Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/514a42-0be8-45e8-a7f0-55da8ec36014/1/EUcb6r0fH418v4wkuyMtT44hm-U.roa
File: EUcb6r0fH418v4wkuyMtT44hm-U.roa (raw, json)
Hash identifier: bSoVVhKcWJLyXr04fVkfK5bqvgCFsjURqhvsBLakY3o=
Subject key identifier: 11:47:1B:EA:BD:1F:1F:8D:7C:BF:8C:24:BB:23:2D:4F:8E:21:9B:E5
Certificate issuer: /CN=d0f6b8436f6634cd31d7097ce242a549935b18d7
Certificate serial: 05C29B77
Authority key identifier: D0:F6:B8:43:6F:66:34:CD:31:D7:09:7C:E2:42:A5:49:93:5B:18:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Pa4Q29mNM0x1wl84kKlSZNbGNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/514a42-0be8-45e8-a7f0-55da8ec36014/1/EUcb6r0fH418v4wkuyMtT44hm-U.roa
Signing time: Sat 01 Jan 2022 12:02:01 +0000
ROA not before: Sat 01 Jan 2022 12:02:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59989
IP address blocks: 185.89.84.0/24 maxlen: 24
185.89.85.0/24 maxlen: 24
185.89.84.0/22 maxlen: 22
185.89.87.0/24 maxlen: 24
185.89.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96639863 (0x5c29b77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0f6b8436f6634cd31d7097ce242a549935b18d7
Validity
Not Before: Jan 1 12:02:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11471beabd1f1f8d7cbf8c24bb232d4f8e219be5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:49:d3:53:62:ef:12:7b:70:f1:1a:b6:ca:37:
c5:01:a9:ad:84:8b:13:7e:4b:6a:2c:5e:28:6c:7b:
97:85:5f:0b:b4:e2:c8:99:5e:7c:a4:91:94:21:13:
2f:9e:b8:b2:96:e4:62:f8:7f:78:d8:f7:86:c0:64:
7c:56:84:ba:a9:b8:5f:b6:2f:e4:d5:59:9a:9a:c7:
df:75:f7:31:5f:ce:1d:ef:ba:43:d8:10:84:b5:f3:
22:76:0f:23:ba:7b:cf:05:9b:5e:13:08:9c:89:a2:
03:24:65:be:8a:23:60:09:bb:ce:08:37:a4:ac:6a:
0f:26:b2:3f:29:cf:ef:9f:5a:df:b0:e2:fa:76:c8:
d5:63:96:4b:49:03:5a:94:1d:4b:68:81:4a:37:c4:
4a:a7:c8:79:e1:71:24:dc:0f:26:b3:41:6d:f8:93:
35:fe:8e:8d:57:2b:8b:50:5f:8f:b7:eb:9d:79:9f:
e8:9a:f2:8b:ab:ea:43:17:2a:cd:78:30:e2:8b:4c:
0a:0f:3c:58:2d:70:0c:83:c1:0a:78:95:b6:51:d9:
3b:e1:c8:17:14:41:9c:e5:27:2e:4a:38:ca:fd:99:
01:28:ab:05:10:57:a5:df:9f:0d:f0:d1:bf:24:c0:
3e:e9:32:9b:64:c8:af:59:a7:33:cd:dd:1b:f7:f7:
8f:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:47:1B:EA:BD:1F:1F:8D:7C:BF:8C:24:BB:23:2D:4F:8E:21:9B:E5
X509v3 Authority Key Identifier:
keyid:D0:F6:B8:43:6F:66:34:CD:31:D7:09:7C:E2:42:A5:49:93:5B:18:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Pa4Q29mNM0x1wl84kKlSZNbGNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/514a42-0be8-45e8-a7f0-55da8ec36014/1/EUcb6r0fH418v4wkuyMtT44hm-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/514a42-0be8-45e8-a7f0-55da8ec36014/1/0Pa4Q29mNM0x1wl84kKlSZNbGNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.84.0/22
