Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/iauEigx3XU7xwgfMgGD5EW8pgMw.roa
File: iauEigx3XU7xwgfMgGD5EW8pgMw.roa (raw, json)
Hash identifier: isvHWmM9SjmEYoJTP3It2g0IxFxVGIvaVjTMd/10j8c=
Subject key identifier: 89:AB:84:8A:0C:77:5D:4E:F1:C2:07:CC:80:60:F9:11:6F:29:80:CC
Certificate issuer: /CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Certificate serial: 0182A12D45E65929F861F50B683CB13DCA9B
Authority key identifier: AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/iauEigx3XU7xwgfMgGD5EW8pgMw.roa
Signing time: Mon 15 Aug 2022 11:04:34 +0000
ROA not before: Mon 15 Aug 2022 11:04:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48469
IP address blocks: 185.247.96.0/24 maxlen: 24
185.247.99.0/24 maxlen: 24
94.127.56.0/22 maxlen: 22
2a02:2188:1000::/36 maxlen: 36
2a02:2188:f000::/36 maxlen: 36
2a02:2188::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a1:2d:45:e6:59:29:f8:61:f5:0b:68:3c:b1:3d:ca:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acbe212a2f1a119ef64ab62e1a96d711524c8bc7
Validity
Not Before: Aug 15 11:04:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89ab848a0c775d4ef1c207cc8060f9116f2980cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2c:69:a6:60:c9:e1:40:26:45:ec:de:cb:ba:
1d:d5:c4:58:3f:af:39:1d:0e:f8:34:1d:9a:e9:00:
0e:44:3b:c1:51:1a:6d:61:52:ca:b7:dc:6d:a1:b1:
26:1b:11:33:bb:59:50:a7:d7:01:e5:69:24:07:b2:
88:7a:40:77:6b:aa:62:71:a3:90:63:d2:cf:6a:11:
62:ef:ca:9c:57:90:cd:9d:e1:33:2a:5d:a6:07:bb:
af:05:ef:f4:fc:9e:5a:07:c7:25:3d:1c:ab:27:81:
b2:cb:81:c3:0f:b8:f9:dc:96:5f:d0:65:8d:25:96:
ea:f7:4e:3a:97:2d:42:7d:79:6d:9f:f3:a2:ce:43:
32:bd:49:91:85:89:3f:f8:1a:c2:38:6e:68:dc:3f:
45:d7:aa:85:fb:bf:9e:c1:78:06:e8:8a:44:51:b9:
6b:4c:bc:62:fe:92:73:8c:ab:7a:c2:39:6f:78:c0:
e2:f2:a4:c8:a1:70:38:76:48:51:0e:7f:93:1d:dd:
ce:7a:d9:7b:b8:9e:da:c6:86:89:8e:f7:c9:c1:65:
91:5c:ef:f4:a2:09:b2:3e:65:1b:ea:21:10:21:bc:
91:fa:70:40:ce:26:63:20:5d:a8:9c:fc:d7:f3:79:
1a:b8:05:7d:ea:2d:58:49:78:02:fe:fa:56:c8:74:
b5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AB:84:8A:0C:77:5D:4E:F1:C2:07:CC:80:60:F9:11:6F:29:80:CC
X509v3 Authority Key Identifier:
keyid:AC:BE:21:2A:2F:1A:11:9E:F6:4A:B6:2E:1A:96:D7:11:52:4C:8B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rL4hKi8aEZ72SrYuGpbXEVJMi8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/iauEigx3XU7xwgfMgGD5EW8pgMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/c5a159-8568-4945-8026-23c338680771/1/rL4hKi8aEZ72SrYuGpbXEVJMi8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.56.0/22
185.247.96.0/24
185.247.99.0/24
IPv6:
2a02:2188::/48
2a02:2188:1000::/36
