Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/iigrxOBpwitMKCgVNBJFLo9bkDM.roa
File: iigrxOBpwitMKCgVNBJFLo9bkDM.roa (raw, json)
Hash identifier: +Po3nEtUcY5+xiK7gADmeXzlMyaw+XtJrxgp024z7mE=
Subject key identifier: 8A:28:2B:C4:E0:69:C2:2B:4C:28:28:15:34:12:45:2E:8F:5B:90:33
Certificate issuer: /CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Certificate serial: 0889E41C
Authority key identifier: 6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/iigrxOBpwitMKCgVNBJFLo9bkDM.roa
Signing time: Sat 01 Jan 2022 13:01:42 +0000
ROA not before: Sat 01 Jan 2022 13:01:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34240
IP address blocks: 217.11.48.0/20 maxlen: 20
89.238.64.0/18 maxlen: 18
2.59.84.0/22 maxlen: 22
89.238.80.0/24 maxlen: 24
89.238.85.0/24 maxlen: 24
85.116.192.0/19 maxlen: 19
2a00:1828::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143254556 (0x889e41c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Validity
Not Before: Jan 1 13:01:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a282bc4e069c22b4c2828153412452e8f5b9033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d7:e3:ee:86:05:a6:8a:01:28:a6:ad:a8:7e:
b2:6d:2b:ab:86:03:c9:aa:19:e7:b9:33:e5:c3:5e:
a8:f0:07:7b:75:04:dc:08:b9:56:99:1a:2c:8e:cf:
77:32:0c:5c:9e:58:45:90:26:fc:49:d1:fa:e0:1c:
47:9a:95:82:1b:6e:24:6e:f9:3d:19:b3:25:a1:6d:
a2:32:08:d8:4b:85:56:5a:cd:84:4f:d8:68:b8:42:
bf:9a:d5:01:3d:bf:cd:54:3c:57:4b:db:01:04:66:
b4:e8:f8:ec:00:e0:01:01:d2:74:e1:82:6c:d9:99:
6c:d5:8a:a1:2c:10:7f:44:42:97:86:0d:d8:a4:9c:
ac:d6:98:b2:60:c2:ff:04:ae:b0:d5:ad:86:0c:6c:
44:8f:08:f4:ca:08:08:b8:c4:e3:db:ba:d7:4d:29:
4c:df:e1:94:a3:fd:9c:2d:c4:77:60:1e:c0:89:e2:
02:e6:4d:14:f3:c8:a2:1a:1b:b1:16:88:ff:69:61:
83:a2:e4:dd:bf:5d:b5:86:36:a8:d1:3c:dc:f1:22:
5d:59:bd:7e:ed:0d:45:ad:e3:e7:9b:dc:43:d6:40:
55:68:63:f2:15:68:b7:f2:47:ba:19:af:53:8b:1c:
f0:5d:c1:db:2e:6a:ea:ff:1b:e8:93:30:39:84:c9:
5f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:28:2B:C4:E0:69:C2:2B:4C:28:28:15:34:12:45:2E:8F:5B:90:33
X509v3 Authority Key Identifier:
keyid:6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/iigrxOBpwitMKCgVNBJFLo9bkDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.84.0/22
85.116.192.0/19
89.238.64.0/18
217.11.48.0/20
IPv6:
2a00:1828::/32
Signature Algorithm: sha256WithRSAEncryption
b8:95:42:70:24:20:90:bf:fe:51:9e:93:5b:32:fa:cf:99:7f:
0d:4f:70:16:e4:ec:e2:56:fb:15:4f:ad:2a:2d:c3:9e:a0:4d:
