Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/_80zqwpHn-WJ6_qWN6hh5YLfkMU.roa
File: _80zqwpHn-WJ6_qWN6hh5YLfkMU.roa (raw, json)
Hash identifier: MFMKzXpy4Tdxi8/dXoe1nt/4ToiMPgZ9PSxqHkCXdmM=
Subject key identifier: FF:CD:33:AB:0A:47:9F:E5:89:EB:FA:96:37:A8:61:E5:82:DF:90:C5
Certificate issuer: /CN=c4cc02f8fa74cf0da81e8ce2943ea7f9ed2a85f4
Certificate serial: 018AE47704A9C4968DC7AD4B8DEC53F5ACED
Authority key identifier: C4:CC:02:F8:FA:74:CF:0D:A8:1E:8C:E2:94:3E:A7:F9:ED:2A:85:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/_80zqwpHn-WJ6_qWN6hh5YLfkMU.roa
Signing time: Sat 30 Sep 2023 05:01:59 +0000
ROA not before: Sat 30 Sep 2023 05:01:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57069
IP address blocks: 89.22.64.0/24 maxlen: 24
89.22.66.0/23 maxlen: 23
89.22.68.0/22 maxlen: 22
89.22.72.0/21 maxlen: 21
89.22.84.0/22 maxlen: 22
89.22.82.0/23 maxlen: 23
89.22.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:e4:77:04:a9:c4:96:8d:c7:ad:4b:8d:ec:53:f5:ac:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4cc02f8fa74cf0da81e8ce2943ea7f9ed2a85f4
Validity
Not Before: Sep 30 05:01:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffcd33ab0a479fe589ebfa9637a861e582df90c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a9:98:f0:fe:10:41:9a:09:c4:30:b4:c0:5e:
36:a0:bc:1f:6e:02:a6:bc:e5:70:ed:e0:a7:3f:1a:
aa:04:7a:2b:fb:d8:c1:a3:3a:8b:d2:31:6c:67:4e:
59:50:62:86:93:df:fd:ec:c2:1b:0d:fd:09:15:bb:
d3:a1:d3:2f:e8:0f:1f:05:cd:98:b9:17:e2:29:33:
f0:2c:6b:d4:f0:96:38:d3:b4:90:2c:68:90:88:c4:
26:21:6e:c0:65:50:b7:89:4e:25:9d:ab:9c:9d:83:
4f:66:e6:1e:b0:44:30:b7:65:b9:c4:61:44:ca:a7:
7c:17:a9:90:58:7c:9d:28:10:99:be:e0:bf:b1:a6:
09:64:54:20:43:f8:88:81:08:d4:da:51:a7:ee:26:
1a:b8:bc:9f:61:63:a1:24:f0:75:3b:06:15:ed:e0:
7a:29:7a:cc:89:34:8c:88:f8:26:e6:20:74:5c:23:
17:3a:82:d5:db:d5:19:9f:d5:7b:47:29:ed:0b:04:
f8:4f:96:26:b3:c5:3e:66:aa:7f:66:34:aa:d2:72:
e7:48:83:f4:a4:cd:bd:85:98:82:15:e7:08:45:50:
34:12:fb:b9:1e:07:7f:24:b2:47:a6:61:bd:fd:56:
93:09:06:06:92:f6:36:46:60:15:52:a5:f9:d5:0e:
0b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CD:33:AB:0A:47:9F:E5:89:EB:FA:96:37:A8:61:E5:82:DF:90:C5
X509v3 Authority Key Identifier:
keyid:C4:CC:02:F8:FA:74:CF:0D:A8:1E:8C:E2:94:3E:A7:F9:ED:2A:85:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/_80zqwpHn-WJ6_qWN6hh5YLfkMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/xMwC-Pp0zw2oHozilD6n-e0qhfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.64.0/24
89.22.66.0-89.22.79.255
89.22.82.0-89.22.95.255
Signature Algorithm: sha256WithRSAEncryption
