Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/8EsdGzt9zxhbQQe-kNlB2izk8aE.roa
File: 8EsdGzt9zxhbQQe-kNlB2izk8aE.roa (raw, json)
Hash identifier: UyhkP6yY/8IA8UYTHXa28gYp3Fiba/8FLug239eGq+Q=
Subject key identifier: F0:4B:1D:1B:3B:7D:CF:18:5B:41:07:BE:90:D9:41:DA:2C:E4:F1:A1
Certificate issuer: /CN=7826b604f6f8c03fe9df6c98e61f39eaed7555a5
Certificate serial: 0185728C8E827BA79869250A2B28DA323CCC
Authority key identifier: 78:26:B6:04:F6:F8:C0:3F:E9:DF:6C:98:E6:1F:39:EA:ED:75:55:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eCa2BPb4wD_p32yY5h856u11VaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/8EsdGzt9zxhbQQe-kNlB2izk8aE.roa
Signing time: Mon 02 Jan 2023 12:54:52 +0000
ROA not before: Mon 02 Jan 2023 12:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207442
IP address blocks: 185.89.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:8e:82:7b:a7:98:69:25:0a:2b:28:da:32:3c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7826b604f6f8c03fe9df6c98e61f39eaed7555a5
Validity
Not Before: Jan 2 12:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f04b1d1b3b7dcf185b4107be90d941da2ce4f1a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:83:55:d4:d2:9e:a8:74:4e:57:64:85:39:c4:
0e:cb:c9:47:db:73:6e:3b:ee:6c:5e:cd:c7:68:05:
fc:fe:11:55:5b:fe:f6:ce:2f:6d:09:8e:c9:b9:64:
11:22:d3:22:34:9c:b9:5c:f7:f1:c3:18:3a:2f:e6:
1a:84:a8:f0:2b:91:a9:37:88:45:e6:ae:4c:cc:cd:
ea:b1:bc:fe:98:d2:a3:00:df:7e:a6:e2:8f:c7:97:
40:76:de:ba:dd:65:40:22:c1:45:22:85:21:d6:93:
06:a1:b2:5b:13:88:8e:78:ca:02:2d:51:cb:7f:ef:
de:6a:3e:71:41:65:41:c0:3d:0e:41:f9:90:34:4c:
50:7f:77:6f:a5:a5:42:0d:6e:de:10:6f:3b:05:b7:
09:04:2f:ee:3d:da:09:df:17:a6:e1:36:6f:df:aa:
11:01:9c:36:b6:4a:e0:c3:6d:eb:0a:a4:93:ce:1f:
6e:fa:02:53:2d:17:dd:18:47:25:93:b9:1f:54:6d:
bb:fe:da:45:8c:ad:eb:f1:95:74:2e:08:41:1d:f9:
d0:19:03:7e:ab:5e:fa:72:49:b2:88:51:2f:fc:ab:
c2:7b:d7:b1:e2:4a:38:e9:2a:91:e4:9e:bf:93:83:
a4:7c:35:47:62:a6:9d:8d:64:85:93:c5:ac:db:ca:
68:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:4B:1D:1B:3B:7D:CF:18:5B:41:07:BE:90:D9:41:DA:2C:E4:F1:A1
X509v3 Authority Key Identifier:
keyid:78:26:B6:04:F6:F8:C0:3F:E9:DF:6C:98:E6:1F:39:EA:ED:75:55:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eCa2BPb4wD_p32yY5h856u11VaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/8EsdGzt9zxhbQQe-kNlB2izk8aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/c94c65-ea02-405a-bba7-ca0474adf373/1/eCa2BPb4wD_p32yY5h856u11VaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.98.0/24
