Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/b_08Oc6ghBonTbyeif73CcTRW2k.roa
File: b_08Oc6ghBonTbyeif73CcTRW2k.roa (raw, json)
Hash identifier: +FoNKHHNBRp/UmmMojtrQPiGyI1w8engaJWTKCvAmS4=
Subject key identifier: 6F:FD:3C:39:CE:A0:84:1A:27:4D:BC:9E:89:FE:F7:09:C4:D1:5B:69
Certificate issuer: /CN=4a4b513f7e446e0cd6dcfe56829bbc9fe498d3e8
Certificate serial: 01839CE5C8CADA7679623CE2B8ED81816B22
Authority key identifier: 4A:4B:51:3F:7E:44:6E:0C:D6:DC:FE:56:82:9B:BC:9F:E4:98:D3:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SktRP35EbgzW3P5Wgpu8n-SY0-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/b_08Oc6ghBonTbyeif73CcTRW2k.roa
Signing time: Mon 03 Oct 2022 08:10:48 +0000
ROA not before: Mon 03 Oct 2022 08:10:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41696
IP address blocks: 89.221.176.0/20 maxlen: 24
2a02:e28::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9c:e5:c8:ca:da:76:79:62:3c:e2:b8:ed:81:81:6b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a4b513f7e446e0cd6dcfe56829bbc9fe498d3e8
Validity
Not Before: Oct 3 08:10:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ffd3c39cea0841a274dbc9e89fef709c4d15b69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ac:a2:69:4e:c2:c6:23:65:2c:f1:83:d2:52:
11:40:2d:0f:bc:80:57:d9:57:fe:ad:d1:1e:32:0f:
e8:a1:31:57:2f:90:c7:53:8c:48:4f:20:19:e6:94:
08:84:d2:6a:5e:8d:12:ec:f2:20:e9:89:b7:53:2b:
b7:65:a1:cd:0a:ec:78:b3:35:6e:e8:18:1d:ae:25:
a9:25:46:ee:ba:f4:29:44:62:10:7a:e0:2c:5d:9d:
71:3a:55:90:7d:45:28:99:bb:a3:f6:51:c5:57:d5:
1b:7f:cb:d6:ac:57:6a:84:d9:94:03:22:97:fe:57:
ab:0d:f8:7f:b1:32:4a:da:93:5c:71:6e:64:06:13:
8e:5b:95:11:6e:90:2e:c1:1d:b7:04:ba:83:46:9a:
47:77:cb:dc:49:b2:51:44:25:22:31:1b:b4:cf:1b:
0a:0c:01:50:24:6a:44:37:fd:97:08:8f:71:28:c2:
e9:94:00:cd:c4:cb:4b:48:aa:a7:5b:db:06:6c:65:
db:93:63:e3:b2:40:44:b2:a8:db:5d:f6:b4:a3:d2:
62:7d:f1:13:33:d9:f0:fd:88:a7:b3:dd:0e:f5:7d:
42:e3:42:8a:eb:e8:ea:46:fb:b4:5c:5c:53:4f:e1:
54:89:87:a1:30:32:a9:42:d8:31:37:9d:39:1b:ba:
86:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:FD:3C:39:CE:A0:84:1A:27:4D:BC:9E:89:FE:F7:09:C4:D1:5B:69
X509v3 Authority Key Identifier:
keyid:4A:4B:51:3F:7E:44:6E:0C:D6:DC:FE:56:82:9B:BC:9F:E4:98:D3:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SktRP35EbgzW3P5Wgpu8n-SY0-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/b_08Oc6ghBonTbyeif73CcTRW2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fa5519-0e35-44cf-9d4f-2aea75c2df78/1/SktRP35EbgzW3P5Wgpu8n-SY0-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.221.176.0/20
IPv6:
2a02:e28::/32
Signature Algorithm: sha256WithRSAEncryption
34:97:9b:50:e2:32:48:9a:bd:15:7a:f7:b8:5e:b2:b5:51:e2:
b8:ad:e3:92:75:cb:b5:a1:43:a7:b1:d4:89:42:a4:e6:9b:9d:
c8:3d:db:6c:29:74:d2:95:e0:32:5d:da:ab:8c:d9:15:7f:c0:
54:79:22:a0:cd:65:bd:75:65:79:62:59:f7:ae:d4:13:d5:d4:
72:52:e3:83:f1:5c:ed:21:fa:34:b7:86:ab:32:43:7c:8a:73:
ff:bf:c1:12:24:fa:46:ae:3d:72:27:84:c9:6a:89:dc:3b:a0:
95:51:a1:3c:0d:56:48:e8:33:8b:3b:7b:6d:32:5e:13:6c:12:
f0:fd:34:8d:da:07:14:ce:c9:9c:5b:2c:80:6b:56:99:e0:9c:
0d:db:a9:d6:1f:00:c8:90:f7:2e:83:24:15:b3:6d:e3:ce:09:
76:67:d2:da:19:74:08:24:47:24:1a:9d:f2:ec:a4:4c:09:37:
2f:97:73:f5:e2:0b:f2:e5:85:80:08:ab:45:f8:4a:c5:15:36:
0f:4c:22:a6:0e:68:86:55:1f:81:4d:44:96:c5:83:2f:e7:69:
25:89:04:24:49:ea:3c:e5:fd:4b:51:e4:1a:7f:4e:54:79:c7:
ba:7a:68:ff:04:bc:ad:20:b7:5b:5e:05:32:3c:46:1b:9d:5f:
12:52:8a:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYOc5cjK2nZ5YjziuO2BgWsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNGI1MTNmN2U0NDZlMGNkNmRjZmU1NjgyOWJiYzlmZTQ5
OGQzZTgwHhcNMjIxMDAzMDgxMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmZkM2MzOWNlYTA4NDFhMjc0ZGJjOWU4OWZlZjcwOWM0ZDE1YjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqyiaU7CxiNlLPGD0lIRQC0PvIBX
2Vf+rdEeMg/ooTFXL5DHU4xITyAZ5pQIhNJqXo0S7PIg6Ym3Uyu3ZaHNCux4szVu
6BgdriWpJUbuuvQpRGIQeuAsXZ1xOlWQfUUombuj9lHFV9Ubf8vWrFdqhNmUAyKX
/lerDfh/sTJK2pNccW5kBhOOW5URbpAuwR23BLqDRppHd8vcSbJRRCUiMRu0zxsK
DAFQJGpEN/2XCI9xKMLplADNxMtLSKqnW9sGbGXbk2PjskBEsqjbXfa0o9JiffET
M9nw/Yins90O9X1C40KK6+jqRvu0XFxTT+FUiYehMDKpQtgxN505G7qGEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG/9PDnOoIQaJ028non+9wnE0VtpMB8GA1UdIwQY
MBaAFEpLUT9+RG4M1tz+VoKbvJ/kmNPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2t0UlAzNUViZ3pXM1A1V2dwdThuLVNZMC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mYTU1MTktMGUzNS00NGNmLTlkNGYt
MmFlYTc1YzJkZjc4LzEvYl8wOE9jNmdoQm9uVGJ5ZWlmNzNDY1RSVzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mYTU1MTktMGUzNS00NGNmLTlkNGYtMmFlYTc1YzJkZjc4
LzEvU2t0UlAzNUViZ3pXM1A1V2dwdThuLVNZMC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEWd2wMA0E
AgACMAcDBQAqAg4oMA0GCSqGSIb3DQEBCwUAA4IBAQA0l5tQ4jJImr0Veve4XrK1
UeK4reOSdcu1oUOnsdSJQqTmm53IPdtsKXTSleAyXdqrjNkVf8BUeSKgzWW9dWV5
Yln3rtQT1dRyUuOD8VztIfo0t4arMkN8inP/v8ESJPpGrj1yJ4TJaoncO6CVUaE8
DVZI6DOLO3ttMl4TbBLw/TSN2gcUzsmcWyyAa1aZ4JwN26nWHwDIkPcugyQVs23j
zgl2Z9LaGXQIJEckGp3y7KRMCTcvl3P14gvy5YWACKtF+ErFFTYPTCKmDmiGVR+B
TUSWxYMv52kliQQkSeo85f1LUeQaf05Uece6emj/BLytILdbXgUyPEYbnV8SUopN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:37 2025 by rpki-client