Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/05BLrrO1T5XRwTgI2kaAqQ1PgtY.roa
File: 05BLrrO1T5XRwTgI2kaAqQ1PgtY.roa (raw, json)
Hash identifier: GoeDHK8RKTuyPQ+mzcj6VzqWPxLDR52AVbekBotTmnM=
Subject key identifier: D3:90:4B:AE:B3:B5:4F:95:D1:C1:38:08:DA:46:80:A9:0D:4F:82:D6
Certificate issuer: /CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Certificate serial: 0BD951DD
Authority key identifier: B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/05BLrrO1T5XRwTgI2kaAqQ1PgtY.roa
Signing time: Sat 01 Jan 2022 08:53:33 +0000
ROA not before: Sat 01 Jan 2022 08:53:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62055
IP address blocks: 89.38.44.0/23 maxlen: 24
89.38.44.0/24 maxlen: 24
89.38.40.0/21 maxlen: 24
89.38.40.0/22 maxlen: 22
89.38.46.0/23 maxlen: 23
185.48.192.0/22 maxlen: 22
188.215.85.0/24 maxlen: 24
188.215.84.0/22 maxlen: 22
188.215.80.0/23 maxlen: 24
188.215.82.0/23 maxlen: 23
188.215.86.0/23 maxlen: 23
2a01:98e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 198791645 (0xbd951dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Validity
Not Before: Jan 1 08:53:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d3904baeb3b54f95d1c13808da4680a90d4f82d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:71:42:54:f1:10:9a:23:96:ae:7b:00:3c:0c:
ff:b7:7f:df:33:68:68:01:7e:e9:75:86:d5:61:90:
3b:fb:d4:35:2e:74:d3:f6:76:82:95:b4:be:8a:a9:
f6:b3:3c:5a:a6:58:99:84:b5:6c:6e:04:90:3f:bf:
ca:1e:93:d9:c2:c2:7f:3a:61:61:93:35:21:2a:61:
38:d4:d1:e4:54:38:e7:e0:f5:7c:cc:0c:10:a2:7b:
37:c7:60:f1:60:49:82:3b:cc:dc:21:f4:c2:1f:ca:
3e:28:2a:06:22:42:51:85:30:68:1b:02:bc:b9:29:
79:27:67:51:2c:e0:03:ef:60:04:56:17:6e:0a:04:
67:9a:50:41:f0:54:80:e6:ae:ec:9f:be:cd:7b:96:
cb:6f:fc:6b:0d:4a:10:cf:32:f0:f3:3b:a0:97:00:
73:8b:38:40:f9:90:08:fa:58:e8:1e:af:0f:c4:f1:
d7:9b:32:8b:05:25:fc:ce:93:9a:7d:5a:2d:0a:56:
0a:ee:d3:4b:a2:3f:52:97:5e:b1:d5:c4:be:38:f9:
c0:5f:9c:d6:7c:d2:ed:b5:8c:e6:78:78:4f:49:d2:
c7:ac:00:e5:0f:fc:6f:a6:76:43:08:60:84:ce:fb:
f3:14:d8:47:e5:32:bd:b9:5c:d1:c8:ae:89:d9:ff:
f9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:90:4B:AE:B3:B5:4F:95:D1:C1:38:08:DA:46:80:A9:0D:4F:82:D6
X509v3 Authority Key Identifier:
keyid:B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/05BLrrO1T5XRwTgI2kaAqQ1PgtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/uMiqGHMPSoPihSxWklUau1se5-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.40.0/21
185.48.192.0/22
188.215.80.0/21
IPv6:
2a01:98e0::/32
Signature Algorithm: sha256WithRSAEncryption
