Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/idAt7J4mqmSxP5kAqYKFGFjYwv4.roa
File: idAt7J4mqmSxP5kAqYKFGFjYwv4.roa (raw, json)
Hash identifier: X/FtozxqKLQfi1Vd8vKlolIsLk+E5FuJNtFRIWHYrjk=
Subject key identifier: 89:D0:2D:EC:9E:26:AA:64:B1:3F:99:00:A9:82:85:18:58:D8:C2:FE
Certificate issuer: /CN=8b054485ee62c6f1939613cba20669eef4504f79
Certificate serial: 01823CAB1CDB4DA364BFC8C6AE4BAFF77749
Authority key identifier: 8B:05:44:85:EE:62:C6:F1:93:96:13:CB:A2:06:69:EE:F4:50:4F:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwVEhe5ixvGTlhPLogZp7vRQT3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/idAt7J4mqmSxP5kAqYKFGFjYwv4.roa
Signing time: Tue 26 Jul 2022 22:40:23 +0000
ROA not before: Tue 26 Jul 2022 22:40:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59908
IP address blocks: 141.170.208.0/21 maxlen: 24
141.170.214.0/24 maxlen: 24
185.67.112.0/22 maxlen: 24
2a00:a3a0::/32 maxlen: 96
2a03:2460::/32 maxlen: 96
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3c:ab:1c:db:4d:a3:64:bf:c8:c6:ae:4b:af:f7:77:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b054485ee62c6f1939613cba20669eef4504f79
Validity
Not Before: Jul 26 22:40:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89d02dec9e26aa64b13f9900a982851858d8c2fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:eb:0f:e0:4e:53:19:7d:de:78:94:15:21:55:
13:f6:ec:1d:59:46:99:ea:80:1b:5a:ec:d5:27:75:
d0:75:48:ca:ea:1c:b5:d4:f9:74:8b:36:be:33:9f:
55:40:37:66:a4:68:d1:72:9a:26:72:d9:7f:51:aa:
64:73:9a:9f:91:d7:bf:cc:80:bc:73:cb:b8:bf:51:
20:8b:a5:4e:51:8b:eb:5a:ed:6b:46:a7:97:24:c5:
79:5e:ae:7b:87:fc:8d:ea:81:e7:06:17:fd:89:1f:
23:9a:33:2c:17:58:f2:6b:aa:e3:80:47:b6:c9:97:
37:78:5a:b1:06:96:70:3d:83:f7:73:db:72:66:8c:
45:c4:06:f4:52:12:d6:1f:3e:ca:8a:df:81:ae:53:
80:d9:4c:41:22:50:dd:65:ae:49:2a:f1:75:8b:9e:
fe:53:31:25:51:1f:28:cb:17:4c:9d:19:f4:e4:d9:
4a:cf:d0:a3:11:ef:98:26:c8:dd:f1:75:1c:7f:2f:
1d:0d:c8:1e:d0:bd:93:d6:cb:30:2a:c4:dc:43:b6:
d1:65:c5:6a:06:fb:a9:f2:8b:bf:a6:7e:d2:18:e7:
24:49:e4:73:95:88:2d:cc:28:a0:64:46:52:21:25:
1a:f6:d3:b4:e8:0f:6d:44:e4:40:0c:7f:85:37:09:
3b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D0:2D:EC:9E:26:AA:64:B1:3F:99:00:A9:82:85:18:58:D8:C2:FE
X509v3 Authority Key Identifier:
keyid:8B:05:44:85:EE:62:C6:F1:93:96:13:CB:A2:06:69:EE:F4:50:4F:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwVEhe5ixvGTlhPLogZp7vRQT3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/idAt7J4mqmSxP5kAqYKFGFjYwv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/iwVEhe5ixvGTlhPLogZp7vRQT3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.170.208.0/21
185.67.112.0/22
