Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/7JqhrGfhZTBzH1YO9OZXdIuMQOY.roa
File: 7JqhrGfhZTBzH1YO9OZXdIuMQOY.roa (raw, json)
Hash identifier: JMRKvhuPot4jvwGR8dydlxOWRmBzsQvXS5Ir8hIgNG8=
Subject key identifier: EC:9A:A1:AC:67:E1:65:30:73:1F:56:0E:F4:E6:57:74:8B:8C:40:E6
Certificate issuer: /CN=8c89801b19aa9728ad4f6bb7185c11f14b9d8d7c
Certificate serial: 018AD17652E3BE7A12E2B276388E32D3B6D9
Authority key identifier: 8C:89:80:1B:19:AA:97:28:AD:4F:6B:B7:18:5C:11:F1:4B:9D:8D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/7JqhrGfhZTBzH1YO9OZXdIuMQOY.roa
Signing time: Tue 26 Sep 2023 12:28:27 +0000
ROA not before: Tue 26 Sep 2023 12:28:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5500
IP address blocks: 85.119.112.0/21 maxlen: 21
80.92.144.0/20 maxlen: 20
88.82.128.0/19 maxlen: 19
195.206.192.0/19 maxlen: 19
217.22.80.0/20 maxlen: 20
195.72.113.0/24 maxlen: 24
195.128.250.0/23 maxlen: 23
2a00:1160::/29 maxlen: 29
2a05:aa40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:76:52:e3:be:7a:12:e2:b2:76:38:8e:32:d3:b6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c89801b19aa9728ad4f6bb7185c11f14b9d8d7c
Validity
Not Before: Sep 26 12:28:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ec9aa1ac67e16530731f560ef4e657748b8c40e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b9:13:1b:41:51:9f:27:2a:59:ed:8d:3b:aa:
53:6a:80:b2:62:9f:93:ca:71:00:7b:c1:a4:c6:93:
33:86:47:17:d5:ae:ac:b6:72:9e:f0:58:21:d9:70:
16:62:43:5a:b2:c7:24:a1:cd:9c:97:26:2c:46:42:
64:e3:15:44:66:43:ba:c2:fa:7d:d5:b2:c4:65:48:
95:e8:9f:48:5c:9c:fa:35:20:da:03:63:55:52:63:
ab:cc:bb:9e:a2:6d:72:b0:8e:95:59:20:5e:e5:77:
ba:09:85:12:e7:0d:3f:03:2b:c9:01:7e:0c:a3:98:
86:5c:11:5b:1d:ba:d4:52:de:ea:e9:ad:d4:22:4e:
ed:aa:e5:2e:d5:6c:28:1a:00:b0:88:79:6e:d9:9d:
3c:8a:77:c0:99:db:d3:84:88:43:77:45:33:9e:04:
ba:90:88:14:ef:c1:1e:23:dc:b7:56:9b:bd:de:2c:
b2:79:b1:f3:75:2b:fc:21:07:9d:42:79:60:4b:ed:
d2:b7:29:1c:b7:76:23:55:fc:1d:45:bf:21:b9:df:
77:b9:96:a9:21:a8:50:64:81:8a:27:cb:14:ac:09:
d1:37:34:a2:0a:02:0f:9b:05:4d:98:0b:76:e3:34:
08:f1:0d:55:a6:40:12:62:b1:91:84:d0:d1:82:3a:
45:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:9A:A1:AC:67:E1:65:30:73:1F:56:0E:F4:E6:57:74:8B:8C:40:E6
X509v3 Authority Key Identifier:
keyid:8C:89:80:1B:19:AA:97:28:AD:4F:6B:B7:18:5C:11:F1:4B:9D:8D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jImAGxmqlyitT2u3GFwR8UudjXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/7JqhrGfhZTBzH1YO9OZXdIuMQOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/3066ca-e017-4f61-adc5-728e9967daca/1/jImAGxmqlyitT2u3GFwR8UudjXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.92.144.0/20
85.119.112.0/21
88.82.128.0/19
195.72.113.0/24
