Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/irKbYNdGePrkHxsQFt1KweZ2v9I.roa
File: irKbYNdGePrkHxsQFt1KweZ2v9I.roa (raw, json)
Hash identifier: 7YRZU2U34fw7zKVj2ukYmuPhRjCTBqqQmp61FaAleWk=
Subject key identifier: 8A:B2:9B:60:D7:46:78:FA:E4:1F:1B:10:16:DD:4A:C1:E6:76:BF:D2
Certificate issuer: /CN=d0b904df5eec2216b343016c5cb24bb90a43d3a4
Certificate serial: 171B202A
Authority key identifier: D0:B9:04:DF:5E:EC:22:16:B3:43:01:6C:5C:B2:4B:B9:0A:43:D3:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LkE317sIhazQwFsXLJLuQpD06Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/irKbYNdGePrkHxsQFt1KweZ2v9I.roa
Signing time: Wed 16 Mar 2022 09:03:14 +0000
ROA not before: Wed 16 Mar 2022 09:03:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210139
IP address blocks: 89.190.32.0/21 maxlen: 21
89.190.39.0/24 maxlen: 24
185.73.160.0/22 maxlen: 22
2a05:43c0::/29 maxlen: 29
2a05:43c2::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 387653674 (0x171b202a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b904df5eec2216b343016c5cb24bb90a43d3a4
Validity
Not Before: Mar 16 09:03:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ab29b60d74678fae41f1b1016dd4ac1e676bfd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9d:02:90:60:01:b4:c4:90:c9:61:ea:1f:23:
8e:fb:77:7e:6e:16:a8:56:6c:bd:ff:e5:36:a2:9f:
3b:59:14:24:1a:77:ab:1c:46:d3:41:62:6f:52:68:
d2:15:c0:e7:ea:08:f5:0d:77:f3:ba:d4:b8:0e:f1:
66:ac:4a:9c:d6:71:11:84:7e:23:ad:cc:e1:32:37:
1d:4e:d8:0a:f1:f7:9e:2f:aa:d2:be:60:1b:cf:a2:
92:49:39:5f:bb:83:18:19:9a:b5:f0:e5:ae:cf:37:
d8:71:84:8c:b8:1d:2f:7c:c5:c8:ec:73:77:fa:23:
47:fb:bd:b9:47:bb:69:fb:d0:12:95:fa:cd:5b:c7:
00:17:4a:48:a8:e2:99:2c:22:18:f8:c6:7c:b9:95:
fb:b7:20:14:82:82:b7:62:ea:35:28:77:cc:56:9a:
a1:42:ec:5a:e2:eb:13:d1:ff:1c:65:df:e3:bb:6a:
d9:8c:64:be:fd:1b:82:b2:b7:0e:48:39:29:0d:48:
54:44:92:ff:41:ec:6e:ca:a4:8c:44:8b:9f:ad:25:
e7:32:10:ec:3c:68:1c:22:eb:bd:1f:1d:7d:cc:75:
90:a0:42:0f:37:80:11:f9:0f:55:6a:c1:af:98:5b:
dd:4a:6f:30:dc:d3:b1:73:44:8f:bd:5b:7e:c1:ef:
ae:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B2:9B:60:D7:46:78:FA:E4:1F:1B:10:16:DD:4A:C1:E6:76:BF:D2
X509v3 Authority Key Identifier:
keyid:D0:B9:04:DF:5E:EC:22:16:B3:43:01:6C:5C:B2:4B:B9:0A:43:D3:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LkE317sIhazQwFsXLJLuQpD06Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/irKbYNdGePrkHxsQFt1KweZ2v9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/6a7c93-87b4-4a4c-a21e-41a84f419ac5/1/0LkE317sIhazQwFsXLJLuQpD06Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.190.32.0/21
