Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/j3ZS2lG4sBGUCzciuVaQuAQIrng.roa
File: j3ZS2lG4sBGUCzciuVaQuAQIrng.roa (raw, json)
Hash identifier: U3pvwZzLXRI6w8gsrJYyad68aWahNMbliIGwyMAgSNU=
Subject key identifier: 8F:76:52:DA:51:B8:B0:11:94:0B:37:22:B9:56:90:B8:04:08:AE:78
Certificate issuer: /CN=f061db4be695ea495a283bbe33022abd289d5ea8
Certificate serial: 01B15287
Authority key identifier: F0:61:DB:4B:E6:95:EA:49:5A:28:3B:BE:33:02:2A:BD:28:9D:5E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8GHbS-aV6klaKDu-MwIqvSidXqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/j3ZS2lG4sBGUCzciuVaQuAQIrng.roa
Signing time: Sat 01 Jan 2022 10:03:03 +0000
ROA not before: Sat 01 Jan 2022 10:03:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59441
IP address blocks: 185.89.22.0/24 maxlen: 24
2a07:7ec0::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28398215 (0x1b15287)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f061db4be695ea495a283bbe33022abd289d5ea8
Validity
Not Before: Jan 1 10:03:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f7652da51b8b011940b3722b95690b80408ae78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:33:b2:b7:ae:a2:07:36:18:9b:ec:27:93:02:
5a:f8:b0:61:18:71:3d:ea:32:96:1e:64:15:c6:36:
1a:72:c4:32:8f:00:fb:24:2f:2f:6f:97:18:91:03:
cf:d6:1a:46:eb:d1:56:f1:35:72:fb:fb:1c:e5:fe:
11:0e:6f:78:7b:c4:36:f8:75:5b:fe:f7:b4:dd:34:
9b:fd:45:de:25:ff:22:5c:9d:ec:de:38:b2:7b:71:
4f:44:40:c3:06:10:9a:a8:cb:f0:41:00:ca:2b:47:
f3:94:3e:3e:46:d8:d0:49:4e:b2:d1:38:ac:45:45:
a7:34:58:b4:58:b7:f2:3c:f8:b1:c5:80:bc:f1:ec:
2a:89:29:23:d6:a0:1b:46:b1:67:16:aa:ef:b5:fb:
a9:2b:eb:17:22:fa:10:e2:fa:25:a8:1a:fa:b8:62:
05:93:72:34:8d:96:5f:ec:c8:99:60:d9:70:1d:91:
df:b9:24:27:a1:51:ef:10:f6:60:e5:5d:5a:1a:ce:
52:5b:49:ea:ee:8a:2d:b6:82:51:04:e3:33:ed:51:
4b:df:19:45:f8:ee:c1:74:a3:17:bc:c0:4e:03:36:
83:09:fa:8d:6b:85:20:59:01:5e:79:5e:71:48:e7:
8b:15:ea:15:89:89:f8:42:13:f9:66:28:c3:3a:bf:
74:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:76:52:DA:51:B8:B0:11:94:0B:37:22:B9:56:90:B8:04:08:AE:78
X509v3 Authority Key Identifier:
keyid:F0:61:DB:4B:E6:95:EA:49:5A:28:3B:BE:33:02:2A:BD:28:9D:5E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8GHbS-aV6klaKDu-MwIqvSidXqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/j3ZS2lG4sBGUCzciuVaQuAQIrng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/25923b-f64e-4798-a37a-da3a3dee05d4/1/8GHbS-aV6klaKDu-MwIqvSidXqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.22.0/24
IPv6:
2a07:7ec0::/29