195.128.250.0/23
195.206.192.0/19
217.22.80.0/20
IPv6:
2a00:1160::/29
2a05:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
73:7c:b9:73:0a:0f:4f:40:ab:c9:63:75:4f:7f:fc:24:72:7e:
7e:75:e3:09:33:2f:ee:08:50:e6:17:01:1f:c6:f4:bc:a2:b1:
f0:58:8f:74:e9:fc:7c:b1:f4:8f:40:09:0c:dc:24:bf:2d:68:
ba:89:f6:61:76:f7:9e:c2:41:47:91:29:c0:36:5b:62:27:27:
b8:51:98:36:19:4f:a2:7f:eb:2e:0a:54:c5:5e:31:5a:26:86:
22:e7:66:16:2d:85:58:2a:b1:2c:0b:b6:3d:85:f3:e6:85:fb:
be:4f:f3:82:89:2f:5b:1c:54:f7:b5:48:a7:48:63:d6:1b:8c:
f2:d4:5d:73:cf:6f:0a:90:71:30:d4:3e:40:04:eb:b3:d3:18:
d6:19:51:4e:ad:f5:f2:0e:4b:1c:76:46:7a:81:4c:bf:36:1f:
e6:6e:a2:da:e8:fc:3d:20:d2:61:10:0a:bc:23:a6:a3:d4:22:
12:19:3a:22:fe:5e:ee:63:57:ab:e1:ed:7c:ff:2f:cb:59:ad:
f6:58:4b:d5:06:80:c7:52:f9:d4:21:f9:c3:5c:e3:80:60:d5:
cd:08:7b:b7:35:a6:a9:b2:d0:70:10:ff:be:db:f7:29:47:2b:
df:38:43:66:49:d4:19:ea:ec:9e:68:53:27:d6:44:14:fd:77:
ea:e1:84:fe
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYrRdlLjvnoS4rJ2OI4y07bZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjODk4MDFiMTlhYTk3MjhhZDRmNmJiNzE4NWMxMWYxNGI5
ZDhkN2MwHhcNMjMwOTI2MTIyODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzlhYTFhYzY3ZTE2NTMwNzMxZjU2MGVmNGU2NTc3NDhiOGM0MGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrkTG0FRnycqWe2NO6pTaoCyYp+T
ynEAe8GkxpMzhkcX1a6stnKe8Fgh2XAWYkNassckoc2clyYsRkJk4xVEZkO6wvp9
1bLEZUiV6J9IXJz6NSDaA2NVUmOrzLueom1ysI6VWSBe5Xe6CYUS5w0/AyvJAX4M
o5iGXBFbHbrUUt7q6a3UIk7tquUu1WwoGgCwiHlu2Z08infAmdvThIhDd0UzngS6
kIgU78EeI9y3Vpu93iyyebHzdSv8IQedQnlgS+3Stykct3YjVfwdRb8hud93uZap
IahQZIGKJ8sUrAnRNzSiCgIPmwVNmAt24zQI8Q1VpkASYrGRhNDRgjpF5QIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFOyaoaxn4WUwcx9WDvTmV3SLjEDmMB8GA1UdIwQY
MBaAFIyJgBsZqpcorU9rtxhcEfFLnY18MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakltQUd4bXFseWl0VDJ1M0dGd1I4VXVkalh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8zMDY2Y2EtZTAxNy00ZjYxLWFkYzUt
NzI4ZTk5NjdkYWNhLzEvN0pxaHJHZmhaVEJ6SDFZTzlPWlhkSXVNUU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8zMDY2Y2EtZTAxNy00ZjYxLWFkYzUtNzI4ZTk5NjdkYWNh
LzEvakltQUd4bXFseWl0VDJ1M0dGd1I4VXVkalh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQEUFyQAwQD
VXdwAwQFWFKAAwQAw0hxAwQBw4D6AwQFw87AAwQE2RZQMBQEAgACMA4DBQMqABFg
AwUDKgWqQDANBgkqhkiG9w0BAQsFAAOCAQEAc3y5cwoPT0CryWN1T3/8JHJ+fnXj
CTMv7ghQ5hcBH8b0vKKx8FiPdOn8fLH0j0AJDNwkvy1ouon2YXb3nsJBR5EpwDZb
YicnuFGYNhlPon/rLgpUxV4xWiaGIudmFi2FWCqxLAu2PYXz5oX7vk/zgokvWxxU
97VIp0hj1huM8tRdc89vCpBxMNQ+QATrs9MY1hlRTq318g5LHHZGeoFMvzYf5m6i
2uj8PSDSYRAKvCOmo9QiEhk6Iv5e7mNXq+HtfP8vy1mt9lhL1QaAx1L51CH5w1zj
gGDVzQh7tzWmqbLQcBD/vtv3KUcr3zhDZknUGersnmhTJ9ZEFP136uGE/g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:31 2025 by rpki-client