185.73.160.0/22
IPv6:
2a05:43c0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:b4:05:cd:da:13:88:cb:c2:44:2b:c6:d1:54:e2:0e:7d:67:
ab:18:18:c2:e3:1e:13:89:e7:ac:63:63:de:7b:1b:33:25:33:
a2:03:9e:2f:50:4e:78:64:d3:df:f2:89:9d:6a:2c:03:53:fc:
68:fb:f1:42:3b:65:f1:e1:0e:92:a3:b8:f8:ca:ea:2c:3d:1a:
d0:73:d2:92:8b:b4:ef:95:39:f6:49:5a:00:43:1a:ce:9b:e8:
81:04:7e:a0:46:29:b4:54:6a:9f:77:35:e3:b6:8c:98:50:f8:
b0:62:4e:62:89:15:b5:9d:84:2c:63:7d:90:c8:43:b4:d6:7e:
af:6f:00:d7:d2:1b:df:0f:4d:69:cd:de:ff:0d:54:76:6a:22:
ba:1e:43:a8:d6:e9:53:77:cd:33:0c:36:1a:45:6b:4e:6a:05:
8f:3e:3d:fe:f0:0b:09:cb:fe:92:24:99:13:35:1f:45:7d:8f:
a1:2e:bc:94:10:60:4d:91:56:07:08:56:d3:34:f9:09:61:8c:
79:27:13:de:7a:44:89:00:d3:82:04:4b:fb:65:11:ce:b5:28:
3c:5e:d7:40:bc:dd:b0:f9:0f:a6:a1:96:25:df:6c:89:f8:cd:
d2:f7:66:a8:6c:0d:3f:67:74:9a:3c:9c:c2:40:a4:6e:0f:3b:
61:3b:e4:82
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEFxsgKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGI5MDRkZjVlZWMyMjE2YjM0MzAxNmM1Y2IyNGJiOTBhNDNkM2E0MB4XDTIyMDMx
NjA5MDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFiMjliNjBkNzQ2
NzhmYWU0MWYxYjEwMTZkZDRhYzFlNjc2YmZkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCdApBgAbTEkMlh6h8jjvt3fm4WqFZsvf/lNqKfO1kUJBp3
qxxG00Fib1Jo0hXA5+oI9Q1387rUuA7xZqxKnNZxEYR+I63M4TI3HU7YCvH3ni+q
0r5gG8+ikkk5X7uDGBmatfDlrs832HGEjLgdL3zFyOxzd/ojR/u9uUe7afvQEpX6
zVvHABdKSKjimSwiGPjGfLmV+7cgFIKCt2LqNSh3zFaaoULsWuLrE9H/HGXf47tq
2Yxkvv0bgrK3Dkg5KQ1IVESS/0HsbsqkjESLn60l5zIQ7DxoHCLrvR8dfcx1kKBC
DzeAEfkPVWrBr5hb3UpvMNzTsXNEj71bfsHvrkECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSKsptg10Z4+uQfGxAW3UrB5na/0jAfBgNVHSMEGDAWgBTQuQTfXuwiFrND
AWxcsku5CkPTpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBMa0UzMTdzSWhhelF3RnNYTEpMdVFwRDA2US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvNmE3YzkzLTg3YjQtNGE0Yy1hMjFlLTQxYTg0ZjQxOWFjNS8x
L2lyS2JZTmRHZVBya0h4c1FGdDFLd2VaMnY5SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
NmE3YzkzLTg3YjQtNGE0Yy1hMjFlLTQxYTg0ZjQxOWFjNS8xLzBMa0UzMTdzSWhh
elF3RnNYTEpMdVFwRDA2US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA1m+IAMEArlJoDANBAIAAjAHAwUD
KgVDwDANBgkqhkiG9w0BAQsFAAOCAQEAW7QFzdoTiMvCRCvG0VTiDn1nqxgYwuMe
E4nnrGNj3nsbMyUzogOeL1BOeGTT3/KJnWosA1P8aPvxQjtl8eEOkqO4+MrqLD0a
0HPSkou075U59klaAEMazpvogQR+oEYptFRqn3c147aMmFD4sGJOYokVtZ2ELGN9
kMhDtNZ+r28A19Ib3w9Nac3e/w1Udmoiuh5DqNbpU3fNMww2GkVrTmoFjz49/vAL
Ccv+kiSZEzUfRX2PoS68lBBgTZFWBwhW0zT5CWGMeScT3npEiQDTggRL+2URzrUo
PF7XQLzdsPkPpqGWJd9sifjN0vdmqGwNP2d0mjycwkCkbg87YTvkgg==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:21 2025 by rpki-client