Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/iXYaIb68RuecEWC3ejK3DxeDd3c.roa
File: iXYaIb68RuecEWC3ejK3DxeDd3c.roa (raw, json)
Hash identifier: p2d52CnP16Wdhkm0rSLXV8zcPESMU7a8w/IOGMnpPkk=
Subject key identifier: 89:76:1A:21:BE:BC:46:E7:9C:11:60:B7:7A:32:B7:0F:17:83:77:77
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 01842D2FB16FDE7F409AA6C92345B30CE251
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/iXYaIb68RuecEWC3ejK3DxeDd3c.roa
Signing time: Mon 31 Oct 2022 08:36:51 +0000
ROA not before: Mon 31 Oct 2022 08:36:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 80.71.226.0/24 maxlen: 24
80.71.224.0/24 maxlen: 24
80.71.238.0/24 maxlen: 24
80.71.236.0/24 maxlen: 24
81.29.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2d:2f:b1:6f:de:7f:40:9a:a6:c9:23:45:b3:0c:e2:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Oct 31 08:36:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89761a21bebc46e79c1160b77a32b70f17837777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:8a:e3:2c:90:67:44:00:ba:b4:c8:ff:31:f5:
4a:dc:2e:bf:85:dd:36:d2:fb:64:41:51:6d:33:32:
2b:49:40:dc:96:8d:7b:1a:a9:16:d4:1e:dd:82:3c:
23:8e:75:c0:90:a3:f2:4c:99:ec:04:f1:e7:d1:77:
dc:8d:15:c6:a3:6f:b6:3a:be:93:6d:8b:f1:4b:8a:
b2:93:73:27:c4:b9:26:49:d1:1e:2a:09:b2:77:12:
cd:53:81:98:2f:80:34:c1:58:2a:71:29:71:b4:9a:
57:64:2f:25:0c:de:fc:77:bb:d0:13:ae:7e:dd:49:
b7:e5:d9:cf:40:ad:7e:ad:a7:c4:dc:42:bc:b8:e9:
0a:84:12:0b:d7:9d:ec:c2:31:f0:91:5e:53:34:c8:
33:05:4c:d3:ce:ca:12:b4:05:0a:4e:0f:0e:fc:67:
b2:d8:71:e9:11:ec:51:1e:a7:22:96:9a:ad:ba:99:
b1:70:85:69:10:86:7a:52:b7:75:ab:a8:69:5b:9b:
18:18:72:a8:99:20:a4:1a:b0:9d:c4:31:df:58:4d:
a6:be:48:03:cd:20:ec:dd:d3:11:10:b1:89:ea:4a:
07:ab:1f:cf:2b:36:2d:60:74:78:33:5b:8e:ea:a9:
5d:42:e8:db:46:ec:9c:85:a9:24:63:6f:9c:8d:c5:
ba:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:76:1A:21:BE:BC:46:E7:9C:11:60:B7:7A:32:B7:0F:17:83:77:77
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/iXYaIb68RuecEWC3ejK3DxeDd3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.224.0/24
80.71.226.0/24
80.71.236.0/24
80.71.238.0/24
81.29.144.0/24
Signature Algorithm: sha256WithRSAEncryption
22:17:e3:b5:03:4c:b7:4d:14:08:ca:5f:40:84:5c:49:28:64:
5a:45:ea:e3:7f:e2:80:88:c2:76:21:9a:ce:05:99:bf:53:d0:
43:3e:59:28:04:8e:1d:06:8c:b1:f4:27:79:c1:93:e1:b0:8a:
e6:94:61:d1:ff:1b:6c:38:9b:1c:ec:eb:21:3b:ac:75:90:01:
a4:bb:c6:20:62:51:0a:0b:49:28:f1:08:85:5e:ea:83:15:e6:
18:7b:95:7c:e9:44:92:f6:cc:ac:5b:35:00:29:2d:a2:a7:3f:
34:e0:48:8e:8e:d5:de:a2:e2:49:77:02:ed:d0:19:3c:98:92:
bf:dc:fa:72:56:3b:0b:0d:d9:84:65:86:91:f0:88:8f:91:93:
b9:76:34:47:ee:ee:7d:3c:7a:18:11:a3:aa:71:ba:5a:84:ac:
7d:b9:76:8e:33:9b:18:76:64:6f:c2:17:30:a7:ea:cd:c6:12:
91:75:ef:c7:13:83:c6:c8:c3:8e:3a:69:c2:58:e9:f9:c4:0b:
a2:0a:b5:b1:f2:f5:2c:5f:59:e6:c4:ac:b4:a0:62:c0:dc:3a:
c9:8d:92:ba:a1:e2:ee:29:f4:54:38:c3:ea:8f:7e:4c:f6:99:
bc:82:d7:a0:38:80:5c:b9:b3:c8:92:e7:6b:84:f9:e3:84:a0:
b1:d5:39:4b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQtL7Fv3n9AmqbJI0WzDOJRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIxMDMxMDgzNjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTc2MWEyMWJlYmM0NmU3OWMxMTYwYjc3YTMyYjcwZjE3ODM3Nzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IrjLJBnRAC6tMj/MfVK3C6/hd02
0vtkQVFtMzIrSUDclo17GqkW1B7dgjwjjnXAkKPyTJnsBPHn0XfcjRXGo2+2Or6T
bYvxS4qyk3MnxLkmSdEeKgmydxLNU4GYL4A0wVgqcSlxtJpXZC8lDN78d7vQE65+
3Um35dnPQK1+rafE3EK8uOkKhBIL153swjHwkV5TNMgzBUzTzsoStAUKTg8O/Gey
2HHpEexRHqcilpqtupmxcIVpEIZ6Urd1q6hpW5sYGHKomSCkGrCdxDHfWE2mvkgD
zSDs3dMRELGJ6koHqx/PKzYtYHR4M1uO6qldQujbRuychakkY2+cjcW6GwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIl2GiG+vEbnnBFgt3oytw8Xg3d3MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvaVhZYUliNjhSdWVjRVdDM2VqSzNEeGVEZDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEfgAwQA
UEfiAwQAUEfsAwQAUEfuAwQAUR2QMA0GCSqGSIb3DQEBCwUAA4IBAQAiF+O1A0y3
TRQIyl9AhFxJKGRaRerjf+KAiMJ2IZrOBZm/U9BDPlkoBI4dBoyx9Cd5wZPhsIrm
lGHR/xtsOJsc7OshO6x1kAGku8YgYlEKC0ko8QiFXuqDFeYYe5V86USS9sysWzUA
KS2ipz804EiOjtXeouJJdwLt0Bk8mJK/3PpyVjsLDdmEZYaR8IiPkZO5djRH7u59
PHoYEaOqcbpahKx9uXaOM5sYdmRvwhcwp+rNxhKRde/HE4PGyMOOOmnCWOn5xAui
CrWx8vUsX1nmxKy0oGLA3DrJjZK6oeLuKfRUOMPqj35M9pm8gtegOIBcubPIkudr
hPnjhKCx1TlL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org