Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/eHcdYjJSU4DKS7VZOXWtJ2sfiaY.roa
File: eHcdYjJSU4DKS7VZOXWtJ2sfiaY.roa (raw, json)
Hash identifier: N8WEHUbadGCS6FOI2P3Q+2WKCmIXb5FKl71gssT8r5M=
Subject key identifier: 78:77:1D:62:32:52:53:80:CA:4B:B5:59:39:75:AD:27:6B:1F:89:A6
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018281985E6E5AB12FF8CEF4820DCD7D05EF
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/eHcdYjJSU4DKS7VZOXWtJ2sfiaY.roa
Signing time: Tue 09 Aug 2022 07:53:42 +0000
ROA not before: Tue 09 Aug 2022 07:53:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50889
IP address blocks: 217.199.209.0/24 maxlen: 24
217.199.222.0/24 maxlen: 24
89.248.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:81:98:5e:6e:5a:b1:2f:f8:ce:f4:82:0d:cd:7d:05:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Aug 9 07:53:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=78771d6232525380ca4bb5593975ad276b1f89a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:86:59:42:a6:7e:6f:bd:03:3b:98:c9:5f:55:
c3:f2:93:15:b7:97:e7:01:d7:5b:4c:1e:42:10:ac:
9d:0b:cc:b3:b2:75:ab:c0:76:55:0d:5e:40:80:8a:
aa:6d:21:02:c3:40:c6:7f:38:24:63:17:df:4f:70:
5d:7a:de:f8:45:72:e6:cc:85:49:54:c2:3e:76:e6:
ca:e3:87:1e:c0:9a:1d:82:12:4d:1f:58:c5:04:35:
4c:1e:21:04:9d:c5:f2:b8:35:b0:dd:99:3c:62:56:
8e:bd:5b:c4:4f:29:a8:94:4a:29:a4:d7:9c:66:1e:
3f:96:ce:58:4c:fa:e2:6f:10:0c:e4:be:73:52:88:
de:b8:65:e0:aa:17:15:63:b7:6e:f4:1d:e0:0a:45:
7d:a6:66:cd:33:a6:4c:b0:4e:50:95:61:cb:a5:88:
cf:ed:eb:e0:c7:88:1d:e0:b7:64:20:94:5a:3b:0a:
fa:34:8d:d6:d0:cb:17:fa:53:a5:e4:39:9b:06:db:
81:d1:2f:99:c6:30:82:b5:e4:d4:e5:b1:14:6b:19:
d5:d5:94:05:d4:42:6e:96:35:8f:65:87:74:a9:6f:
7a:95:ef:fd:48:68:e1:ba:6b:e6:ab:65:fe:8e:2c:
65:9d:21:e3:04:d2:ee:89:cd:29:90:a0:5b:ee:67:
97:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:77:1D:62:32:52:53:80:CA:4B:B5:59:39:75:AD:27:6B:1F:89:A6
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/eHcdYjJSU4DKS7VZOXWtJ2sfiaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.237.0/24
217.199.209.0/24
217.199.222.0/24
Signature Algorithm: sha256WithRSAEncryption
01:68:dc:28:6b:74:2b:f8:ae:bc:09:3b:73:9e:46:51:e1:13:
89:1d:ec:52:6a:ab:0d:f7:be:5a:bf:b1:bb:d3:85:50:11:04:
06:d7:4e:33:3d:04:f4:cc:ba:ed:90:b3:ca:3b:20:96:fb:6e:
6f:c4:1e:99:0d:ce:5b:a8:2a:b9:96:7d:99:fd:ef:a8:9d:d6:
82:ec:29:03:d5:b2:59:8d:86:bc:a0:62:ff:f9:ca:b8:62:3a:
c4:e7:ee:3a:cd:66:5d:51:27:32:a6:24:b7:be:ff:34:92:87:
6f:44:3a:f9:8e:7d:03:39:c8:f9:0b:c0:db:16:a6:8f:42:3c:
57:c1:5d:70:14:ba:80:ad:28:38:89:d0:c6:eb:3e:0e:2d:79:
f2:98:54:e4:87:78:bc:a1:70:2d:d5:8f:f4:6d:5e:3d:ce:d8:
b7:57:29:98:ad:21:3e:c8:00:a0:28:ef:b8:dc:a2:9a:97:4d:
2a:63:a1:9d:7f:12:db:14:08:c7:94:f3:29:39:a6:64:8e:af:
99:cb:eb:15:63:1e:db:8a:12:ba:b7:24:ec:21:b0:0c:63:2d:
50:8a:fd:d4:f2:0b:5a:8a:10:5c:af:15:d0:e2:dd:5a:1f:01:
5f:a9:15:05:01:da:77:b5:89:80:32:7d:37:c5:9b:c0:b0:d2:
58:75:d6:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKBmF5uWrEv+M70gg3NfQXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjIwODA5MDc1MzQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODc3MWQ2MjMyNTI1MzgwY2E0YmI1NTkzOTc1YWQyNzZiMWY4OWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIZZQqZ+b70DO5jJX1XD8pMVt5fn
AddbTB5CEKydC8yzsnWrwHZVDV5AgIqqbSECw0DGfzgkYxffT3Bdet74RXLmzIVJ
VMI+dubK44cewJodghJNH1jFBDVMHiEEncXyuDWw3Zk8YlaOvVvETymolEoppNec
Zh4/ls5YTPribxAM5L5zUojeuGXgqhcVY7du9B3gCkV9pmbNM6ZMsE5QlWHLpYjP
7evgx4gd4LdkIJRaOwr6NI3W0MsX+lOl5DmbBtuB0S+ZxjCCteTU5bEUaxnV1ZQF
1EJuljWPZYd0qW96le/9SGjhumvmq2X+jixlnSHjBNLuic0pkKBb7meXqwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHh3HWIyUlOAyku1WTl1rSdrH4mmMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvZUhjZFlqSlNVNERLUzdWWk9YV3RKMnNmaWFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfjtAwQA
2cfRAwQA2cfeMA0GCSqGSIb3DQEBCwUAA4IBAQABaNwoa3Qr+K68CTtznkZR4ROJ
HexSaqsN975av7G704VQEQQG104zPQT0zLrtkLPKOyCW+25vxB6ZDc5bqCq5ln2Z
/e+ondaC7CkD1bJZjYa8oGL/+cq4YjrE5+46zWZdUScypiS3vv80kodvRDr5jn0D
Ocj5C8DbFqaPQjxXwV1wFLqArSg4idDG6z4OLXnymFTkh3i8oXAt1Y/0bV49zti3
VymYrSE+yACgKO+43KKal00qY6GdfxLbFAjHlPMpOaZkjq+Zy+sVYx7bihK6tyTs
IbAMYy1Qiv3U8gtaihBcrxXQ4t1aHwFfqRUFAdp3tYmAMn03xZvAsNJYddbn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:10 2025 by rpki-client