Signature Algorithm: sha256WithRSAEncryption
a1:ce:b7:9a:54:fd:0d:f9:ac:b9:0b:ae:c6:4f:c5:4a:6f:6f:
ca:5c:1c:fa:be:fc:de:a0:68:cc:1f:24:59:81:6f:ce:45:42:
61:55:5f:c9:88:c4:74:a1:52:b0:f5:5e:8c:93:08:22:71:50:
89:89:91:5a:ec:39:85:8a:6d:9c:e4:4a:90:f5:33:5e:07:67:
44:b8:63:ea:79:e1:0d:88:1b:b7:dc:00:93:a9:0e:15:8a:bd:
81:3f:f2:9b:22:d7:b2:15:2b:4b:d8:7f:62:55:48:b1:8f:68:
13:a5:71:f9:80:1a:2c:00:0a:fb:b0:f7:39:87:d3:ca:31:f8:
cf:9f:1c:c4:6f:ac:07:a2:7f:ea:d8:1b:ae:67:46:14:2f:a7:
76:50:78:65:ab:64:e2:80:4f:9d:23:7c:e4:be:30:f8:61:b4:
b9:a6:cf:ad:68:56:ba:4a:34:f6:ba:e2:bb:45:51:45:a8:09:
ad:cc:f2:da:d3:2e:9f:67:f8:38:8f:e5:b6:4e:5a:53:1a:87:
bc:a8:1b:b1:35:1b:a4:1e:db:d5:05:d1:1f:d4:59:c8:f7:a6:
6d:83:3d:98:7c:4e:e2:e5:1b:3b:f6:7d:b1:66:87:a3:2f:b4:
e7:51:d7:ba:43:93:96:11:c7:fc:14:03:30:98:d1:e7:90:44:
5d:54:f9:4b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAbFShzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MDYxZGI0YmU2OTVlYTQ5NWEyODNiYmUzMzAyMmFiZDI4OWQ1ZWE4MB4XDTIyMDEw
MTEwMDMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY3NjUyZGE1MWI4
YjAxMTk0MGIzNzIyYjk1NjkwYjgwNDA4YWU3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANozsreuogc2GJvsJ5MCWviwYRhxPeoylh5kFcY2GnLEMo8A
+yQvL2+XGJEDz9YaRuvRVvE1cvv7HOX+EQ5veHvENvh1W/73tN00m/1F3iX/Ilyd
7N44sntxT0RAwwYQmqjL8EEAyitH85Q+PkbY0ElOstE4rEVFpzRYtFi38jz4scWA
vPHsKokpI9agG0axZxaq77X7qSvrFyL6EOL6Jaga+rhiBZNyNI2WX+zImWDZcB2R
37kkJ6FR7xD2YOVdWhrOUltJ6u6KLbaCUQTjM+1RS98ZRfjuwXSjF7zATgM2gwn6
jWuFIFkBXnlecUjnixXqFYmJ+EIT+WYowzq/dLkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSPdlLaUbiwEZQLNyK5VpC4BAiueDAfBgNVHSMEGDAWgBTwYdtL5pXqSVoo
O74zAiq9KJ1eqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhHSGJTLWFWNmtsYUtEdS1Nd0lxdlNpZFhxZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWEvMjU5MjNiLWY2NGUtNDc5OC1hMzdhLWRhM2EzZGVlMDVkNC8x
L2ozWlMybEc0c0JHVUN6Y2l1VmFRdUFRSXJuZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWEv
MjU5MjNiLWY2NGUtNDc5OC1hMzdhLWRhM2EzZGVlMDVkNC8xLzhHSGJTLWFWNmts
YUtEdS1Nd0lxdlNpZFhxZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALlZFjANBAIAAjAHAwUDKgd+wDAN
BgkqhkiG9w0BAQsFAAOCAQEAoc63mlT9DfmsuQuuxk/FSm9vylwc+r783qBozB8k
WYFvzkVCYVVfyYjEdKFSsPVejJMIInFQiYmRWuw5hYptnORKkPUzXgdnRLhj6nnh
DYgbt9wAk6kOFYq9gT/ymyLXshUrS9h/YlVIsY9oE6Vx+YAaLAAK+7D3OYfTyjH4
z58cxG+sB6J/6tgbrmdGFC+ndlB4Zatk4oBPnSN85L4w+GG0uabPrWhWuko09rri
u0VRRagJrczy2tMun2f4OI/ltk5aUxqHvKgbsTUbpB7b1QXRH9RZyPembYM9mHxO
4uUbO/Z9sWaHoy+051HXukOTlhHH/BQDMJjR55BEXVT5Sw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:59 2025 by rpki-client