Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ioRfmEX2LYaRq1jKIcapE2reKMU.roa
File: ioRfmEX2LYaRq1jKIcapE2reKMU.roa (raw, json)
Hash identifier: IJ14sfj3mwcEYpF6JssXSTbaR5Ro+naqO0KYSshsTvk=
Subject key identifier: 8A:84:5F:98:45:F6:2D:86:91:AB:58:CA:21:C6:A9:13:6A:DE:28:C5
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0BDDD08F
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ioRfmEX2LYaRq1jKIcapE2reKMU.roa
Signing time: Fri 11 Feb 2022 15:04:09 +0000
ROA not before: Fri 11 Feb 2022 15:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12695
IP address blocks: 89.43.44.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.43.45.0/24 maxlen: 24
89.43.73.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
85.204.78.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.113.203.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199086223 (0xbddd08f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Feb 11 15:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a845f9845f62d8691ab58ca21c6a9136ade28c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dd:18:b6:d5:d2:e4:c5:b3:5c:70:72:bd:eb:
c3:c5:33:76:5a:99:9d:27:62:bd:4d:29:cc:26:2d:
dd:06:46:29:d3:50:6e:bd:70:0a:c8:70:bf:dd:da:
29:b0:d6:d0:3a:e9:34:29:98:b4:9f:23:b2:e4:37:
43:04:a5:38:f0:3b:33:05:71:47:e6:f6:50:05:bc:
41:ee:87:da:6b:0e:50:38:ce:cf:17:c6:84:5b:6f:
be:04:f3:d4:32:18:a8:35:f5:fe:a5:c0:89:05:58:
1c:4f:51:61:49:bb:27:7b:5b:2c:1a:ac:61:0e:e7:
22:48:a2:82:8d:89:4a:5c:27:46:8b:30:ac:4d:48:
6c:e3:31:2b:65:33:bd:2c:f1:28:6b:eb:91:fb:77:
93:00:43:0b:bb:00:4b:5a:05:b4:1b:38:00:3a:16:
b8:aa:18:d9:84:fe:b5:44:e5:17:43:f9:b8:de:f3:
cd:5e:f2:cc:60:cc:4a:a2:20:d9:07:65:2d:8c:fb:
8a:17:1b:3a:f6:4f:ba:ce:12:7d:65:e4:dd:70:05:
9e:a0:bf:72:65:04:6c:a1:46:75:3f:f1:0e:84:ff:
7d:86:f4:8d:19:c8:54:5b:08:d2:4c:31:11:2d:31:
81:de:df:dd:90:61:a5:d7:bc:1d:90:c3:98:0a:7a:
bb:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:84:5F:98:45:F6:2D:86:91:AB:58:CA:21:C6:A9:13:6A:DE:28:C5
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ioRfmEX2LYaRq1jKIcapE2reKMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.78.0/24
86.106.80.0/24
89.43.44.0/23
89.43.73.0/24
89.45.34.0/24
93.113.203.0/24
93.114.171.0/24
188.240.14.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:fe:9a:46:d9:64:6b:c2:e7:79:e3:ca:65:a6:cb:ea:a3:d0:
d3:5f:73:23:13:2e:1b:2d:36:19:3a:00:8b:b8:9c:dd:e5:47:
76:23:13:30:53:5b:dc:1c:b0:4d:1c:ae:e7:af:03:93:85:10:
af:c1:dd:4d:80:45:f3:9a:25:49:77:91:6b:48:ff:3e:02:30:
62:c8:99:f1:15:50:fd:70:6b:9d:47:14:b6:3c:4e:7f:fd:4a:
35:08:84:be:19:ec:0c:40:8c:49:65:d3:81:bd:d7:93:cd:86:
b2:18:f0:da:d6:89:c7:0a:b8:8f:47:fb:1c:2a:c3:df:42:02:
bf:11:b0:ad:e5:41:8f:99:7f:22:4f:b5:d3:49:21:0d:85:92:
1b:0c:45:09:9a:34:ee:03:6f:e9:b6:80:f6:a3:d2:01:a5:07:
1c:97:a7:a1:8c:f3:96:a4:3f:82:35:3e:41:c7:d7:9f:16:f7:
3e:df:b8:18:70:5b:4d:6d:e1:bf:19:c2:bd:ed:f8:70:58:45:
4b:df:fe:4f:dc:bb:b9:b3:e6:06:80:6e:a8:14:c6:4b:97:a9:
67:9c:42:c0:5f:bd:1c:8d:1b:9b:2d:af:be:c4:a8:26:07:74:
e5:e9:ff:69:bf:23:b8:b7:3e:0f:df:5f:06:64:ad:19:77:fb:
06:5b:73:0a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEC93QjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDIx
MTE1MDQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE4NDVmOTg0NWY2
MmQ4NjkxYWI1OGNhMjFjNmE5MTM2YWRlMjhjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjdGLbV0uTFs1xwcr3rw8UzdlqZnSdivU0pzCYt3QZGKdNQ
br1wCshwv93aKbDW0DrpNCmYtJ8jsuQ3QwSlOPA7MwVxR+b2UAW8Qe6H2msOUDjO
zxfGhFtvvgTz1DIYqDX1/qXAiQVYHE9RYUm7J3tbLBqsYQ7nIkiigo2JSlwnRosw
rE1IbOMxK2UzvSzxKGvrkft3kwBDC7sAS1oFtBs4ADoWuKoY2YT+tUTlF0P5uN7z
zV7yzGDMSqIg2QdlLYz7ihcbOvZPus4SfWXk3XAFnqC/cmUEbKFGdT/xDoT/fYb0
jRnIVFsI0kwxES0xgd7f3ZBhpde8HZDDmAp6u58CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSKhF+YRfYthpGrWMohxqkTat4oxTAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L2lvUmZtRVgyTFlhUnExaktJY2FwRTJyZUtNVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAFXMTgMEAFZqUAMEAVkrLAMEAFkr
SQMEAFktIgMEAF1xywMEAF1yqwMEALzwDjANBgkqhkiG9w0BAQsFAAOCAQEAD/6a
Rtlka8LneePKZabL6qPQ019zIxMuGy02GToAi7ic3eVHdiMTMFNb3BywTRyu568D
k4UQr8HdTYBF85olSXeRa0j/PgIwYsiZ8RVQ/XBrnUcUtjxOf/1KNQiEvhnsDECM
SWXTgb3Xk82Gshjw2taJxwq4j0f7HCrD30ICvxGwreVBj5l/Ik+100khDYWSGwxF
CZo07gNv6baA9qPSAaUHHJenoYzzlqQ/gjU+QcfXnxb3Pt+4GHBbTW3hvxnCve34
cFhFS9/+T9y7ubPmBoBuqBTGS5epZ5xCwF+9HI0bmy2vvsSoJgd05en/ab8juLc+
D99fBmStGXf7BltzCg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org