Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8-TsRQ1FOCBbM-cC4v-SfjyjMjs.roa
File: 8-TsRQ1FOCBbM-cC4v-SfjyjMjs.roa (raw, json)
Hash identifier: 9XWmGf1ockuwEMuP5U3SKg7/a/aqQp/8xhWeXS2P0ks=
Subject key identifier: F3:E4:EC:45:0D:45:38:20:5B:33:E7:02:E2:FF:92:7E:3C:A3:32:3B
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01845D3373E93347610CE432F22D5C55AA2C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8-TsRQ1FOCBbM-cC4v-SfjyjMjs.roa
Signing time: Wed 09 Nov 2022 16:22:43 +0000
ROA not before: Wed 09 Nov 2022 16:22:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56871
IP address blocks: 89.45.92.0/24 maxlen: 24
89.45.93.0/24 maxlen: 24
185.104.196.0/22 maxlen: 22
89.42.233.0/24 maxlen: 24
89.42.232.0/24 maxlen: 24
188.213.233.0/24 maxlen: 24
86.104.132.0/23 maxlen: 23
89.44.100.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5d:33:73:e9:33:47:61:0c:e4:32:f2:2d:5c:55:aa:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 9 16:22:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3e4ec450d4538205b33e702e2ff927e3ca3323b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f3:36:3d:c9:89:7c:01:4c:c4:5b:d3:61:c4:
04:b0:52:dc:c7:aa:0f:d2:46:a8:eb:39:50:4c:04:
e6:20:3f:0d:aa:4e:3a:ab:a3:f5:71:a0:f3:70:de:
5e:48:8e:89:2e:f4:4c:56:ba:0e:97:3e:24:05:8e:
e4:b2:d2:29:6b:d5:b8:44:dd:0f:c5:02:ba:7f:62:
8d:23:3a:6b:9f:74:1d:db:22:d5:be:77:fa:0b:df:
2a:49:2f:e1:6e:02:b3:03:24:16:c4:b8:c4:ff:cb:
8d:ea:98:bd:5a:3e:c2:0e:a2:eb:5d:48:5b:ee:b4:
d4:b7:b1:77:00:8e:82:d7:87:26:f5:c6:39:0c:9f:
87:08:7a:ec:d3:30:fc:81:49:3b:c1:58:5e:84:e4:
b0:ca:3b:c0:b7:3e:2a:af:62:de:ae:02:7e:2f:96:
79:ef:71:15:d2:9f:34:54:f5:f8:d2:98:ff:af:f0:
d6:fd:82:00:bb:77:91:44:00:ec:c8:bb:0b:c3:30:
f3:9b:ef:c4:a8:1c:bb:aa:7e:1d:5c:aa:0d:e1:08:
f2:44:15:68:83:49:41:4c:e2:9e:1f:ad:1b:85:91:
26:82:b8:37:94:11:8f:d5:61:6d:a8:3f:a6:1a:9a:
07:59:b3:75:60:fe:9f:82:c0:9e:60:8e:0e:f0:ba:
b7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E4:EC:45:0D:45:38:20:5B:33:E7:02:E2:FF:92:7E:3C:A3:32:3B
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/8-TsRQ1FOCBbM-cC4v-SfjyjMjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.132.0/23
89.42.232.0/23
89.44.100.0/23
89.45.92.0/23
185.104.196.0/22
188.213.233.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:60:23:0e:01:a2:1b:77:25:e9:67:bd:32:86:f0:b0:cf:56:
61:b2:41:72:c6:14:14:f6:00:13:ef:6f:65:2c:4b:ce:a0:30:
28:7f:6c:af:91:35:85:0b:42:13:9b:14:9c:93:ba:71:ad:0d:
30:92:b1:41:10:fc:50:6e:aa:8e:64:14:f8:f8:eb:3d:37:71:
49:84:97:e5:d1:f5:40:6f:77:ea:c4:4b:9e:17:4f:00:93:b4:
df:40:f2:88:77:0e:fd:59:5a:e4:9d:72:39:b1:04:b9:31:30:
6e:03:99:b2:fd:06:44:c4:18:90:1e:dc:da:62:8a:5b:0a:b5:
2b:fd:4b:9d:77:a6:61:2a:5f:30:02:e5:97:c1:9b:c0:25:10:
6e:1c:83:54:3b:bc:75:e7:74:54:80:34:2a:0c:8c:30:2c:59:
c1:8e:86:c5:b3:8a:66:58:ce:3a:09:57:ee:a4:65:70:27:0e:
fc:fd:d0:fb:fe:1c:cf:de:5c:dd:dc:0b:da:a7:de:07:1a:3e:
5c:b2:f1:49:db:e2:e1:3f:5c:b8:a5:d1:03:26:99:a2:f5:98:
ce:ac:1c:c2:4c:62:7b:5d:b0:33:f1:9c:01:9b:2d:db:ad:32:
c4:58:30:20:b5:7c:9b:21:b5:e0:95:15:ca:5e:a6:1d:1e:ee:
79:10:b3:21
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYRdM3PpM0dhDOQy8i1cVaosMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMTA5MTYyMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2U0ZWM0NTBkNDUzODIwNWIzM2U3MDJlMmZmOTI3ZTNjYTMzMjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvM2PcmJfAFMxFvTYcQEsFLcx6oP
0kao6zlQTATmID8Nqk46q6P1caDzcN5eSI6JLvRMVroOlz4kBY7kstIpa9W4RN0P
xQK6f2KNIzprn3Qd2yLVvnf6C98qSS/hbgKzAyQWxLjE/8uN6pi9Wj7CDqLrXUhb
7rTUt7F3AI6C14cm9cY5DJ+HCHrs0zD8gUk7wVhehOSwyjvAtz4qr2LergJ+L5Z5
73EV0p80VPX40pj/r/DW/YIAu3eRRADsyLsLwzDzm+/EqBy7qn4dXKoN4QjyRBVo
g0lBTOKeH60bhZEmgrg3lBGP1WFtqD+mGpoHWbN1YP6fgsCeYI4O8Lq3HQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPPk7EUNRTggWzPnAuL/kn48ozI7MB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvOC1Uc1JRMUZPQ0JiTS1jQzR2LVNmanlqTWpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVmiEAwQB
WSroAwQBWSxkAwQBWS1cAwQCuWjEAwQAvNXpMA0GCSqGSIb3DQEBCwUAA4IBAQCM
YCMOAaIbdyXpZ70yhvCwz1ZhskFyxhQU9gAT729lLEvOoDAof2yvkTWFC0ITmxSc
k7pxrQ0wkrFBEPxQbqqOZBT4+Os9N3FJhJfl0fVAb3fqxEueF08Ak7TfQPKIdw79
WVrknXI5sQS5MTBuA5my/QZExBiQHtzaYopbCrUr/Uudd6ZhKl8wAuWXwZvAJRBu
HINUO7x153RUgDQqDIwwLFnBjobFs4pmWM46CVfupGVwJw78/dD7/hzP3lzd3Ava
p94HGj5csvFJ2+LhP1y4pdEDJpmi9ZjOrBzCTGJ7XbAz8ZwBmy3brTLEWDAgtXyb
IbXglRXKXqYdHu55ELMh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org