Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/C8BYMpz0Gh7N1Zsq6DlE1k9pxVc.roa
File: C8BYMpz0Gh7N1Zsq6DlE1k9pxVc.roa (raw, json)
Hash identifier: 5oQF8XznDLBBFz/9/+CGjtUFnoWAkpxCid08UGZsxPw=
Subject key identifier: 0B:C0:58:32:9C:F4:1A:1E:CD:D5:9B:2A:E8:39:44:D6:4F:69:C5:57
Certificate issuer: /CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Certificate serial: 09750EA5
Authority key identifier: 8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/C8BYMpz0Gh7N1Zsq6DlE1k9pxVc.roa
Signing time: Sat 01 Jan 2022 08:54:13 +0000
ROA not before: Sat 01 Jan 2022 08:54:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207790
IP address blocks: 89.56.0.0/16 maxlen: 24
185.12.88.0/22 maxlen: 22
89.57.0.0/18 maxlen: 24
2a03:7840::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158666405 (0x9750ea5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Validity
Not Before: Jan 1 08:54:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bc058329cf41a1ecdd59b2ae83944d64f69c557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:fe:83:20:49:32:f2:a5:52:24:eb:d4:ff:69:
bc:00:cc:14:a8:d9:ba:86:aa:51:e5:fe:07:0c:4b:
a1:16:de:6a:74:75:82:8a:26:2b:51:4a:7e:ff:6f:
33:27:d3:79:37:2a:a5:fe:65:fd:2a:21:ba:7f:8b:
0f:25:0b:bd:0d:5c:e0:0e:51:ae:e2:14:f4:0c:3d:
c7:c9:92:2e:06:76:d2:3a:fa:89:81:88:6b:e3:a8:
6a:1c:31:31:39:51:99:e0:7d:21:30:fd:c3:59:06:
66:ad:b8:8e:52:b7:52:02:f4:89:0b:56:cb:06:ac:
23:b6:ad:68:3d:20:06:d4:d5:8c:4f:1c:90:0e:2d:
3c:8c:eb:a3:94:80:1a:d2:3c:c7:76:90:36:26:92:
f2:db:a3:00:7e:7e:2e:a0:68:91:6e:fc:dc:3b:00:
c5:2d:4a:ec:ff:c9:74:8a:8c:03:e8:0d:65:67:ad:
68:51:cd:81:1e:aa:87:2c:45:82:39:64:45:38:bb:
b4:ac:d7:50:e8:d8:4e:6c:87:4e:8f:d8:96:e8:5a:
21:36:d9:89:43:9a:87:a2:d3:8c:7c:b5:06:c3:02:
7b:6b:be:1d:ea:e4:f9:4e:fc:b3:33:33:c0:fc:dc:
27:1d:4e:53:b2:7a:f9:29:f8:0a:5e:40:e5:4c:81:
bb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:C0:58:32:9C:F4:1A:1E:CD:D5:9B:2A:E8:39:44:D6:4F:69:C5:57
X509v3 Authority Key Identifier:
keyid:8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/C8BYMpz0Gh7N1Zsq6DlE1k9pxVc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/i542u2_vkyj1GOSxBfwhLBUqjGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.56.0.0-89.57.63.255
185.12.88.0/22
IPv6:
2a03:7840::/29
Signature Algorithm: sha256WithRSAEncryption
94:b3:5e:2a:ca:11:9e:00:c8:d2:bb:67:eb:4c:06:55:b0:b7:
8e:7a:d2:65:f1:e7:d5:87:5b:6a:b7:5c:45:2c:c5:7e:9b:97:
