Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/eaa00mVbCrSKOvfVlikUTQopTPA.roa
File: eaa00mVbCrSKOvfVlikUTQopTPA.roa (raw, json)
Hash identifier: kLuNqSaiwYwfI23L9GFGOEoYTlQn8jPlvbmOYKtEgi4=
Subject key identifier: 79:A6:B4:D2:65:5B:0A:B4:8A:3A:F7:D5:96:29:14:4D:0A:29:4C:F0
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 0182D07096A79128565AC33055170B8F19E6
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/eaa00mVbCrSKOvfVlikUTQopTPA.roa
Signing time: Wed 24 Aug 2022 15:20:15 +0000
ROA not before: Wed 24 Aug 2022 15:20:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25319
IP address blocks: 89.32.224.0/20 maxlen: 24
89.32.226.0/24 maxlen: 24
185.108.181.0/24 maxlen: 24
185.108.180.0/22 maxlen: 24
185.108.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d0:70:96:a7:91:28:56:5a:c3:30:55:17:0b:8f:19:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Aug 24 15:20:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79a6b4d2655b0ab48a3af7d59629144d0a294cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:6b:9a:5f:a7:42:83:c2:4b:cc:d5:c7:a3:4a:
05:5b:0e:09:56:59:0e:d5:c2:99:78:6d:b6:84:0e:
d9:2c:b5:61:dd:b0:48:1e:f4:51:6d:2c:4b:30:4f:
15:8b:bc:50:c3:b6:5e:d9:5c:fa:7a:cf:50:06:db:
e1:fa:3f:07:d5:d6:e5:d0:55:81:d1:ad:67:29:ac:
f3:26:0c:4b:19:3e:68:4b:ba:f7:d3:4e:ac:ed:36:
94:2e:cd:db:e5:ea:86:67:0e:87:a0:26:30:ac:f0:
24:69:0b:3c:08:66:7f:72:c2:9f:2e:01:69:e2:cf:
6c:ad:a3:10:90:59:cb:cd:15:34:8f:c3:00:23:c0:
92:4b:9d:30:a9:f9:57:bd:bc:be:ce:f3:66:0e:84:
6c:30:28:55:b5:e9:18:36:23:55:02:8f:d4:80:33:
23:c3:cc:e4:6c:60:88:9a:ef:3a:6d:73:be:27:83:
d6:b3:b9:00:18:be:4c:f4:85:b6:f3:8b:7a:92:af:
5a:17:c6:c3:cb:04:5f:df:f1:64:d1:43:bf:0c:05:
b1:c0:cd:2a:27:bf:be:7c:ac:44:1d:bd:d0:41:cc:
ad:09:9b:8c:2f:a6:50:a6:d6:f9:2c:65:8e:e9:ad:
91:62:5e:0c:6d:76:4a:6c:e7:4d:89:78:a4:58:14:
17:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A6:B4:D2:65:5B:0A:B4:8A:3A:F7:D5:96:29:14:4D:0A:29:4C:F0
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/eaa00mVbCrSKOvfVlikUTQopTPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.224.0/20
185.108.180.0/22
Signature Algorithm: sha256WithRSAEncryption
29:b0:4e:33:0c:3d:86:a0:5f:60:df:f1:ea:de:bc:07:61:fa:
ae:6a:ca:0f:56:7a:4a:ff:4b:80:12:d7:7b:8e:62:14:15:fe:
0d:d2:db:0d:a3:3f:14:23:09:f5:95:16:8f:b6:01:da:4a:25:
c6:0d:10:4f:93:4a:9f:3a:64:3c:ae:bb:7c:56:c1:a8:95:f9:
47:6b:eb:b0:66:30:ad:43:13:ca:e1:5c:9d:17:6a:9e:ea:57:
ce:a2:73:ad:4f:bc:a2:2a:44:e6:78:3d:84:56:4b:93:76:4c:
4c:5d:42:17:53:89:0a:5f:19:6f:cf:48:55:65:f7:41:fe:e9:
19:70:73:ba:03:5a:3a:e9:2a:ca:de:25:21:a8:1e:9b:33:55:
0a:aa:76:a3:33:25:c5:5c:31:1e:ad:dc:4f:31:05:0f:4c:ca:
6c:1d:7d:8c:07:0a:70:45:8f:46:61:6c:c8:cf:7b:dd:82:96:
c0:a7:36:1e:25:48:cb:f3:ab:af:0b:10:ea:ba:f2:19:6b:0e:
d6:6d:61:f1:1c:fc:21:37:3a:64:58:d1:3a:f1:04:c3:f9:ce:
3f:44:e0:03:12:48:2e:27:4e:21:a8:f0:fa:72:2c:c3:01:2a:
9e:31:21:dd:e2:85:3c:bc:c0:29:4d:92:10:a2:ab:0d:b5:94:
0d:9b:f6:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLQcJankShWWsMwVRcLjxnmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNDRlNjA5ZTM2MTkxM2UzYzNiMGE3OGQ3NDg2YWE0NWI1
NjI0MDEwHhcNMjIwODI0MTUyMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWE2YjRkMjY1NWIwYWI0OGEzYWY3ZDU5NjI5MTQ0ZDBhMjk0Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmuaX6dCg8JLzNXHo0oFWw4JVlkO
1cKZeG22hA7ZLLVh3bBIHvRRbSxLME8Vi7xQw7Ze2Vz6es9QBtvh+j8H1dbl0FWB
0a1nKazzJgxLGT5oS7r3006s7TaULs3b5eqGZw6HoCYwrPAkaQs8CGZ/csKfLgFp
4s9sraMQkFnLzRU0j8MAI8CSS50wqflXvby+zvNmDoRsMChVtekYNiNVAo/UgDMj
w8zkbGCImu86bXO+J4PWs7kAGL5M9IW284t6kq9aF8bDywRf3/Fk0UO/DAWxwM0q
J7++fKxEHb3QQcytCZuML6ZQptb5LGWO6a2RYl4MbXZKbOdNiXikWBQXqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHmmtNJlWwq0ijr31ZYpFE0KKUzwMB8GA1UdIwQY
MBaAFDFE5gnjYZE+PDsKeNdIaqRbViQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYt
Nzc1ODg4YTg3MTk0LzEvZWFhMDBtVmJDclNLT3ZmVmxpa1VUUW9wVFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYtNzc1ODg4YTg3MTk0
LzEvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEWSDgAwQC
uWy0MA0GCSqGSIb3DQEBCwUAA4IBAQApsE4zDD2GoF9g3/Hq3rwHYfquasoPVnpK
/0uAEtd7jmIUFf4N0tsNoz8UIwn1lRaPtgHaSiXGDRBPk0qfOmQ8rrt8VsGolflH
a+uwZjCtQxPK4VydF2qe6lfOonOtT7yiKkTmeD2EVkuTdkxMXUIXU4kKXxlvz0hV
ZfdB/ukZcHO6A1o66SrK3iUhqB6bM1UKqnajMyXFXDEerdxPMQUPTMpsHX2MBwpw
RY9GYWzIz3vdgpbApzYeJUjL86uvCxDquvIZaw7WbWHxHPwhNzpkWNE68QTD+c4/
ROADEkguJ04hqPD6cizDASqeMSHd4oU8vMApTZIQoqsNtZQNm/ax
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:08 2023 by rpki-client on console-ams.rpki-client.org