80:2c:7e:0c:53:f5:89:ee:a4:f5:a2:53:20:9f:e1:d5:b9:44:
7c:dc:0f:e7:24:df:26:43:78:ce:45:d1:4d:26:ae:62:f5:99:
ac:12:8d:9a:f0:70:8c:cb:52:66:97:66:f0:64:96:85:01:55:
b4:69:43:3b:d2:24:6f:c9:83:36:83:0b:19:eb:22:dc:2f:41:
88:3e:7b:45:30:11:e0:61:f0:ba:10:5d:51:da:9a:c9:2f:3a:
d1:1d:2b:f9:09:d7:86:50:6d:92:e5:85:0b:9b:95:7b:2b:3e:
0a:5f:c0:2a:c5:59:83:02:07:47:5a:b2:76:78:4f:d9:0a:e7:
bb:c1:99:d9:a2:a1:dd:cc:cd:6c:3d:81:e1:e0:da:ae:bf:36:
1a:4d:fa:49:d9:bc:4e:2d:b8:d7:c4:e1:9e:46:94:98:b4:cb:
b2:86:29:dd:9c:11:8a:86:a4:e5:84:ef:3e:8a:8c:2d:a8:34:
ab:b3:c2:7d:b6:41:eb:dc:08:8e:93:29:92:56:0a:ca:7d:09:
c3:8a:8d:d9:11:c6:16:49:46:9a:65:35:f7:ec:ae:c5:0a:4d:
fd:65:73:93:d6:43:74:36:c1:6d:a9:76:6d:a0:44:4e:76:d9:
4e:f2:43:4b:19:19:b7:74:e3:78:28:08:05:86:b3:2e:38:ce:
2f:f6:07:3f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEC9lR3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OGM4YWExODczMGY0YTgzZTI4NTJjNTY5MjU1MWFiYjViMWVlN2VhMB4XDTIyMDEw
MTA4NTMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM5MDRiYWViM2I1
NGY5NWQxYzEzODA4ZGE0NjgwYTkwZDRmODJkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN9xQlTxEJojlq57ADwM/7d/3zNoaAF+6XWG1WGQO/vUNS50
0/Z2gpW0voqp9rM8WqZYmYS1bG4EkD+/yh6T2cLCfzphYZM1ISphONTR5FQ45+D1
fMwMEKJ7N8dg8WBJgjvM3CH0wh/KPigqBiJCUYUwaBsCvLkpeSdnUSzgA+9gBFYX
bgoEZ5pQQfBUgOau7J++zXuWy2/8aw1KEM8y8PM7oJcAc4s4QPmQCPpY6B6vD8Tx
15syiwUl/M6Tmn1aLQpWCu7TS6I/UpdesdXEvjj5wF+c1nzS7bWM5nh4T0nSx6wA
5Q/8b6Z2QwhghM778xTYR+Uyvblc0ciuidn/+fUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTTkEuus7VPldHBOAjaRoCpDU+C1jAfBgNVHSMEGDAWgBS4yKoYcw9Kg+KF
LFaSVRq7Wx7n6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VNaXFHSE1QU29QaWhTeFdrbFVhdTFzZTUtby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvYTk0OTkyLTU2NmItNGI2Zi1hNjg5LWE1NzYwNGEzZjZiYi8x
LzA1Qkxyck8xVDVYUndUZ0kya2FBcVExUGd0WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
YTk0OTkyLTU2NmItNGI2Zi1hNjg5LWE1NzYwNGEzZjZiYi8xL3VNaXFHSE1QU29Q
aWhTeFdrbFVhdTFzZTUtby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1kmKAMEArkwwAMEA7zXUDANBAIA
AjAHAwUAKgGY4DANBgkqhkiG9w0BAQsFAAOCAQEAgCx+DFP1ie6k9aJTIJ/h1blE
fNwP5yTfJkN4zkXRTSauYvWZrBKNmvBwjMtSZpdm8GSWhQFVtGlDO9Ikb8mDNoML
Gesi3C9BiD57RTAR4GHwuhBdUdqayS860R0r+QnXhlBtkuWFC5uVeys+Cl/AKsVZ
gwIHR1qydnhP2Qrnu8GZ2aKh3czNbD2B4eDarr82Gk36Sdm8Ti2418ThnkaUmLTL
soYp3ZwRioak5YTvPoqMLag0q7PCfbZB69wIjpMpklYKyn0Jw4qN2RHGFklGmmU1
9+yuxQpN/WVzk9ZDdDbBbal2baBETnbZTvJDSxkZt3TjeCgIBYazLjjOL/YHPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:27 2024 by rpki-client on console-ams.rpki-client.org