Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/sW-u4EyISAcWCUAzvjkCFvaz3BU.roa
File: sW-u4EyISAcWCUAzvjkCFvaz3BU.roa (raw, json)
Hash identifier: +TtBQ+UCstAyW27ZZzIAnV73ZkBcJ/u3NAKwS5iL07E=
Subject key identifier: B1:6F:AE:E0:4C:88:48:07:16:09:40:33:BE:39:02:16:F6:B3:DC:15
Certificate issuer: /CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Certificate serial: 0184A29E5792A967B3C4BB8BBC8D550B2EAF
Authority key identifier: 0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/sW-u4EyISAcWCUAzvjkCFvaz3BU.roa
Signing time: Wed 23 Nov 2022 03:53:16 +0000
ROA not before: Wed 23 Nov 2022 03:53:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41419
IP address blocks: 89.250.82.0/24 maxlen: 24
89.250.83.0/24 maxlen: 24
89.250.81.0/24 maxlen: 24
89.250.80.0/20 maxlen: 24
89.250.84.0/24 maxlen: 24
89.250.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a2:9e:57:92:a9:67:b3:c4:bb:8b:bc:8d:55:0b:2e:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0afe9d66655b5fd27b2c17ca9685650d53f3bb0a
Validity
Not Before: Nov 23 03:53:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b16faee04c88480716094033be390216f6b3dc15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:97:29:4e:12:5f:e0:38:8f:f7:ad:c2:3a:2c:
7b:f1:d6:99:ff:38:e1:c3:8f:09:0c:80:90:85:86:
18:5a:bf:e5:b4:07:f1:09:d0:d4:40:a0:f9:63:ae:
ec:aa:c6:a6:eb:a1:41:f5:e0:0a:17:fa:08:24:d5:
1c:81:ae:e1:a0:b6:5f:0e:91:e9:4e:91:fa:1e:d8:
9f:ac:4b:2d:63:a1:93:a3:f7:80:54:a4:b1:ca:51:
05:ab:e0:47:50:cd:ef:27:e9:8c:a8:0a:f4:2b:63:
78:2a:d7:b6:ca:5d:11:b0:f1:09:e3:67:25:e9:d3:
fe:31:42:5d:53:d5:6c:c5:48:02:3e:42:bc:fd:a1:
13:9a:19:42:58:bc:a2:7b:41:9d:56:73:0e:64:0b:
d0:6a:c2:00:7a:7b:9d:9c:e0:68:66:c3:1d:37:ef:
6a:8d:43:2d:37:f8:d9:75:31:e2:73:ea:20:62:50:
a6:da:b8:05:1f:33:5e:f4:2c:8b:cc:d8:b4:5a:ba:
d1:0a:1e:e6:5c:61:80:47:1f:b0:84:c6:be:bc:60:
2e:50:25:aa:f3:20:13:27:64:97:34:62:9d:8f:57:
08:df:c3:e1:c3:8a:4d:96:52:86:b3:9b:76:91:c6:
80:8b:4b:d6:ce:b5:2b:a0:56:23:d5:f7:45:e3:79:
36:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:6F:AE:E0:4C:88:48:07:16:09:40:33:BE:39:02:16:F6:B3:DC:15
X509v3 Authority Key Identifier:
keyid:0A:FE:9D:66:65:5B:5F:D2:7B:2C:17:CA:96:85:65:0D:53:F3:BB:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cv6dZmVbX9J7LBfKloVlDVPzuwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/sW-u4EyISAcWCUAzvjkCFvaz3BU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/81ef2d-ae66-4739-8deb-bdc248a6f565/1/Cv6dZmVbX9J7LBfKloVlDVPzuwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.250.80.0/20
