Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/G3TULZ9mYgte1wzBxhas_Er0UYQ.roa
File: G3TULZ9mYgte1wzBxhas_Er0UYQ.roa (raw, json)
Hash identifier: OtWm+C633kxKFUXCI+06dapsQt1B0eGOwo8XvqFP2Ys=
Subject key identifier: 1B:74:D4:2D:9F:66:62:0B:5E:D7:0C:C1:C6:16:AC:FC:4A:F4:51:84
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 01852B207728882CAD188D2C1DDD0C0EAE42
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/G3TULZ9mYgte1wzBxhas_Er0UYQ.roa
Signing time: Mon 19 Dec 2022 16:03:45 +0000
ROA not before: Mon 19 Dec 2022 16:03:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 89.40.166.0/24 maxlen: 24
94.177.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2b:20:77:28:88:2c:ad:18:8d:2c:1d:dd:0c:0e:ae:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Dec 19 16:03:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b74d42d9f66620b5ed70cc1c616acfc4af45184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e7:f0:57:7d:ff:b1:75:d0:c9:d5:bf:45:3e:
d1:bb:4d:a4:8b:1e:8f:45:2b:18:6a:4b:89:d7:0b:
60:19:c2:19:e3:f6:eb:fb:17:c7:9f:63:9e:58:24:
b5:28:bb:db:e0:f8:4b:3d:46:09:a7:35:5e:e0:2c:
ce:0b:0e:f7:58:48:ef:0b:13:f0:87:09:a4:53:33:
16:27:67:66:2f:18:a0:ea:fb:07:27:22:a4:35:35:
d3:48:79:30:c7:1d:0d:8c:84:f2:5f:5d:3e:59:4c:
e1:b7:1e:ec:da:b2:4a:41:ad:22:0d:2f:84:59:3e:
4a:35:8d:77:a7:6a:d2:0f:b8:e7:66:36:87:b1:e1:
0f:db:44:23:8b:82:77:04:81:d5:14:3e:77:ab:c4:
5f:bb:de:c6:8f:a3:03:e0:92:ba:ae:e4:60:b9:d3:
04:a9:8f:d2:e3:d8:2e:0d:47:15:b4:e1:3f:70:ec:
3d:b2:35:df:3d:5d:1a:4e:18:e0:bb:c9:82:2f:45:
35:f7:a2:63:82:87:2a:b5:1d:97:85:5e:1f:98:16:
e9:a1:83:02:b4:c3:e2:27:a7:61:04:a7:fd:3a:87:
2c:7d:8c:7a:a5:94:6c:e0:48:9f:89:c9:8f:cd:8e:
dc:d4:8d:e0:d7:62:13:93:69:f0:87:7a:93:89:60:
8d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:74:D4:2D:9F:66:62:0B:5E:D7:0C:C1:C6:16:AC:FC:4A:F4:51:84
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/G3TULZ9mYgte1wzBxhas_Er0UYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.166.0/24
94.177.113.0/24
Signature Algorithm: sha256WithRSAEncryption
05:4f:9e:4c:29:68:25:09:0a:a1:c7:60:c6:3a:c3:a5:8f:1a:
c9:ba:82:89:0d:f0:9c:0a:c0:a8:c6:09:bc:72:33:e2:90:57:
cd:25:d1:35:90:a3:4d:01:55:74:ec:3a:be:a5:51:70:99:8d:
f5:a0:8c:a7:f2:5e:43:67:49:a6:d0:a5:43:24:37:f9:d4:aa:
c6:62:fe:d6:8c:45:44:7a:73:7e:11:b5:96:f9:42:b3:0c:c5:
41:de:5d:fb:27:3b:a1:ce:f0:56:7a:6f:b8:ab:66:62:5e:bc:
49:70:1d:db:96:26:ab:88:03:51:10:ca:2e:ab:69:ac:f1:62:
57:77:f8:8d:e4:91:c1:cb:f1:bc:fc:d3:24:7c:b4:41:ab:8b:
27:c9:df:b4:57:0d:d6:de:4b:dc:f8:89:c0:ca:52:c6:f1:24:
0a:01:93:43:cb:85:c3:cb:41:c6:a2:f1:f3:43:da:3d:7d:cc:
2c:ad:7f:b6:b5:bb:bf:76:07:ae:bf:61:12:90:b4:5d:9a:07:
cf:95:ee:c3:3f:38:71:11:94:7b:94:89:ca:2c:3f:17:a0:ac:
44:64:13:8c:d5:53:9d:6b:00:f7:61:69:2e:d2:63:da:dc:7b:
a8:0a:2a:17:8c:1e:6c:5c:98:90:a8:37:04:57:27:1d:cd:96:
49:1b:11:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUrIHcoiCytGI0sHd0MDq5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjIxMjE5MTYwMzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjc0ZDQyZDlmNjY2MjBiNWVkNzBjYzFjNjE2YWNmYzRhZjQ1MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOfwV33/sXXQydW/RT7Ru02kix6P
RSsYakuJ1wtgGcIZ4/br+xfHn2OeWCS1KLvb4PhLPUYJpzVe4CzOCw73WEjvCxPw
hwmkUzMWJ2dmLxig6vsHJyKkNTXTSHkwxx0NjITyX10+WUzhtx7s2rJKQa0iDS+E
WT5KNY13p2rSD7jnZjaHseEP20Qji4J3BIHVFD53q8Rfu97Gj6MD4JK6ruRgudME
qY/S49guDUcVtOE/cOw9sjXfPV0aThjgu8mCL0U196JjgocqtR2XhV4fmBbpoYMC
tMPiJ6dhBKf9OocsfYx6pZRs4EificmPzY7c1I3g12ITk2nwh3qTiWCNCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBt01C2fZmILXtcMwcYWrPxK9FGEMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvRzNUVUxaOW1ZZ3RlMXd6QnhoYXNfRXIwVVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSimAwQA
XrFxMA0GCSqGSIb3DQEBCwUAA4IBAQAFT55MKWglCQqhx2DGOsOljxrJuoKJDfCc
CsCoxgm8cjPikFfNJdE1kKNNAVV07Dq+pVFwmY31oIyn8l5DZ0mm0KVDJDf51KrG
Yv7WjEVEenN+EbWW+UKzDMVB3l37JzuhzvBWem+4q2ZiXrxJcB3bliariANREMou
q2ms8WJXd/iN5JHBy/G8/NMkfLRBq4snyd+0Vw3W3kvc+InAylLG8SQKAZNDy4XD
y0HGovHzQ9o9fcwsrX+2tbu/dgeuv2ESkLRdmgfPle7DPzhxEZR7lInKLD8XoKxE
ZBOM1VOdawD3YWku0mPa3HuoCioXjB5sXJiQqDcEVycdzZZJGxHP
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:55 2023 by rpki-client on console-ams.rpki-client.org