Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/89QHDis4kAurIxT0piaFW6FKs-I.roa
File: 89QHDis4kAurIxT0piaFW6FKs-I.roa (raw, json)
Hash identifier: o6RNgVytWliGFvR4hhNf2SkAwltMmVpUTP32bsLcGH0=
Subject key identifier: F3:D4:07:0E:2B:38:90:0B:AB:23:14:F4:A6:26:85:5B:A1:4A:B3:E2
Certificate issuer: /CN=428e828829846f63465a37447ece3a746a48dd6c
Certificate serial: 17787D60
Authority key identifier: 42:8E:82:88:29:84:6F:63:46:5A:37:44:7E:CE:3A:74:6A:48:DD:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/89QHDis4kAurIxT0piaFW6FKs-I.roa
Signing time: Sat 01 Jan 2022 15:06:25 +0000
ROA not before: Sat 01 Jan 2022 15:06:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59962
IP address blocks: 185.64.178.0/23 maxlen: 23
185.64.176.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 393772384 (0x17787d60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=428e828829846f63465a37447ece3a746a48dd6c
Validity
Not Before: Jan 1 15:06:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3d4070e2b38900bab2314f4a626855ba14ab3e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7f:30:a8:3b:6a:ac:57:6b:59:df:e6:36:4e:
8f:8a:82:c5:a7:e2:ae:47:07:ca:cd:3d:23:5e:3e:
b4:19:58:4d:78:cf:d5:d4:a9:65:45:a6:30:5b:47:
0b:ad:43:b3:98:4f:fe:13:a2:e6:f0:ad:7a:ae:a0:
b5:59:38:08:53:d3:a9:18:63:d0:ab:2a:26:ed:25:
1c:c2:1c:48:1d:2e:9b:5a:37:8f:e6:c4:1c:13:28:
8f:71:b6:ab:04:8e:f9:37:7e:b2:2f:37:5e:1e:df:
50:37:dd:7e:f7:f3:ca:27:3d:4b:a8:ed:9f:4c:13:
24:52:d2:66:25:6a:d5:ef:2f:59:5a:57:e1:9a:7c:
91:67:b6:38:7b:c3:c9:05:13:10:66:c9:b3:f4:74:
d7:c8:f5:5d:4c:d1:1b:1c:cc:19:e2:87:79:fb:73:
08:62:ca:55:02:95:26:09:14:5f:79:5c:b2:61:ba:
81:8c:a2:e3:d3:92:fb:cf:8f:a7:58:95:64:61:f4:
29:3b:55:d1:37:c7:96:28:86:4b:43:6f:b5:1f:cc:
79:54:cb:9c:11:e4:3d:9e:60:40:99:c9:22:64:d3:
8d:d2:23:55:ed:4a:1c:25:09:a4:ec:3c:1f:55:0e:
a9:41:69:44:0d:b7:11:81:8f:b5:fe:c4:76:71:8f:
23:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D4:07:0E:2B:38:90:0B:AB:23:14:F4:A6:26:85:5B:A1:4A:B3:E2
X509v3 Authority Key Identifier:
keyid:42:8E:82:88:29:84:6F:63:46:5A:37:44:7E:CE:3A:74:6A:48:DD:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/89QHDis4kAurIxT0piaFW6FKs-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/c5bb63-30bf-48c8-a433-a2f67f2bf950/1/Qo6CiCmEb2NGWjdEfs46dGpI3Ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.176.0/22
Signature Algorithm: sha256WithRSAEncryption
34:ae:24:63:d5:3a:d9:c2:32:50:93:ed:88:da:9d:a4:a0:c5:
95:19:20:7a:f2:79:f7:44:65:f7:e3:76:68:25:4c:67:90:6c:
48:36:db:72:06:68:ef:2d:c5:6d:1a:6d:e8:5a:66:7e:07:5d:
e5:e0:d5:84:78:89:4c:24:95:a1:1c:f5:1c:3f:43:02:f3:aa:
28:e4:c6:bf:b5:af:f8:60:29:6c:05:aa:fc:1b:29:88:ca:2b:
60:8f:ff:3b:44:dd:a0:f7:85:4b:2f:af:47:0f:65:d5:49:e4:
45:c2:aa:38:83:15:48:c8:33:08:8b:9b:63:9a:a9:38:a2:cb:
20:e0:c7:bb:cd:69:b7:55:98:55:c8:0e:db:de:47:87:88:79:
b2:cd:65:3c:a6:ab:37:ff:05:54:60:fc:ce:c9:79:3b:a5:fc:
de:5c:57:af:f9:21:c8:de:ae:fd:68:c0:dc:0b:52:9a:2f:5b:
77:0a:49:3e:89:01:6c:c0:b1:c0:ef:e4:c0:c5:57:0d:e0:2d:
4d:f5:20:ac:f0:e1:b7:42:c7:48:aa:29:77:fc:02:05:fe:14:
e7:33:45:3a:0c:f3:92:a0:43:f0:a4:16:23:1e:0e:39:bf:89:
21:18:c5:bf:69:2c:a4:03:28:e5:d2:c9:13:2d:4a:a8:4f:cc:
28:4b:0e:b1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF3h9YDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjhlODI4ODI5ODQ2ZjYzNDY1YTM3NDQ3ZWNlM2E3NDZhNDhkZDZjMB4XDTIyMDEw
MTE1MDYyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNkNDA3MGUyYjM4
OTAwYmFiMjMxNGY0YTYyNjg1NWJhMTRhYjNlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKh/MKg7aqxXa1nf5jZOj4qCxafirkcHys09I14+tBlYTXjP
1dSpZUWmMFtHC61Ds5hP/hOi5vCteq6gtVk4CFPTqRhj0KsqJu0lHMIcSB0um1o3
j+bEHBMoj3G2qwSO+Td+si83Xh7fUDfdfvfzyic9S6jtn0wTJFLSZiVq1e8vWVpX
4Zp8kWe2OHvDyQUTEGbJs/R018j1XUzRGxzMGeKHeftzCGLKVQKVJgkUX3lcsmG6
gYyi49OS+8+Pp1iVZGH0KTtV0TfHliiGS0NvtR/MeVTLnBHkPZ5gQJnJImTTjdIj
Ve1KHCUJpOw8H1UOqUFpRA23EYGPtf7EdnGPI+MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTz1AcOKziQC6sjFPSmJoVboUqz4jAfBgNVHSMEGDAWgBRCjoKIKYRvY0Za
N0R+zjp0akjdbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FvNkNpQ21FYjJOR1dqZEVmczQ2ZEdwSTNXdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvYzViYjYzLTMwYmYtNDhjOC1hNDMzLWEyZjY3ZjJiZjk1MC8x
Lzg5UUhEaXM0a0F1ckl4VDBwaWFGVzZGS3MtSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
YzViYjYzLTMwYmYtNDhjOC1hNDMzLWEyZjY3ZjJiZjk1MC8xL1FvNkNpQ21FYjJO
R1dqZEVmczQ2ZEdwSTNXdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlAsDANBgkqhkiG9w0BAQsFAAOC
AQEANK4kY9U62cIyUJPtiNqdpKDFlRkgevJ590Rl9+N2aCVMZ5BsSDbbcgZo7y3F
bRpt6Fpmfgdd5eDVhHiJTCSVoRz1HD9DAvOqKOTGv7Wv+GApbAWq/BspiMorYI//
O0TdoPeFSy+vRw9l1UnkRcKqOIMVSMgzCIubY5qpOKLLIODHu81pt1WYVcgO295H
h4h5ss1lPKarN/8FVGD8zsl5O6X83lxXr/khyN6u/WjA3AtSmi9bdwpJPokBbMCx
wO/kwMVXDeAtTfUgrPDht0LHSKopd/wCBf4U5zNFOgzzkqBD8KQWIx4OOb+JIRjF
v2kspAMo5dLJEy1KqE/MKEsOsQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:12:28 2025 by rpki-client