Signature Algorithm: sha256WithRSAEncryption
42:ff:04:dd:d5:68:c6:0d:3d:2a:13:c7:ae:81:ea:c0:d2:32:
2c:1f:62:cf:30:d9:9b:15:a6:ba:09:0b:c4:c9:77:78:18:38:
db:6d:c2:34:a9:0f:63:74:87:4d:57:94:bb:a4:ba:0b:1f:b5:
82:85:1c:1b:6f:91:e1:d5:8c:60:7c:77:54:2c:bd:a6:dc:78:
e2:d4:cc:ac:8a:5d:76:f7:f6:e1:c3:34:fa:48:47:7b:fe:6b:
b5:ef:66:4f:8f:a5:7b:bd:44:08:01:ce:23:15:76:b7:bc:ba:
a8:65:cc:f2:4c:c8:67:22:93:5b:b3:3e:3b:6e:6f:3d:4b:ed:
5e:bd:0f:b1:f6:3c:fe:1f:73:dc:45:ec:33:8b:de:ab:42:0a:
b7:46:ca:16:38:34:13:ab:b3:9a:54:86:80:f4:82:9a:99:41:
85:e6:75:81:e6:cb:47:3e:0a:61:83:69:f3:b4:b7:e3:1c:72:
dc:d4:76:db:ba:4e:e6:d8:99:3e:57:02:70:b6:fc:11:5e:8e:
b7:db:e2:9a:5f:e8:28:00:db:04:51:39:98:68:f9:59:b2:d1:
aa:f9:9a:7f:59:a0:5c:0c:f9:c7:c2:64:79:3e:d8:89:39:08:
9e:58:9a:16:bc:00:74:d0:10:4e:f6:f7:ae:58:fe:6b:86:88:
5f:b8:2d:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSinleSqWezxLuLvI1VCy6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZmU5ZDY2NjU1YjVmZDI3YjJjMTdjYTk2ODU2NTBkNTNm
M2JiMGEwHhcNMjIxMTIzMDM1MzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTZmYWVlMDRjODg0ODA3MTYwOTQwMzNiZTM5MDIxNmY2YjNkYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspcpThJf4DiP963COix78daZ/zjh
w48JDICQhYYYWr/ltAfxCdDUQKD5Y67sqsam66FB9eAKF/oIJNUcga7hoLZfDpHp
TpH6HtifrEstY6GTo/eAVKSxylEFq+BHUM3vJ+mMqAr0K2N4Kte2yl0RsPEJ42cl
6dP+MUJdU9VsxUgCPkK8/aETmhlCWLyie0GdVnMOZAvQasIAenudnOBoZsMdN+9q
jUMtN/jZdTHic+ogYlCm2rgFHzNe9CyLzNi0WrrRCh7mXGGARx+whMa+vGAuUCWq
8yATJ2SXNGKdj1cI38Phw4pNllKGs5t2kcaAi0vWzrUroFYj1fdF43k2HwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLFvruBMiEgHFglAM745Ahb2s9wVMB8GA1UdIwQY
MBaAFAr+nWZlW1/SeywXypaFZQ1T87sKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWIt
YmRjMjQ4YTZmNTY1LzEvc1ctdTRFeUlTQWNXQ1VBenZqa0NGdmF6M0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84MWVmMmQtYWU2Ni00NzM5LThkZWItYmRjMjQ4YTZmNTY1
LzEvQ3Y2ZFptVmJYOUo3TEJmS2xvVmxEVlB6dXdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEWfpQMA0G
CSqGSIb3DQEBCwUAA4IBAQBC/wTd1WjGDT0qE8eugerA0jIsH2LPMNmbFaa6CQvE
yXd4GDjbbcI0qQ9jdIdNV5S7pLoLH7WChRwbb5Hh1YxgfHdULL2m3Hji1Mysil12
9/bhwzT6SEd7/mu172ZPj6V7vUQIAc4jFXa3vLqoZczyTMhnIpNbsz47bm89S+1e
vQ+x9jz+H3PcRewzi96rQgq3RsoWODQTq7OaVIaA9IKamUGF5nWB5stHPgphg2nz
tLfjHHLc1Hbbuk7m2Jk+VwJwtvwRXo632+KaX+goANsEUTmYaPlZstGq+Zp/WaBc
DPnHwmR5PtiJOQieWJoWvAB00BBO9veuWP5rhohfuC3E
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:19 2025 by rpki-client