87:a5:cd:21:1b:36:c3:5f:4f:87:47:15:7a:a7:70:85:b2:45:
25:45:b8:ca:11:74:e6:11:e4:74:2a:6d:45:d1:9e:cc:60:25:
bd:f3:16:49:c3:f0:1b:fc:a8:40:8a:bc:7a:7a:d0:21:69:f4:
fa:fc:85:5d:dc:51:1b:f9:63:c7:30:96:78:38:83:44:25:e8:
37:ab:8b:27:4b:58:77:50:ab:d0:0a:f4:9a:fa:e7:3e:7d:45:
e9:04:2b:9a:83:1a:19:89:88:3b:ca:a2:8a:ea:0b:40:44:bd:
c2:90:ed:1b:d2:41:84:d4:5d:03:2e:81:dd:31:7e:24:e3:3e:
c5:92:df:3b:d7:41:e0:aa:7c:36:5e:77:ac:28:16:c1:c6:40:
3d:63:e2:77:24:a0:f2:9c:c3:35:6c:01:06:a2:61:bb:fe:64:
7e:7d:df:eb:b5:6b:b8:a1:5c:a2:db:63:bf:ae:83:5e:3b:4e:
69:cf:72:e9:02:d0:53:be:86:f9:58:c3:5c:18:85:0f:e6:da:
7c:55:4d:66:43:fd:10:50:73:48:f4:2c:81:61:50:7d:df:b3:
ec:9e:8a:19
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECInkHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZWQwMzkyYWM3NjYwYmQxNDYwZmExZDUwMzFkMTg0MGQwMWI5NDEyMB4XDTIyMDEw
MTEzMDE0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGEyODJiYzRlMDY5
YzIyYjRjMjgyODE1MzQxMjQ1MmU4ZjViOTAzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDX4+6GBaaKASimrah+sm0rq4YDyaoZ57kz5cNeqPAHe3UE
3Ai5VpkaLI7PdzIMXJ5YRZAm/EnR+uAcR5qVghtuJG75PRmzJaFtojII2EuFVlrN
hE/YaLhCv5rVAT2/zVQ8V0vbAQRmtOj47ADgAQHSdOGCbNmZbNWKoSwQf0RCl4YN
2KScrNaYsmDC/wSusNWthgxsRI8I9MoICLjE49u6100pTN/hlKP9nC3Ed2AewIni
AuZNFPPIohobsRaI/2lhg6Lk3b9dtYY2qNE83PEiXVm9fu0NRa3j55vcQ9ZAVWhj
8hVot/JHuhmvU4sc8F3B2y5q6v8b6JMwOYTJXyECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSKKCvE4GnCK0woKBU0EkUuj1uQMzAfBgNVHSMEGDAWgBRu0Dkqx2YL0UYP
odUDHRhA0BuUEjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2J0QTVLc2RtQzlGR0Q2SFZBeDBZUU5BYmxCSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvNzhlMDNjLWM5YzctNGM4NS1iZmRkLWU4YmFmOWZmYWRmOC8x
L2lpZ3J4T0Jwd2l0TUtDZ1ZOQkpGTG85YmtETS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
NzhlMDNjLWM5YzctNGM4NS1iZmRkLWU4YmFmOWZmYWRmOC8xL2J0QTVLc2RtQzlG
R0Q2SFZBeDBZUU5BYmxCSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAgI7VAMEBVV0wAMEBlnuQAMEBNkL
MDANBAIAAjAHAwUAKgAYKDANBgkqhkiG9w0BAQsFAAOCAQEAuJVCcCQgkL/+UZ6T
WzL6z5l/DU9wFuTs4lb7FU+tKi3DnqBNh6XNIRs2w19Ph0cVeqdwhbJFJUW4yhF0
5hHkdCptRdGezGAlvfMWScPwG/yoQIq8enrQIWn0+vyFXdxRG/ljxzCWeDiDRCXo
N6uLJ0tYd1Cr0Ar0mvrnPn1F6QQrmoMaGYmIO8qiiuoLQES9wpDtG9JBhNRdAy6B
3TF+JOM+xZLfO9dB4Kp8Nl53rCgWwcZAPWPidySg8pzDNWwBBqJhu/5kfn3f67Vr
uKFcottjv66DXjtOac9y6QLQU76G+VjDXBiFD+bafFVNZkP9EFBzSPQsgWFQfd+z
7J6KGQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:51 2024 by rpki-client on console-ams.rpki-client.org