Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CWhM1cArso6W1LCDPQpbhVfWoR0.roa
File: CWhM1cArso6W1LCDPQpbhVfWoR0.roa (raw, json)
Hash identifier: 3cXclD5yfeZZiaYV5GQo1nCrL7hDBZa7IdloqwiWtjA=
Subject key identifier: 09:68:4C:D5:C0:2B:B2:8E:96:D4:B0:83:3D:0A:5B:85:57:D6:A1:1D
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0184E33409292336D802E31A9142EED963F4
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CWhM1cArso6W1LCDPQpbhVfWoR0.roa
Signing time: Mon 05 Dec 2022 16:52:28 +0000
ROA not before: Mon 05 Dec 2022 16:52:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 89.40.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:34:09:29:23:36:d8:02:e3:1a:91:42:ee:d9:63:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Dec 5 16:52:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09684cd5c02bb28e96d4b0833d0a5b8557d6a11d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:15:64:e3:9e:c0:23:b7:ae:e8:8c:e4:57:3c:
3b:6f:af:1a:0c:42:2c:7c:be:f5:1e:36:91:c0:40:
b6:1c:40:dc:f5:08:b6:dd:fe:7d:fb:df:d4:b6:4c:
46:1d:e6:f1:7e:6e:b9:8d:a6:c3:0d:13:30:d4:79:
64:0f:99:3c:f7:a8:7b:23:9d:9e:6d:7e:d3:8f:3a:
f6:80:49:d9:78:a6:3c:73:da:99:29:30:74:43:63:
bd:16:a0:fa:a8:0c:70:f1:0f:88:4a:71:b0:5b:2a:
79:00:a7:ba:7e:b3:b4:d2:cc:29:e8:12:b5:1d:1b:
18:e8:86:ea:94:7e:5a:41:fb:67:71:21:14:d6:ce:
05:f7:f0:51:30:7c:d3:bd:3b:63:7c:08:c0:4e:7a:
4f:57:e2:0f:51:d2:de:75:29:64:fa:c2:48:c2:d2:
be:b2:eb:ce:04:9c:a4:c6:57:9f:ab:d7:d9:f4:da:
2c:e5:f6:dd:5c:b8:d0:87:1c:6a:b9:53:66:08:6d:
78:5b:6a:48:fe:c1:65:c2:ae:3e:bf:6d:b2:d0:c0:
9b:41:cb:15:42:f3:6b:40:4d:b1:55:5a:07:0e:ef:
2c:b9:7e:0e:40:9c:38:8c:4e:8f:6a:77:87:ff:92:
e1:4c:c6:f5:38:d8:5b:ca:83:31:d8:d8:c2:b6:23:
38:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:68:4C:D5:C0:2B:B2:8E:96:D4:B0:83:3D:0A:5B:85:57:D6:A1:1D
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/CWhM1cArso6W1LCDPQpbhVfWoR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.166.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:2b:88:af:88:36:16:3f:98:a6:49:c1:b5:f0:9d:a8:b9:6e:
0d:58:29:e9:db:f6:ed:2a:90:d3:22:10:91:bd:a5:c6:a8:14:
fa:2e:88:6e:ff:57:71:6d:68:b0:1b:dd:e4:7a:6c:ae:a1:92:
b9:34:4c:ca:a4:fb:e4:0a:81:34:a6:79:14:fc:b6:4a:86:2f:
48:bd:b4:19:81:3e:03:50:e5:b6:a3:90:15:9f:36:f5:12:4c:
1e:6f:00:36:ca:49:ce:5e:b3:f3:b8:07:de:49:ab:09:13:0e:
c3:4e:d3:fd:ef:53:c9:e6:fd:95:72:36:e2:28:a6:33:24:62:
26:db:b0:c2:3f:31:0f:46:f4:20:68:cf:b5:6e:10:62:a6:59:
3d:0b:73:1b:8c:9c:dd:7d:5d:77:cb:d8:55:d4:2d:31:dd:ff:
b3:bf:4b:2c:b1:87:55:6a:55:c5:0d:fe:75:6f:19:e8:be:c2:
f8:b5:d0:ed:88:09:a3:33:80:2a:8c:8f:ff:cb:ad:10:f8:ec:
bf:35:17:6a:19:9d:9d:53:1f:5e:f7:04:09:b8:1a:af:ea:3e:
72:31:8f:de:92:6b:1e:14:2d:ba:10:44:cf:4b:8b:aa:50:51:
30:72:fb:94:e8:a5:d6:77:ae:21:ab:e3:1d:02:5f:96:e0:64:
e9:00:26:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTjNAkpIzbYAuMakULu2WP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjIxMjA1MTY1MjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTY4NGNkNWMwMmJiMjhlOTZkNGIwODMzZDBhNWI4NTU3ZDZhMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixVk457AI7eu6IzkVzw7b68aDEIs
fL71HjaRwEC2HEDc9Qi23f59+9/UtkxGHebxfm65jabDDRMw1HlkD5k896h7I52e
bX7Tjzr2gEnZeKY8c9qZKTB0Q2O9FqD6qAxw8Q+ISnGwWyp5AKe6frO00swp6BK1
HRsY6IbqlH5aQftncSEU1s4F9/BRMHzTvTtjfAjATnpPV+IPUdLedSlk+sJIwtK+
suvOBJykxlefq9fZ9Nos5fbdXLjQhxxquVNmCG14W2pI/sFlwq4+v22y0MCbQcsV
QvNrQE2xVVoHDu8suX4OQJw4jE6PaneH/5LhTMb1ONhbyoMx2NjCtiM4PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAloTNXAK7KOltSwgz0KW4VX1qEdMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvQ1doTTFjQXJzbzZXMUxDRFBRcGJoVmZXb1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSimMA0G
CSqGSIb3DQEBCwUAA4IBAQBMK4iviDYWP5imScG18J2ouW4NWCnp2/btKpDTIhCR
vaXGqBT6Lohu/1dxbWiwG93kemyuoZK5NEzKpPvkCoE0pnkU/LZKhi9IvbQZgT4D
UOW2o5AVnzb1EkwebwA2yknOXrPzuAfeSasJEw7DTtP971PJ5v2VcjbiKKYzJGIm
27DCPzEPRvQgaM+1bhBiplk9C3MbjJzdfV13y9hV1C0x3f+zv0sssYdValXFDf51
bxnovsL4tdDtiAmjM4AqjI//y60Q+Oy/NRdqGZ2dUx9e9wQJuBqv6j5yMY/ekmse
FC26EETPS4uqUFEwcvuU6KXWd64hq+MdAl+W4GTpACaO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:55 2023 by rpki-client on console-ams.rpki-client.org