Signature Algorithm: sha256WithRSAEncryption
33:27:8d:b9:91:1e:7a:15:49:0d:4b:ac:69:ba:9c:31:4e:bd:
21:26:b3:2c:6d:74:c8:17:0f:83:88:95:fb:ce:e5:b4:8a:89:
a8:a6:3f:9f:06:50:04:7f:73:26:43:78:1c:f8:c3:5d:4f:bc:
ee:50:bb:c8:01:56:ea:69:5e:c5:70:3c:6a:9e:1c:ce:a6:72:
6f:55:54:77:cf:04:22:e0:f0:ba:c6:ec:66:24:28:61:bb:49:
d1:9c:11:9d:66:0f:d9:ae:bc:d7:fe:08:4e:04:cd:17:fc:e6:
d3:1d:9a:79:f6:b4:09:1a:72:7c:24:ad:15:2b:44:ed:eb:be:
61:66:14:ba:78:9a:34:29:59:c0:34:53:7b:b4:57:95:60:2d:
8d:50:f2:21:7e:e9:ff:01:a2:8e:0d:41:bd:15:6d:b8:2f:9b:
eb:d4:dd:36:fd:33:51:f9:35:ae:5d:27:e5:cc:f2:fa:5d:6e:
91:0a:64:4c:1f:bb:63:cc:67:5a:39:ee:76:2c:e8:7f:36:d3:
c4:d0:00:0b:63:9c:71:e4:cf:d7:23:08:67:71:1c:2e:a1:61:
70:18:52:f1:4c:33:6c:79:f7:35:22:e6:25:5f:61:9c:27:6b:
e3:99:3c:c0:36:3d:66:08:6d:a0:b0:6a:dd:1c:6a:ba:2d:94:
f5:be:7b:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyjI6Ce6eYaSUKKyjaMjzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4MjZiNjA0ZjZmOGMwM2ZlOWRmNmM5OGU2MWYzOWVhZWQ3
NTU1YTUwHhcNMjMwMTAyMTI1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDRiMWQxYjNiN2RjZjE4NWI0MTA3YmU5MGQ5NDFkYTJjZTRmMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5oNV1NKeqHROV2SFOcQOy8lH23Nu
O+5sXs3HaAX8/hFVW/72zi9tCY7JuWQRItMiNJy5XPfxwxg6L+YahKjwK5GpN4hF
5q5MzM3qsbz+mNKjAN9+puKPx5dAdt663WVAIsFFIoUh1pMGobJbE4iOeMoCLVHL
f+/eaj5xQWVBwD0OQfmQNExQf3dvpaVCDW7eEG87BbcJBC/uPdoJ3xem4TZv36oR
AZw2tkrgw23rCqSTzh9u+gJTLRfdGEclk7kfVG27/tpFjK3r8ZV0LghBHfnQGQN+
q176ckmyiFEv/KvCe9ex4ko46SqR5J6/k4OkfDVHYqadjWSFk8Ws28pofQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBLHRs7fc8YW0EHvpDZQdos5PGhMB8GA1UdIwQY
MBaAFHgmtgT2+MA/6d9smOYfOertdVWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUNhMkJQYjR3RF9wMzJ5WTVoODU2dTExVmFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9jOTRjNjUtZWEwMi00MDVhLWJiYTct
Y2EwNDc0YWRmMzczLzEvOEVzZEd6dDl6eGhiUVFlLWtObEIyaXprOGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9jOTRjNjUtZWEwMi00MDVhLWJiYTctY2EwNDc0YWRmMzcz
LzEvZUNhMkJQYjR3RF9wMzJ5WTVoODU2dTExVmFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVliMA0G
CSqGSIb3DQEBCwUAA4IBAQAzJ425kR56FUkNS6xpupwxTr0hJrMsbXTIFw+DiJX7
zuW0iomopj+fBlAEf3MmQ3gc+MNdT7zuULvIAVbqaV7FcDxqnhzOpnJvVVR3zwQi
4PC6xuxmJChhu0nRnBGdZg/ZrrzX/ghOBM0X/ObTHZp59rQJGnJ8JK0VK0Tt675h
ZhS6eJo0KVnANFN7tFeVYC2NUPIhfun/AaKODUG9FW24L5vr1N02/TNR+TWuXSfl
zPL6XW6RCmRMH7tjzGdaOe52LOh/NtPE0AALY5xx5M/XIwhncRwuoWFwGFLxTDNs
efc1IuYlX2GcJ2vjmTzANj1mCG2gsGrdHGq6LZT1vnvu
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:08:36 2025 by rpki-client