Signature Algorithm: sha256WithRSAEncryption
46:10:a3:12:bd:7c:f0:03:5a:5c:20:c6:60:29:89:25:d5:66:
aa:32:d2:14:49:8b:b1:21:c1:73:8a:d5:65:c0:ff:3f:e7:7d:
a8:69:0a:c9:19:9a:65:ec:a3:34:b9:f2:2a:8d:6e:05:2c:1a:
30:bf:8a:f1:77:00:c5:7e:9b:f0:d0:48:46:c1:4b:fe:9d:e9:
a7:a2:03:fb:27:5c:e7:5d:05:c9:62:5e:1a:45:c4:10:ae:c1:
e2:68:c7:25:a9:c0:e9:b1:c2:23:dc:56:95:50:8f:93:1d:00:
47:cb:37:c7:37:3b:ca:73:be:4f:4a:2f:c0:fc:df:99:6a:c2:
5e:ed:95:58:ad:d4:02:ab:5c:9e:fa:87:99:a4:ea:46:3a:74:
f7:0a:8a:61:86:99:34:36:70:f5:63:41:b6:9b:49:8a:fa:4a:
0e:1a:98:0c:7b:97:53:76:ac:6f:6a:69:ca:b8:df:7f:61:c9:
fb:b2:a5:3c:52:71:5e:c3:04:78:21:7d:cf:9f:f3:3d:24:38:
e8:b3:52:bc:9f:62:5b:da:4c:5d:53:1e:7a:c2:7d:08:84:24:
07:ca:36:f8:86:48:d1:b6:c0:68:6e:85:9b:e9:f1:5e:55:6a:
6f:cb:dd:ca:eb:2b:8a:36:39:84:7f:23:30:77:84:6a:d1:39:
67:8b:5c:dd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBcKbdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MGY2Yjg0MzZmNjYzNGNkMzFkNzA5N2NlMjQyYTU0OTkzNWIxOGQ3MB4XDTIyMDEw
MTEyMDIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTE0NzFiZWFiZDFm
MWY4ZDdjYmY4YzI0YmIyMzJkNGY4ZTIxOWJlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlJ01Ni7xJ7cPEatso3xQGprYSLE35LaixeKGx7l4VfC7Ti
yJlefKSRlCETL564spbkYvh/eNj3hsBkfFaEuqm4X7Yv5NVZmprH33X3MV/OHe+6
Q9gQhLXzInYPI7p7zwWbXhMInImiAyRlvoojYAm7zgg3pKxqDyayPynP759a37Di
+nbI1WOWS0kDWpQdS2iBSjfESqfIeeFxJNwPJrNBbfiTNf6OjVcri1Bfj7frnXmf
6Jryi6vqQxcqzXgw4otMCg88WC1wDIPBCniVtlHZO+HIFxRBnOUnLko4yv2ZASir
BRBXpd+fDfDRvyTAPukym2TIr1mnM83dG/f3j/UCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQRRxvqvR8fjXy/jCS7Iy1PjiGb5TAfBgNVHSMEGDAWgBTQ9rhDb2Y0zTHX
CXziQqVJk1sY1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBQYTRRMjltTk0weDF3bDg0a0tsU1pOYkdOYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvNTE0YTQyLTBiZTgtNDVlOC1hN2YwLTU1ZGE4ZWMzNjAxNC8x
L0VVY2I2cjBmSDQxOHY0d2t1eU10VDQ0aG0tVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
NTE0YTQyLTBiZTgtNDVlOC1hN2YwLTU1ZGE4ZWMzNjAxNC8xLzBQYTRRMjltTk0w
eDF3bDg0a0tsU1pOYkdOYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlZVDANBgkqhkiG9w0BAQsFAAOC
AQEARhCjEr188ANaXCDGYCmJJdVmqjLSFEmLsSHBc4rVZcD/P+d9qGkKyRmaZeyj
NLnyKo1uBSwaML+K8XcAxX6b8NBIRsFL/p3pp6ID+ydc510FyWJeGkXEEK7B4mjH
JanA6bHCI9xWlVCPkx0AR8s3xzc7ynO+T0ovwPzfmWrCXu2VWK3UAqtcnvqHmaTq
Rjp09wqKYYaZNDZw9WNBtptJivpKDhqYDHuXU3asb2ppyrjff2HJ+7KlPFJxXsME
eCF9z5/zPSQ46LNSvJ9iW9pMXVMeesJ9CIQkB8o2+IZI0bbAaG6Fm+nxXlVqb8vd
yusrijY5hH8jMHeEatE5Z4tc3Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:30 2025 by rpki-client