b8:9e:b2:a5:5e:08:f0:cc:58:c5:6e:f8:a1:4c:14:50:c8:a8:
8d:7f:0d:f1:51:23:f4:06:41:90:bb:c3:bc:8e:32:88:40:a2:
40:41:25:e8:4f:fc:6a:7a:c6:e2:66:cc:a2:d0:cb:90:9a:81:
9e:92:71:76:91:44:82:d1:d9:c0:df:46:be:74:68:fe:31:40:
08:9b:b6:50:77:86:bf:37:6d:d6:a5:78:4b:d8:5d:93:7b:c8:
3e:23:1c:af:2f:a9:81:70:65:24:aa:24:ee:6d:74:89:d8:3a:
b7:e6:24:24:63:a3:95:e8:35:17:e5:3f:52:13:02:43:84:f1:
88:08:56:ae:de:e5:83:cd:72:66:91:58:9a:f4:f5:b5:1c:60:
2c:7c:1b:ea:87:41:cc:f4:2b:f3:9d:00:27:7d:f2:73:7f:ef:
66:b1:59:43:82:54:7b:12:d5:89:35:a9:4c:6f:ef:61:20:c0:
b8:6f:93:e5:2c:00:5e:4f:57:f2:19:32:21:86:57:f5:4b:e1:
64:eb:34:36:68:af:68:0f:34:e5:f6:d0:2d:b1:0e:d7:ce:de:
3e:89:13:b8:58:d1:68:59:aa:f9:3f:4e:c5:7b:84:7e:06:84:
06:9c:e1:bf:26:e2:dd:1a:4a:62:43:34:7a:42:65:e7:bf:21:
29:bf:e0:33
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYrkdwSpxJaNx61LjexT9aztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Y2MwMmY4ZmE3NGNmMGRhODFlOGNlMjk0M2VhN2Y5ZWQy
YTg1ZjQwHhcNMjMwOTMwMDUwMTU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmNkMzNhYjBhNDc5ZmU1ODllYmZhOTYzN2E4NjFlNTgyZGY5MGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6mY8P4QQZoJxDC0wF42oLwfbgKm
vOVw7eCnPxqqBHor+9jBozqL0jFsZ05ZUGKGk9/97MIbDf0JFbvTodMv6A8fBc2Y
uRfiKTPwLGvU8JY407SQLGiQiMQmIW7AZVC3iU4lnaucnYNPZuYesEQwt2W5xGFE
yqd8F6mQWHydKBCZvuC/saYJZFQgQ/iIgQjU2lGn7iYauLyfYWOhJPB1OwYV7eB6
KXrMiTSMiPgm5iB0XCMXOoLV29UZn9V7RyntCwT4T5Yms8U+Zqp/ZjSq0nLnSIP0
pM29hZiCFecIRVA0Evu5Hgd/JLJHpmG9/VaTCQYGkvY2RmAVUqX51Q4LvQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFP/NM6sKR5/liev6ljeoYeWC35DFMB8GA1UdIwQY
MBaAFMTMAvj6dM8NqB6M4pQ+p/ntKoX0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE13Qy1QcDB6dzJvSG96aWxENm4tZTBxaGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMzQ4ZjEtYmI3MC00YjM0LWJlMTIt
MjE5ZTc5ZDg0ZTQzLzEvXzgwenF3cEhuLVdKNl9xV042aGg1WUxma01VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMzQ4ZjEtYmI3MC00YjM0LWJlMTItMjE5ZTc5ZDg0ZTQz
LzEveE13Qy1QcDB6dzJvSG96aWxENm4tZTBxaGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAWRZAMAwD
BAFZFkIDBARZFkAwDAMEAVkWUgMEBVkWQDANBgkqhkiG9w0BAQsFAAOCAQEAuJ6y
pV4I8MxYxW74oUwUUMiojX8N8VEj9AZBkLvDvI4yiECiQEEl6E/8anrG4mbMotDL
kJqBnpJxdpFEgtHZwN9GvnRo/jFACJu2UHeGvzdt1qV4S9hdk3vIPiMcry+pgXBl
JKok7m10idg6t+YkJGOjleg1F+U/UhMCQ4TxiAhWrt7lg81yZpFYmvT1tRxgLHwb
6odBzPQr850AJ33yc3/vZrFZQ4JUexLViTWpTG/vYSDAuG+T5SwAXk9X8hkyIYZX
9UvhZOs0NmivaA805fbQLbEO187ePokTuFjRaFmq+T9OxXuEfgaEBpzhvybi3RpK
YkM0ekJl578hKb/gMw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:29 2025 by rpki-client