:4a:18:17:0a:dc:0a:
bf:f2:71:d1:5f:2d:58:1b:3d:09:01:4f:30:c2:44:09:64:95:
b7:17:b8:88:a3:b4:f6:8c:bc:42:9a:19:37:ef:6c:0d:56:87:
fe:dd:65:05:3d:c3:13:93:83:d1:7d:f6:ab:11:53:1d:ca:f8:
59:6b:9f:47:df:fe:7c:16:1b:f0:1b:ed:f0:fd:dc:0b:ce:d3:
20:cc:80:c7:a1:61:f7:dc:8f:19:de:6b:86:ce:de:70:c9:1b:
e0:ed:5f:81:ca:8e:7a:ab:bd:cc:0c:2f:ad:e3:8b:03:e4:ca:
6f:5b:96:3d:dc:f8:b1:e4:8a:b2:26:79:be:53:8d:c5:05:3d:
d1:7f:66:67:8a:2e:2d:3b:92:3e:90:23:3c:c9:e3:f7:c8:1e:
30:c5:72:c7:28:82:cc:f1:d3:52:04:4f:41:c8:d6:1b:90:68:
49:8d:41:b6:2c:0f:11:f9:84:33:2f:39:10:35:36:14:ea:99:
63:13:71:3b:10:cc:f0:05:22:d1:7a:1e:b0:cd:7c:62:cd:ea:
9f:16:5e:50:61:ba:11:d4:8c:c3:19:98:e9:06:f3:b7:27:8d:
8d:11:3a:0a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAyD5qjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTAwZTk4MTk1MzA2MTk3MmM4OTZiZDZkMjc3MzhkMDgzYWFkYjBlMB4XDTIyMDIy
MzAxNDI0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDkzNDczYmFmNWUy
NDRhMmZlMzkxMzUzOGY4YzcyMDk3NjRmMzVlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKeFkk9uendzV3t6W7CY6eF/tBXFBRvJwG3GpNAQhl37UkH
0y4aLSA1QMvyngjgDRRKqSVFeiveAJqW5qakt3lHR6UG6sAzjzICxsrbChEN/cyL
aiCXM6BNVg5Fj8f6dPfUZWuQ1xKZsme7C+NiRp7w3xg7hEoj9y2eVOLO6hS3R+aU
LaUeuu/sHHtGGWa1e+twWmNTYI00fOin2NnwugZoem99cJkDL81tNgVsNRmrfccE
UkFvy5qxLJZuY60c/Po6NVkfi0bUg2FJZVPLibdMzaWe2uVMpvgi4X37SulRtoYM
bnFqGzsQL65U7djPOykn+5BxFXH0TVQbSLy3eHsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQJNHO69eJEov45E1OPjHIJdk814jAfBgNVHSMEGDAWgBTaAOmBlTBhlyyJ
a9bSdzjQg6rbDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJnRHBnWlV3WVpjc2lXdlcwbmM0MElPcTJ3NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8x
L0NUUnp1dlhpUktMLU9STlRqNHh5Q1haUE5lSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
ODJhN2Q2LTkyYTktNDIwNC05YWUwLTlhNDhlY2Y5ZTE1ZS8xLzJnRHBnWlV3WVpj
c2lXdlcwbmM0MElPcTJ3NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlkk7AMEArlAZDANBgkqhkiG9w0B
AQsFAAOCAQEAbi+0ZHPwV+TTtsHTaVFcXWBUZGY3iDg2rKo8ucKHShgXCtwKv/Jx
0V8tWBs9CQFPMMJECWSVtxe4iKO09oy8QpoZN+9sDVaH/t1lBT3DE5OD0X32qxFT
Hcr4WWufR9/+fBYb8Bvt8P3cC87TIMyAx6Fh99yPGd5rhs7ecMkb4O1fgcqOequ9
zAwvreOLA+TKb1uWPdz4seSKsiZ5vlONxQU90X9mZ4ouLTuSPpAjPMnj98geMMVy
xyiCzPHTUgRPQcjWG5BoSY1BtiwPEfmEMy85EDU2FOqZYxNxOxDM8AUi0XoesM18
Ys3qnxZeUGG6EdSMwxmY6QbztyeNjRE6Cg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:14 2024 by rpki-client on console-fra.rpki-client.org