e4:ba:ac:0a:11:56:20:7b:92:ef:85:a2:78:da:46:20:67:8c:
e3:7b:e7:04:2d:a7:46:34:d1:66:b3:b0:b0:c2:83:76:38:9c:
6d:10:f7:97:b4:14:c5:41:81:21:9b:5d:ae:27:27:5e:fe:1a:
eb:67:00:b5:07:f6:32:ee:65:ee:cf:d7:4a:f8:47:96:f2:c1:
f6:71:ef:e7:d7:cf:4b:d8:49:02:b2:a9:24:d3:ab:03:4d:da:
f1:ff:2a:cd:0e:b5:04:75:7c:d7:fa:fe:6e:c1:be:f4:2d:70:
42:bf:e4:d5:71:5c:f3:3d:ab:ae:e7:52:68:0b:8d:1a:6b:81:
ec:64:01:f9:28:05:e6:c0:08:6d:f2:85:58:b8:51:ea:fa:ba:
91:c4:06:6c:9d:ef:46:09:d9:7b:24:7c:ba:9f:73:d4:62:37:
8e:e0:b0:e3:bb:4f:e8:5c:4d:43:e0:21:ec:71:15:11:ac:bf:
8b:2e:14:e9:c8:41:5e:c9:43:ad:e7:1f:c0:f3:f8:64:b7:00:
09:9a:01:55:dd:2e:9e:08:20:e2:54:21:47:89:ed:d7:b9:4f:
c7:da:72:26
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECXUOpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YjllMzZiYjZmZWY5MzI4ZjUxOGU0YjEwNWZjMjEyYzE1MmE4YzY4MB4XDTIyMDEw
MTA4NTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGJjMDU4MzI5Y2Y0
MWExZWNkZDU5YjJhZTgzOTQ0ZDY0ZjY5YzU1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANT+gyBJMvKlUiTr1P9pvADMFKjZuoaqUeX+BwxLoRbeanR1
goomK1FKfv9vMyfTeTcqpf5l/Sohun+LDyULvQ1c4A5RruIU9Aw9x8mSLgZ20jr6
iYGIa+OoahwxMTlRmeB9ITD9w1kGZq24jlK3UgL0iQtWywasI7ataD0gBtTVjE8c
kA4tPIzro5SAGtI8x3aQNiaS8tujAH5+LqBokW783DsAxS1K7P/JdIqMA+gNZWet
aFHNgR6qhyxFgjlkRTi7tKzXUOjYTmyHTo/YluhaITbZiUOah6LTjHy1BsMCe2u+
Herk+U78szMzwPzcJx1OU7J6+Sn4Cl5A5UyBu/cCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQLwFgynPQaHs3VmyroOUTWT2nFVzAfBgNVHSMEGDAWgBSLnja7b++TKPUY
5LEF/CEsFSqMaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k1NDJ1Ml92a3lqMUdPU3hCZndoTEJVcWpHZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvNGEwZThkLTBiYmUtNDIxMy05OGIxLTFhMTE2YTUzNDQ4My8x
L0M4QllNcHowR2g3TjFac3E2RGxFMWs5cHhWYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
NGEwZThkLTBiYmUtNDIxMy05OGIxLTFhMTE2YTUzNDQ4My8xL2k1NDJ1Ml92a3lq
MUdPU3hCZndoTEJVcWpHZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowGQQCAAEwEzALAwMDWTgDBAZZOQADBAK5DFgwDQQC
AAIwBwMFAyoDeEAwDQYJKoZIhvcNAQELBQADggEBAJSzXirKEZ4AyNK7Z+tMBlWw
t4560mXx59WHW2q3XEUsxX6bl+S6rAoRViB7ku+FonjaRiBnjON75wQtp0Y00Waz
sLDCg3Y4nG0Q95e0FMVBgSGbXa4nJ17+GutnALUH9jLuZe7P10r4R5bywfZx7+fX
z0vYSQKyqSTTqwNN2vH/Ks0OtQR1fNf6/m7BvvQtcEK/5NVxXPM9q67nUmgLjRpr
gexkAfkoBebACG3yhVi4Uer6upHEBmyd70YJ2XskfLqfc9RiN47gsOO7T+hcTUPg
IexxFRGsv4suFOnIQV7JQ63nH8Dz+GS3AAmaAVXdLp4IIOJUIUeJ7de5T8faciY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:10 2024 by rpki-client on console-fra.rpki-client.org