Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/8gRWE6O5E68mi92FbX8u69mQCrk.roa
File: 8gRWE6O5E68mi92FbX8u69mQCrk.roa (raw, json)
Hash identifier: lQlO0sYcQG55rAlYBN3uSzCB7kCH60u3BJtWjfGEE64=
Subject key identifier: F2:04:56:13:A3:B9:13:AF:26:8B:DD:85:6D:7F:2E:EB:D9:90:0A:B9
Certificate issuer: /CN=e801f23ce821c264d67727536ec183537594c5f2
Certificate serial: 371B2AF8
Authority key identifier: E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/8gRWE6O5E68mi92FbX8u69mQCrk.roa
Signing time: Sat 01 Jan 2022 11:59:57 +0000
ROA not before: Sat 01 Jan 2022 11:59:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41001
IP address blocks: 89.45.232.0/22 maxlen: 22
89.47.184.0/23 maxlen: 23
86.105.118.0/24 maxlen: 24
2001:6b0:5a::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924527352 (0x371b2af8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e801f23ce821c264d67727536ec183537594c5f2
Validity
Not Before: Jan 1 11:59:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2045613a3b913af268bdd856d7f2eebd9900ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3d:ab:f0:b3:4c:91:4d:5c:76:61:10:49:57:
08:e1:bc:29:4c:79:d6:9c:70:c9:b2:67:58:9d:f2:
0a:3a:8f:79:6e:a6:fb:f5:f0:ce:e0:a2:86:a8:1a:
0b:98:eb:6b:82:c9:42:7e:50:1f:e3:4e:f9:04:5e:
79:f4:98:a7:72:2b:14:82:f0:92:7f:92:98:1b:1e:
0e:9f:46:6e:e0:21:57:6f:7d:65:ae:fd:20:85:73:
77:63:c6:fb:9b:be:ac:8d:cf:14:51:f8:db:67:df:
c4:a9:85:e4:91:6a:8e:b5:bc:bc:65:f2:ed:46:e3:
39:a3:ed:d2:d1:a5:0a:56:0b:4d:bc:de:f9:d6:06:
00:dc:52:d9:71:a5:a8:b5:98:f3:d4:52:2d:46:6f:
db:0c:f3:3f:c9:71:8c:18:a8:87:4f:19:84:c7:18:
9a:72:66:17:06:94:b1:d3:73:0b:dd:44:ad:29:26:
31:60:2d:fb:55:65:16:e8:99:da:e6:bd:e4:58:00:
e1:1b:ee:60:c0:aa:8b:4b:6c:07:d3:d9:4e:b4:bd:
3d:84:ac:b0:3a:c7:a3:ae:0c:92:73:c3:15:12:8b:
01:ec:62:2b:16:4a:be:69:29:92:74:df:85:0c:82:
90:db:94:2a:05:b2:be:bb:bb:d8:61:6a:24:f8:a8:
bd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:04:56:13:A3:B9:13:AF:26:8B:DD:85:6D:7F:2E:EB:D9:90:0A:B9
X509v3 Authority Key Identifier:
keyid:E8:01:F2:3C:E8:21:C2:64:D6:77:27:53:6E:C1:83:53:75:94:C5:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6AHyPOghwmTWdydTbsGDU3WUxfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/8gRWE6O5E68mi92FbX8u69mQCrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eab4d8-6afd-4f81-ab10-464eb183b568/1/6AHyPOghwmTWdydTbsGDU3WUxfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.118.0/24
89.45.232.0/22
89.47.184.0/23
IPv6:
2001:6b0:5a::/48
Signature Algorithm: sha256WithRSAEncryption