IPv6:
2a00:a3a0::/32
2a03:2460::/32
Signature Algorithm: sha256WithRSAEncryption
a3:5b:77:ed:c8:ec:6b:92:22:ef:17:ed:f8:76:d0:81:dd:f7:
5b:83:b7:ce:fc:8f:14:db:c7:b4:73:9f:32:c9:4b:6f:2f:ad:
54:41:68:b0:f3:9d:2a:44:4e:98:8f:cf:88:27:c0:06:ad:ca:
5b:e1:03:ce:9a:06:99:10:d1:02:c6:bf:e2:ac:5e:72:3b:e5:
ca:88:44:f2:a9:04:45:a0:2a:3b:11:bb:1c:24:a8:25:75:0d:
0f:e6:b1:0a:1c:aa:d1:6f:f3:a0:38:87:55:51:68:55:95:e0:
7c:ad:16:f7:c9:bf:d2:3d:4b:37:5a:4d:d3:ee:4e:ac:31:71:
7e:df:20:93:93:88:04:0e:e3:91:f9:11:6c:ba:11:e3:78:9c:
c7:ff:b6:e6:6a:98:a5:b7:b4:f9:12:26:ac:56:d4:02:c4:96:
12:ec:81:53:39:67:ef:5f:bc:63:14:76:66:db:b5:41:c2:9a:
41:94:0a:b0:1f:da:37:c2:3e:6f:47:df:0b:fe:07:22:63:36:
ce:87:62:db:76:87:6b:64:22:07:c2:f2:64:7f:35:3a:ee:c9:
58:75:9b:52:4d:cf:12:3a:0b:50:08:ce:35:3a:78:14:af:0d:
68:fb:fe:14:c6:8c:1c:dc:3f:39:c2:e3:79:49:67:2a:43:a0:
a7:14:7e:cf
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYI8qxzbTaNkv8jGrkuv93dJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDU0NDg1ZWU2MmM2ZjE5Mzk2MTNjYmEyMDY2OWVlZjQ1
MDRmNzkwHhcNMjIwNzI2MjI0MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQwMmRlYzllMjZhYTY0YjEzZjk5MDBhOTgyODUxODU4ZDhjMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOsP4E5TGX3eeJQVIVUT9uwdWUaZ
6oAbWuzVJ3XQdUjK6hy11Pl0iza+M59VQDdmpGjRcpomctl/Uapkc5qfkde/zIC8
c8u4v1Egi6VOUYvrWu1rRqeXJMV5Xq57h/yN6oHnBhf9iR8jmjMsF1jya6rjgEe2
yZc3eFqxBpZwPYP3c9tyZoxFxAb0UhLWHz7Kit+BrlOA2UxBIlDdZa5JKvF1i57+
UzElUR8oyxdMnRn05NlKz9CjEe+YJsjd8XUcfy8dDcge0L2T1sswKsTcQ7bRZcVq
Bvup8ou/pn7SGOckSeRzlYgtzCigZEZSISUa9tO06A9tRORADH+FNwk7DwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFInQLeyeJqpksT+ZAKmChRhY2ML+MB8GA1UdIwQY
MBaAFIsFRIXuYsbxk5YTy6IGae70UE95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdWRWhlNWl4dkdUbGhQTG9nWnA3dlJRVDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NzljMDktZjQ5YS00YjM4LWE3Nzgt
NmJjMzkwOTk1Y2FiLzEvaWRBdDdKNG1xbVN4UDVrQXFZS0ZHRmpZd3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NzljMDktZjQ5YS00YjM4LWE3NzgtNmJjMzkwOTk1Y2Fi
LzEvaXdWRWhlNWl4dkdUbGhQTG9nWnA3dlJRVDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQDjarQAwQC
uUNwMBQEAgACMA4DBQAqAKOgAwUAKgMkYDANBgkqhkiG9w0BAQsFAAOCAQEAo1t3
7cjsa5Ii7xft+HbQgd33W4O3zvyPFNvHtHOfMslLby+tVEFosPOdKkROmI/PiCfA
Bq3KW+EDzpoGmRDRAsa/4qxecjvlyohE8qkERaAqOxG7HCSoJXUND+axChyq0W/z
oDiHVVFoVZXgfK0W98m/0j1LN1pN0+5OrDFxft8gk5OIBA7jkfkRbLoR43icx/+2
5mqYpbe0+RImrFbUAsSWEuyBUzln71+8YxR2Ztu1QcKaQZQKsB/aN8I+b0ffC/4H
ImM2zodi23aHa2QiB8LyZH81Ou7JWHWbUk3PEjoLUAjONTp4FK8NaPv+FMaMHNw/
OcLjeUlnKkOgpxR+zw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:26 2023 by rpki-client on console.sobornost.net