Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/uoF8xZQMNzn8Bqtx6Uq8F6Gd9is.roa
File: uoF8xZQMNzn8Bqtx6Uq8F6Gd9is.roa (raw, json)
Hash identifier: 7aSzhLa3F2CSUJ/gy8nM3F7nLJZ55j7YGRKKC8TnFKk=
Subject key identifier: BA:81:7C:C5:94:0C:37:39:FC:06:AB:71:E9:4A:BC:17:A1:9D:F6:2B
Certificate issuer: /CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Certificate serial: 09F65890
Authority key identifier: 8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/uoF8xZQMNzn8Bqtx6Uq8F6Gd9is.roa
Signing time: Tue 01 Mar 2022 11:08:32 +0000
ROA not before: Tue 01 Mar 2022 11:08:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207790
IP address blocks: 89.57.64.0/18 maxlen: 24
89.56.0.0/16 maxlen: 24
185.12.88.0/22 maxlen: 22
89.57.0.0/18 maxlen: 24
2a03:7840::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167139472 (0x9f65890)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Validity
Not Before: Mar 1 11:08:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba817cc5940c3739fc06ab71e94abc17a19df62b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:25:99:1e:c9:2b:70:db:cf:83:f7:d7:bd:3b:
20:31:2b:82:6f:d3:cc:f1:07:0f:14:9d:47:3d:61:
97:66:83:c6:c4:87:41:fd:e7:80:22:9f:35:44:c6:
bc:13:27:22:ea:ef:bb:cf:98:14:09:4d:8c:03:8e:
b0:83:1d:6e:70:12:f7:ff:be:a0:43:45:c3:9a:17:
c9:c3:dd:19:40:4d:a0:4e:86:80:90:ed:c0:49:d0:
4a:8a:a2:87:16:e1:e8:9d:2d:72:f3:f8:bf:cc:b9:
ad:5b:8c:04:dc:5f:10:a5:da:74:be:69:f8:20:62:
07:3a:e2:5c:87:c4:ac:aa:49:d7:d6:a9:6d:dd:53:
1b:15:58:dd:6e:f1:ab:2d:ae:02:83:85:06:87:23:
90:41:06:2a:bf:92:49:47:7a:d9:06:c2:da:d8:ff:
5c:d2:8d:d8:0c:35:ae:da:86:d3:92:13:67:e4:b4:
ce:5d:b9:fd:ba:c0:a6:c2:c6:77:b2:2e:aa:c3:b7:
92:ae:74:29:1c:d5:47:ef:e9:b1:3f:74:97:6d:14:
25:b8:59:33:a0:98:6a:bc:7e:85:ca:f4:16:af:65:
ca:88:4b:83:ba:ea:45:15:c0:52:3d:a6:32:39:25:
fb:22:b0:09:b8:84:12:59:b5:98:6a:35:f2:34:b2:
f9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:81:7C:C5:94:0C:37:39:FC:06:AB:71:E9:4A:BC:17:A1:9D:F6:2B
X509v3 Authority Key Identifier:
keyid:8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/uoF8xZQMNzn8Bqtx6Uq8F6Gd9is.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/i542u2_vkyj1GOSxBfwhLBUqjGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.56.0.0-89.57.127.255
185.12.88.0/22
IPv6:
2a03:7840::/29
Signature Algorithm: sha256WithRSAEncryption
86:72:7d:ff:4e:89:eb:0e:7d:40:b3:4b:61:f9:27:ca:ae:de:
64:06:47:a5:09:f2:26:c7:b7:a6:22:f5:a0:5d:af:28:17:e6:
18:c6:c3:75:94:13:8c:58:1f:98:ae:90:e0:d1:97:c2:1c:65:
21:35:7c:33:5e:60:b7:d8:49:9a:10:56:ff:57:2e:b5:5c:e9:
9f:8a:45:8c:a1:7c:6b:30:45:28:da:27:8c:24:d6:b5:d3:90:
f6:15:12:49:3a:65:cf:e9:2c:dc:23:ce:8a:90:b8:e4:46:1c:
8e:67:79:a7:ba:90:91:cc:b7:a1:28:09:93:4c:30:7e:de:e2:
7b:55:93:ea:9a:84:bf:a8:e0:d0:0f:01:eb:47:45:a3:fc:f4:
19:73:52:c9:44:67:7e:81:68:79:a2:f7:0c:2f:50:ca:d0:74:
65:29:23:c5:1c:42:bb:e8:da:12:c8:b6:9f:03:6f:66:e0:5f:
a6:0f:36:3b:14:7f:20:a1:85:44:3e:44:84:78:0c:5d:15:83:
02:4c:a5:61:b3:ea:e2:1c:a6:f5:4b:10:79:a6:39:3d:52:1b:
ad:43:d7:43:9c:5d:92:40:42:fb:ac:28:b7:71:92:8e:03:a9:
df:92:71:58:6f:e2:85:00:16:88:cc:55:f9:f0:a9:3a:18:86:
8c:27:ab:4a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECfZYkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YjllMzZiYjZmZWY5MzI4ZjUxOGU0YjEwNWZjMjEyYzE1MmE4YzY4MB4XDTIyMDMw
MTExMDgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE4MTdjYzU5NDBj
MzczOWZjMDZhYjcxZTk0YWJjMTdhMTlkZjYyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI4lmR7JK3Dbz4P31707IDErgm/TzPEHDxSdRz1hl2aDxsSH
Qf3ngCKfNUTGvBMnIurvu8+YFAlNjAOOsIMdbnAS9/++oENFw5oXycPdGUBNoE6G
gJDtwEnQSoqihxbh6J0tcvP4v8y5rVuMBNxfEKXadL5p+CBiBzriXIfErKpJ19ap
bd1TGxVY3W7xqy2uAoOFBocjkEEGKr+SSUd62QbC2tj/XNKN2Aw1rtqG05ITZ+S0
zl25/brApsLGd7IuqsO3kq50KRzVR+/psT90l20UJbhZM6CYarx+hcr0Fq9lyohL
g7rqRRXAUj2mMjkl+yKwCbiEElm1mGo18jSy+aMCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBS6gXzFlAw3OfwGq3HpSrwXoZ32KzAfBgNVHSMEGDAWgBSLnja7b++TKPUY
5LEF/CEsFSqMaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k1NDJ1Ml92a3lqMUdPU3hCZndoTEJVcWpHZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvNGEwZThkLTBiYmUtNDIxMy05OGIxLTFhMTE2YTUzNDQ4My8x
L3VvRjh4WlFNTnpuOEJxdHg2VXE4RjZHZDlpcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
NGEwZThkLTBiYmUtNDIxMy05OGIxLTFhMTE2YTUzNDQ4My8xL2k1NDJ1Ml92a3lq
MUdPU3hCZndoTEJVcWpHZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowGQQCAAEwEzALAwMDWTgDBAdZOQADBAK5DFgwDQQC
AAIwBwMFAyoDeEAwDQYJKoZIhvcNAQELBQADggEBAIZyff9OiesOfUCzS2H5J8qu
3mQGR6UJ8ibHt6Yi9aBdrygX5hjGw3WUE4xYH5iukODRl8IcZSE1fDNeYLfYSZoQ
Vv9XLrVc6Z+KRYyhfGswRSjaJ4wk1rXTkPYVEkk6Zc/pLNwjzoqQuORGHI5neae6
kJHMt6EoCZNMMH7e4ntVk+qahL+o4NAPAetHRaP89BlzUslEZ36BaHmi9wwvUMrQ
dGUpI8UcQrvo2hLItp8Db2bgX6YPNjsUfyChhUQ+RIR4DF0VgwJMpWGz6uIcpvVL
EHmmOT1SG61D10OcXZJAQvusKLdxko4Dqd+ScVhv4oUAFojMVfnwqToYhownq0o=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:27 2025 by rpki-client