2a02:2188:f000::/36
Signature Algorithm: sha256WithRSAEncryption
63:d5:6a:4d:9a:b6:96:57:60:af:90:db:e8:f4:c9:86:3d:f3:
31:cf:c8:83:29:80:41:14:4f:c1:a4:b0:a1:53:c1:54:01:9a:
ab:ea:bc:65:95:80:16:02:5e:79:64:38:39:27:75:7f:72:bd:
76:3f:36:04:b7:7f:82:f4:f3:39:04:76:e6:24:86:14:c5:60:
95:bd:19:19:c3:8f:25:29:1f:38:e0:72:6e:bc:e6:73:cb:a2:
c3:a0:3f:42:73:da:1a:d4:5e:f8:0b:f0:af:79:dd:73:99:a7:
97:1e:82:58:50:92:f6:6f:17:d2:47:7f:ad:57:ac:97:bc:1d:
27:59:1d:23:e9:1c:74:d8:17:ca:34:f3:47:6d:54:89:64:72:
7e:bb:59:b9:50:7f:60:8e:27:48:9a:36:47:12:90:3a:7a:4b:
4e:cc:2b:0d:82:71:c8:10:0c:e3:40:71:e9:a4:d7:b3:c0:d4:
c5:d0:b1:dc:41:2c:00:4f:d0:00:80:6f:a0:56:33:9e:66:d9:
85:d6:5f:d9:f1:8a:0c:ad:9b:7b:97:ff:3d:25:94:62:42:3a:
3e:f7:82:05:37:62:1b:41:6c:aa:22:6d:d6:60:19:39:2c:a8:
df:50:76:19:ed:43:5f:29:3d:9e:21:d4:5e:4e:99:04:3c:87:
55:a5:0b:33
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYKhLUXmWSn4YfULaDyxPcqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYmUyMTJhMmYxYTExOWVmNjRhYjYyZTFhOTZkNzExNTI0
YzhiYzcwHhcNMjIwODE1MTEwNDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWFiODQ4YTBjNzc1ZDRlZjFjMjA3Y2M4MDYwZjkxMTZmMjk4MGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSxppmDJ4UAmRezey7od1cRYP685
HQ74NB2a6QAORDvBURptYVLKt9xtobEmGxEzu1lQp9cB5WkkB7KIekB3a6picaOQ
Y9LPahFi78qcV5DNneEzKl2mB7uvBe/0/J5aB8clPRyrJ4Gyy4HDD7j53JZf0GWN
JZbq9046ly1CfXltn/OizkMyvUmRhYk/+BrCOG5o3D9F16qF+7+ewXgG6IpEUblr
TLxi/pJzjKt6wjlveMDi8qTIoXA4dkhRDn+THd3Oetl7uJ7axoaJjvfJwWWRXO/0
ogmyPmUb6iEQIbyR+nBAziZjIF2onPzX83kauAV96i1YSXgC/vpWyHS1xQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFImrhIoMd11O8cIHzIBg+RFvKYDMMB8GA1UdIwQY
MBaAFKy+ISovGhGe9kq2LhqW1xFSTIvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckw0aEtpOGFFWjcyU3JZdUdwYlhFVkpNaThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jNWExNTktODU2OC00OTQ1LTgwMjYt
MjNjMzM4NjgwNzcxLzEvaWF1RWlneDNYVTd4d2dmTWdHRDVFVzhwZ013LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jNWExNTktODU2OC00OTQ1LTgwMjYtMjNjMzM4NjgwNzcx
LzEvckw0aEtpOGFFWjcyU3JZdUdwYlhFVkpNaThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAYBAIAATASAwQCXn84AwQA
ufdgAwQAufdjMB8EAgACMBkDBwAqAiGIAAADBgQqAiGIEAMGBCoCIYjwMA0GCSqG
SIb3DQEBCwUAA4IBAQBj1WpNmraWV2CvkNvo9MmGPfMxz8iDKYBBFE/BpLChU8FU
AZqr6rxllYAWAl55ZDg5J3V/cr12PzYEt3+C9PM5BHbmJIYUxWCVvRkZw48lKR84
4HJuvOZzy6LDoD9Cc9oa1F74C/Cved1zmaeXHoJYUJL2bxfSR3+tV6yXvB0nWR0j
6Rx02BfKNPNHbVSJZHJ+u1m5UH9gjidImjZHEpA6ektOzCsNgnHIEAzjQHHppNez
wNTF0LHcQSwAT9AAgG+gVjOeZtmF1l/Z8YoMrZt7l/89JZRiQjo+94IFN2IbQWyq
Im3WYBk5LKjfUHYZ7UNfKT2eIdReTpkEPIdVpQsz
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:21:05 2025 by rpki-client