45:bd:24:5e:51:64:aa:a3:58:7f:13:cc:a8:d4:be:25:a9:35:
7b:44:18:b1:cd:75:5e:ae:bf:48:f3:55:bc:c0:e8:2a:0d:16:
c6:08:8f:e4:94:2b:28:2a:85:2d:d9:cc:ba:12:b0:f2:51:41:
e6:41:e2:fc:83:37:52:ec:b0:70:a8:a6:55:7a:ab:92:a8:b9:
37:75:4d:b6:82:b5:69:2c:dd:b5:5b:01:35:71:73:4f:b2:33:
d6:c0:8d:59:d3:c6:ae:ba:4c:5e:b3:9b:55:3c:6c:9d:bd:04:
94:c1:33:74:09:63:ae:32:5c:0a:fd:c2:40:da:e7:d6:22:41:
01:1e:4e:95:11:6e:3e:22:51:30:9b:2a:7a:44:f9:ca:e3:fe:
2a:c6:c7:15:4f:71:f3:b3:86:7e:65:db:d3:30:7c:e2:a5:9b:
1e:20:c6:09:65:b8:3b:32:f5:12:23:57:bc:3b:fa:7d:d9:1b:
67:a2:8d:cc:7d:a7:91:d8:79:82:d0:fe:2d:0d:8c:f6:f2:32:
4f:0a:96:93:1b:65:e7:37:f1:c7:89:e8:5f:5b:48:42:5c:c1:
16:0b:3e:a9:ce:98:26:82:2d:cc:9d:68:c2:6b:63:20:55:ff:
54:8d:a0:cd:6c:75:bb:1c:9b:30:e0:c9:94:16:b9:ea:53:1c:
c1:7e:0c:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIENxsq+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODAxZjIzY2U4MjFjMjY0ZDY3NzI3NTM2ZWMxODM1Mzc1OTRjNWYyMB4XDTIyMDEw
MTExNTk1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIwNDU2MTNhM2I5
MTNhZjI2OGJkZDg1NmQ3ZjJlZWJkOTkwMGFiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL89q/CzTJFNXHZhEElXCOG8KUx51pxwybJnWJ3yCjqPeW6m
+/XwzuCihqgaC5jra4LJQn5QH+NO+QReefSYp3IrFILwkn+SmBseDp9GbuAhV299
Za79IIVzd2PG+5u+rI3PFFH422ffxKmF5JFqjrW8vGXy7UbjOaPt0tGlClYLTbze
+dYGANxS2XGlqLWY89RSLUZv2wzzP8lxjBioh08ZhMcYmnJmFwaUsdNzC91ErSkm
MWAt+1VlFuiZ2ua95FgA4RvuYMCqi0tsB9PZTrS9PYSssDrHo64MknPDFRKLAexi
KxZKvmkpknTfhQyCkNuUKgWyvru72GFqJPiovecCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTyBFYTo7kTryaL3YVtfy7r2ZAKuTAfBgNVHSMEGDAWgBToAfI86CHCZNZ3
J1NuwYNTdZTF8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZBSHlQT2dod21UV2R5ZFRic0dEVTNXVXhmSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvZWFiNGQ4LTZhZmQtNGY4MS1hYjEwLTQ2NGViMTgzYjU2OC8x
LzhnUldFNk81RTY4bWk5MkZiWDh1NjltUUNyay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
ZWFiNGQ4LTZhZmQtNGY4MS1hYjEwLTQ2NGViMTgzYjU2OC8xLzZBSHlQT2dod21U
V2R5ZFRic0dEVTNXVXhmSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAFZpdgMEAlkt6AMEAVkvuDAPBAIA
AjAJAwcAIAEGsABaMA0GCSqGSIb3DQEBCwUAA4IBAQBFvSReUWSqo1h/E8yo1L4l
qTV7RBixzXVerr9I81W8wOgqDRbGCI/klCsoKoUt2cy6ErDyUUHmQeL8gzdS7LBw
qKZVequSqLk3dU22grVpLN21WwE1cXNPsjPWwI1Z08auukxes5tVPGydvQSUwTN0
CWOuMlwK/cJA2ufWIkEBHk6VEW4+IlEwmyp6RPnK4/4qxscVT3Hzs4Z+ZdvTMHzi
pZseIMYJZbg7MvUSI1e8O/p92Rtnoo3MfaeR2HmC0P4tDYz28jJPCpaTG2XnN/HH
iehfW0hCXMEWCz6pzpgmgi3MnWjCa2MgVf9UjaDNbHW7HJsw4MmUFrnqUxzBfgz0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:39 2023 by rpki-client on console-ams.rpki-client.org