Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/1-8amvQ_v-TV4Ur0uH_fdHmy0tWI.roa
File: 1-8amvQ_v-TV4Ur0uH_fdHmy0tWI.roa (raw, json)
Hash identifier: db4BDjqArxpVQbqQV48oBVCObom3W3yEPYd20izY7XU=
Subject key identifier: FB:C6:A6:BD:0F:EF:F9:35:78:52:BD:2E:1F:F7:DD:1E:6C:B4:B5:62
Certificate issuer: /CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Certificate serial: 018625AD8909BADB56AF65C43D5F89BFC87E
Authority key identifier: BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/1-8amvQ_v-TV4Ur0uH_fdHmy0tWI.roa
Signing time: Mon 06 Feb 2023 07:42:55 +0000
ROA not before: Mon 06 Feb 2023 07:42:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 37480
IP address blocks: 80.89.179.0/24 maxlen: 24
80.89.176.0/24 maxlen: 24
80.89.178.0/24 maxlen: 24
80.89.177.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:25:ad:89:09:ba:db:56:af:65:c4:3d:5f:89:bf:c8:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Validity
Not Before: Feb 6 07:42:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fbc6a6bd0feff9357852bd2e1ff7dd1e6cb4b562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:07:92:3a:90:69:f5:ba:ae:a0:f0:b8:b2:fe:
b8:17:9f:f2:15:35:2e:9a:3f:58:ab:00:38:2b:6f:
ae:2e:c7:bf:50:65:7e:63:31:28:0b:c4:79:f7:cb:
8c:1a:fb:da:28:40:c5:31:4a:78:f9:de:b1:ea:cc:
9e:53:80:ca:3d:9f:ac:57:73:cb:64:89:06:bf:74:
8f:c8:c3:eb:f8:c3:db:87:95:ae:95:e8:39:fe:c5:
2e:19:77:1c:9f:27:20:29:0a:e4:2c:ab:b2:8d:d1:
56:5c:d2:eb:1d:a1:6c:b0:1d:0a:ea:cf:f8:5b:3f:
67:4f:6e:f4:8d:db:56:df:ba:6c:69:85:dc:e9:d0:
41:3d:eb:d8:9c:6e:f3:d0:6f:61:f2:50:ff:ee:af:
24:a6:8d:dc:16:9d:0a:07:5d:90:2a:06:ba:0d:2b:
75:56:dc:a1:4f:01:71:43:d9:ec:5e:05:95:48:b7:
42:eb:73:db:b7:ee:ae:c8:05:5c:db:93:12:47:0f:
f4:c8:8f:19:d2:5e:94:aa:49:cb:80:e7:fd:8d:c8:
b9:cd:48:3a:c0:d0:11:7f:04:30:25:f4:1e:3d:df:
4c:8e:7c:ea:0e:3e:d3:05:ef:96:10:3d:51:d5:a9:
e5:aa:66:7d:f6:f3:a2:eb:b5:8b:76:89:ba:72:fb:
1e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C6:A6:BD:0F:EF:F9:35:78:52:BD:2E:1F:F7:DD:1E:6C:B4:B5:62
X509v3 Authority Key Identifier:
keyid:BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/1-8amvQ_v-TV4Ur0uH_fdHmy0tWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.176.0/22
Signature Algorithm: sha256WithRSAEncryption
53:58:20:e7:8a:07:3a:cf:4f:29:39:e7:a2:3f:d6:2f:f4:ed:
c0:85:fc:a6:7b:6d:30:11:ef:d4:ac:15:bb:17:32:8c:04:b7:
4b:7e:81:80:c0:72:d9:90:24:e6:67:29:76:70:b1:b8:69:78:
2e:24:4f:1f:fe:d8:19:22:7d:17:4e:f4:87:ce:7b:7c:c9:9a:
35:4b:1c:90:f8:60:10:51:99:17:d9:33:c7:7a:12:45:cc:ed:
33:96:8f:92:1b:7d:89:ed:2b:20:2d:cf:2a:90:1f:d5:93:e7:
f9:19:ea:eb:ef:27:a0:17:09:c6:4f:3d:1b:7c:63:d6:25:3e:
5e:02:ea:56:c4:1c:07:1d:56:1c:3c:21:fd:19:18:e3:b0:71:
98:b1:54:c2:28:11:31:88:77:23:31:0e:29:f9:9c:7a:14:ae:
c3:15:8d:96:24:45:e8:c6:e8:4e:05:d3:99:b0:7f:81:ee:7f:
91:c1:af:73:af:30:e3:7f:bb:93:06:65:db:46:bf:1c:4b:d6:
ca:95:b5:e6:1f:d9:8a:38:02:3f:08:a2:ee:9a:c4:52:76:d0:
07:f0:66:d3:43:ef:94:df:6a:40:97:82:a2:3e:ee:01:c2:ac:
69:52:0d:98:79:1c:c5:1d:22:52:15:61:0c:21:c7:eb:6e:f0:
c5:81:fa:6d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYYlrYkJuttWr2XEPV+Jv8h+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGU2ZWRkMjZlZjFiMTZkODQ4ZTk4MTMwZTZmYzQ0NTBi
MzI3NTIwHhcNMjMwMjA2MDc0MjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmM2YTZiZDBmZWZmOTM1Nzg1MmJkMmUxZmY3ZGQxZTZjYjRiNTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQeSOpBp9bquoPC4sv64F5/yFTUu
mj9YqwA4K2+uLse/UGV+YzEoC8R598uMGvvaKEDFMUp4+d6x6syeU4DKPZ+sV3PL
ZIkGv3SPyMPr+MPbh5Wuleg5/sUuGXccnycgKQrkLKuyjdFWXNLrHaFssB0K6s/4
Wz9nT270jdtW37psaYXc6dBBPevYnG7z0G9h8lD/7q8kpo3cFp0KB12QKga6DSt1
VtyhTwFxQ9nsXgWVSLdC63Pbt+6uyAVc25MSRw/0yI8Z0l6UqknLgOf9jci5zUg6
wNARfwQwJfQePd9MjnzqDj7TBe+WED1R1anlqmZ99vOi67WLdom6cvsecQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPvGpr0P7/k1eFK9Lh/33R5stLViMB8GA1UdIwQY
MBaAFL1Obt0m7xsW2EjpgTDm/ERQsydSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlU1dTNTYnZHeGJZU09tQk1PYjhSRkN6SjFJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hY2UzNzMtYjgxYi00MDBjLTg0NWMt
OTYyOGY1MjY2NTQyLzEvMS04YW12UV92LVRWNFVyMHVIX2ZkSG15MHRXSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzMvYWNlMzczLWI4MWItNDAwYy04NDVjLTk2MjhmNTI2NjU0
Mi8xL3ZVNXUzU2J2R3hiWVNPbUJNT2I4UkZDekoxSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlBZsDAN
BgkqhkiG9w0BAQsFAAOCAQEAU1gg54oHOs9PKTnnoj/WL/TtwIX8pnttMBHv1KwV
uxcyjAS3S36BgMBy2ZAk5mcpdnCxuGl4LiRPH/7YGSJ9F070h857fMmaNUsckPhg
EFGZF9kzx3oSRcztM5aPkht9ie0rIC3PKpAf1ZPn+Rnq6+8noBcJxk89G3xj1iU+
XgLqVsQcBx1WHDwh/RkY47BxmLFUwigRMYh3IzEOKfmcehSuwxWNliRF6MboTgXT
mbB/ge5/kcGvc68w43+7kwZl20a/HEvWypW15h/ZijgCPwii7prEUnbQB/Bm00Pv
lN9qQJeCoj7uAcKsaVINmHkcxR0iUhVhDCHH627wxYH6bQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:23 2025 by rpki-client