Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/_ff9h9ByVPrJOEXgzpTzVM9RU9s.roa
File: _ff9h9ByVPrJOEXgzpTzVM9RU9s.roa (raw, json)
Hash identifier: 9GMLIDdkOZfwVKBSB6fN1id4PlF6HFC3NuksX8yS1M8=
Subject key identifier: FD:F7:FD:87:D0:72:54:FA:C9:38:45:E0:CE:94:F3:54:CF:51:53:DB
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 0184ED5C9D45B08F1F02175899EFE05A4A4F
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/_ff9h9ByVPrJOEXgzpTzVM9RU9s.roa
Signing time: Wed 07 Dec 2022 16:13:00 +0000
ROA not before: Wed 07 Dec 2022 16:13:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 89.42.29.0/24 maxlen: 24
91.250.244.0/24 maxlen: 24
176.223.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ed:5c:9d:45:b0:8f:1f:02:17:58:99:ef:e0:5a:4a:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Dec 7 16:13:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fdf7fd87d07254fac93845e0ce94f354cf5153db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cb:76:87:46:7e:5a:5f:64:80:b5:84:18:b7:
00:7e:33:84:f1:b9:b0:6c:33:e9:da:a6:ad:9f:87:
1e:dd:f8:14:68:d1:f4:b9:36:a5:20:d9:c6:00:26:
05:6b:57:2e:d0:e1:5e:3d:86:e6:fc:88:ae:35:aa:
dc:03:bd:e2:7b:c8:6a:b4:67:23:5a:9d:b7:38:f1:
f1:78:a8:71:5e:24:91:5f:9a:f4:39:a6:db:c0:26:
2d:02:6f:e6:42:4c:c1:8f:92:ec:ca:67:c3:67:60:
c6:a8:32:ad:e7:57:8c:c8:69:2c:46:e4:d9:a5:83:
8a:f4:00:31:fd:23:29:e5:9b:8e:0c:3e:d5:76:41:
81:6a:4c:3e:c9:43:05:6c:2e:6c:30:5c:6a:9c:36:
ef:ef:e8:1a:24:06:0f:f3:8d:70:f8:d2:29:cb:47:
a0:5a:0c:34:44:43:1b:43:a9:c2:05:14:2a:a3:3a:
6f:9c:db:ff:d5:4d:26:45:00:c5:5f:9f:2b:f6:ab:
d1:ac:f7:22:9e:d2:f9:41:24:58:0f:ac:39:a7:34:
5b:c5:da:c1:74:a3:a7:1a:65:c8:12:d2:bc:1b:1e:
c2:1b:ae:59:1f:ef:56:36:1a:d7:00:23:b0:66:d6:
2f:2a:23:7a:20:ae:f2:68:21:38:97:15:6a:a1:de:
a7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F7:FD:87:D0:72:54:FA:C9:38:45:E0:CE:94:F3:54:CF:51:53:DB
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/_ff9h9ByVPrJOEXgzpTzVM9RU9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.29.0/24
91.250.244.0/24
176.223.190.0/24
Signature Algorithm: sha256WithRSAEncryption
30:00:1e:8d:bc:46:bb:5d:e0:81:b8:b1:e7:dd:85:6d:7c:46:
57:48:44:62:c6:41:ea:77:b4:89:95:ce:f6:17:30:16:d0:74:
79:58:53:36:24:54:9a:49:6d:b5:2a:64:35:aa:9d:0c:f5:f3:
ef:7c:7f:2a:c7:32:88:02:7c:f4:51:1d:62:57:be:be:af:f4:
03:e7:38:36:6d:60:f9:20:93:9e:e0:3e:8e:25:94:17:ae:77:
db:18:ff:51:45:d6:c9:54:ba:f4:37:73:22:59:54:6a:f1:f8:
66:07:35:e5:91:e0:f8:03:a2:f3:bf:51:75:02:6a:88:69:51:
5c:17:0f:f4:74:d5:25:9a:98:df:40:bf:bb:14:e0:37:22:c3:
da:0b:ea:6b:eb:2b:91:6f:77:31:9a:f5:b1:06:b0:52:ee:b5:
e1:75:4f:3f:4e:cf:9a:88:b1:38:aa:ee:35:79:47:09:cd:c2:
54:f5:e4:fd:6f:45:b9:d5:93:2c:27:7d:cf:ec:cf:17:8f:7e:
5e:36:1e:0d:3c:a6:df:e0:9f:de:ca:a0:51:a9:8e:96:8d:d8:
21:c8:9b:c2:bc:17:2d:48:6e:e6:df:20:bb:c7:6b:f5:ed:a1:
f0:fd:3f:52:11:5a:b9:3a:97:03:13:3c:29:28:db:b0:50:89:
e7:01:38:4e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTtXJ1FsI8fAhdYme/gWkpPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjIxMjA3MTYxMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGY3ZmQ4N2QwNzI1NGZhYzkzODQ1ZTBjZTk0ZjM1NGNmNTE1M2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ct2h0Z+Wl9kgLWEGLcAfjOE8bmw
bDPp2qatn4ce3fgUaNH0uTalINnGACYFa1cu0OFePYbm/IiuNarcA73ie8hqtGcj
Wp23OPHxeKhxXiSRX5r0OabbwCYtAm/mQkzBj5LsymfDZ2DGqDKt51eMyGksRuTZ
pYOK9AAx/SMp5ZuODD7VdkGBakw+yUMFbC5sMFxqnDbv7+gaJAYP841w+NIpy0eg
Wgw0REMbQ6nCBRQqozpvnNv/1U0mRQDFX58r9qvRrPcintL5QSRYD6w5pzRbxdrB
dKOnGmXIEtK8Gx7CG65ZH+9WNhrXACOwZtYvKiN6IK7yaCE4lxVqod6nmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP33/YfQclT6yThF4M6U81TPUVPbMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvX2ZmOWg5QnlWUHJKT0VYZ3pwVHpWTTlSVTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSodAwQA
W/r0AwQAsN++MA0GCSqGSIb3DQEBCwUAA4IBAQAwAB6NvEa7XeCBuLHn3YVtfEZX
SERixkHqd7SJlc72FzAW0HR5WFM2JFSaSW21KmQ1qp0M9fPvfH8qxzKIAnz0UR1i
V76+r/QD5zg2bWD5IJOe4D6OJZQXrnfbGP9RRdbJVLr0N3MiWVRq8fhmBzXlkeD4
A6Lzv1F1AmqIaVFcFw/0dNUlmpjfQL+7FOA3IsPaC+pr6yuRb3cxmvWxBrBS7rXh
dU8/Ts+aiLE4qu41eUcJzcJU9eT9b0W51ZMsJ33P7M8Xj35eNh4NPKbf4J/eyqBR
qY6WjdghyJvCvBctSG7m3yC7x2v17aHw/T9SEVq5OpcDEzwpKNuwUInnAThO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:55 2023 by rpki-client on console-ams.rpki-client.org