Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/1-uDumgTiZAnsw6Z8Tb-DSQfJXk4.roa
File: 1-uDumgTiZAnsw6Z8Tb-DSQfJXk4.roa (raw, json)
Hash identifier: FXNtIcG7JWBOgv14xMYDhI55e7RcMMDBPDCT5yaKzzI=
Subject key identifier: FA:E0:EE:9A:04:E2:64:09:EC:C3:A6:7C:4D:BF:83:49:07:C9:5E:4E
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 02D2EE5F
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/1-uDumgTiZAnsw6Z8Tb-DSQfJXk4.roa
Signing time: Sat 01 Jan 2022 16:06:23 +0000
ROA not before: Sat 01 Jan 2022 16:06:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199883
IP address blocks: 89.36.220.0/22 maxlen: 24
89.38.144.0/22 maxlen: 24
94.177.252.0/22 maxlen: 24
94.177.248.0/22 maxlen: 24
185.58.224.0/22 maxlen: 24
217.61.16.0/21 maxlen: 24
89.40.120.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47378015 (0x2d2ee5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 1 16:06:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fae0ee9a04e26409ecc3a67c4dbf834907c95e4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:3c:7f:7e:43:ad:77:97:cd:32:aa:8c:32:0c:
5b:d7:cb:35:8c:0e:3f:ce:97:a7:82:a4:78:ba:be:
a9:f5:92:c9:e4:c2:2e:f7:05:43:ac:0d:9b:d0:14:
36:7e:9b:83:e2:1e:b7:4c:f2:45:bb:d4:05:b8:54:
8c:87:95:4d:32:12:16:da:ed:c8:57:bb:d8:b7:c4:
36:46:a1:a8:85:4e:26:95:fa:14:30:ac:65:b3:7d:
74:39:65:f3:d0:54:b6:08:88:40:83:9d:0b:93:99:
2e:8e:62:3e:05:82:d7:94:98:0b:6c:b9:1e:99:ef:
58:d3:ae:f0:c9:93:92:54:7b:8b:46:98:e1:af:99:
22:51:7f:83:35:4e:1a:34:c4:ef:50:7a:93:a2:50:
1c:8f:75:13:97:5d:91:fe:ab:24:7f:73:7b:dd:d2:
ca:23:38:b8:17:ff:07:5b:52:59:f5:20:ce:72:bc:
10:e6:07:13:04:a3:19:38:99:51:ef:c4:c9:22:43:
1d:e5:ff:88:b6:f4:7e:08:b4:9f:78:98:0b:85:d6:
50:df:fc:2a:81:9e:0a:f8:8c:e2:76:ad:3f:d6:3e:
d7:aa:55:c9:c9:b1:e2:de:79:e6:50:a4:62:12:8a:
e3:87:f4:ef:f8:83:c2:24:a2:a5:d9:ec:cd:0f:b8:
2e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E0:EE:9A:04:E2:64:09:EC:C3:A6:7C:4D:BF:83:49:07:C9:5E:4E
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/1-uDumgTiZAnsw6Z8Tb-DSQfJXk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.220.0/22
89.38.144.0/22
89.40.120.0/22
94.177.248.0/21
185.58.224.0/22
217.61.16.0/21
Signature Algorithm: sha256WithRSAEncryption
b3:17:0d:f8:cf:47:ad:de:b8:bb:d8:55:54:28:b2:5f:49:c2:
f9:3b:ca:80:ba:d0:75:b6:b0:56:31:b7:ed:d0:f6:c9:bc:f1:
37:16:4f:8b:06:45:31:77:1d:ca:3b:10:c2:40:f2:f6:98:51:
43:75:c4:f9:84:bb:18:d9:61:26:47:fd:2b:d6:6c:f6:ce:e2:
6c:7d:71:9f:47:88:a5:32:59:3b:15:9c:ce:b4:76:62:c5:35:
04:13:7f:1a:36:f9:70:23:f1:d1:05:2b:c0:e1:18:a1:43:3b:
94:8a:08:ee:27:b3:ea:98:76:c8:39:67:c4:b3:01:01:28:27:
a1:0a:1d:96:37:9c:a7:7c:de:d1:50:1f:dd:80:2e:5e:b6:f5:
bb:bc:c0:6b:3b:2d:dc:8b:db:e3:91:3c:f6:bd:14:e9:c1:c9:
ff:f2:38:a5:13:39:2b:c6:51:ba:d4:79:15:2b:d6:e6:ae:e4:
4b:b1:f8:5e:b2:cc:21:42:6e:09:fd:04:bf:75:69:0e:67:34:
4f:bc:7e:93:c5:bd:83:8f:ad:60:36:2f:37:f2:13:a7:7d:9f:
be:57:f5:d1:b3:d7:4d:0e:fb:65:bb:b4:09:e4:43:ac:53:42:
f0:ed:ba:ae:3e:84:f9:bf:41:bd:7a:a9:b9:aa:30:ff:44:97:
cb:38:02:5e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIEAtLuXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2NiNWNlY2MyMTNiOWY4NmRiYmE1MTg1MjFlODU0NmVjOTM4NjFjMB4XDTIyMDEw
MTE2MDYyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmFlMGVlOWEwNGUy
NjQwOWVjYzNhNjdjNGRiZjgzNDkwN2M5NWU0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOE8f35DrXeXzTKqjDIMW9fLNYwOP86Xp4KkeLq+qfWSyeTC
LvcFQ6wNm9AUNn6bg+Iet0zyRbvUBbhUjIeVTTISFtrtyFe72LfENkahqIVOJpX6
FDCsZbN9dDll89BUtgiIQIOdC5OZLo5iPgWC15SYC2y5HpnvWNOu8MmTklR7i0aY
4a+ZIlF/gzVOGjTE71B6k6JQHI91E5ddkf6rJH9ze93SyiM4uBf/B1tSWfUgznK8
EOYHEwSjGTiZUe/EySJDHeX/iLb0fgi0n3iYC4XWUN/8KoGeCviM4natP9Y+16pV
ycmx4t555lCkYhKK44f07/iDwiSipdnszQ+4LsMCAwEAAaOCAigwggIkMB0GA1Ud
DgQWBBT64O6aBOJkCezDpnxNv4NJB8leTjAfBgNVHSMEGDAWgBTTy1zswhO5+G27
pRhSHoVG7JOGHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA4dGM3TUlUdWZodHU2VVlVaDZGUnV5VGhody5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvZTExN2ZlLWM5ZTctNGQ0MS05NGRmLTg0MjY5NDEyZDU2MS8x
LzEtdUR1bWdUaVpBbnN3Nlo4VGItRFNRZkpYazQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Fj
L2UxMTdmZS1jOWU3LTRkNDEtOTRkZi04NDI2OTQxMmQ1NjEvMS8wOHRjN01JVHVm
aHR1NlVZVWg2RlJ1eVRoaHcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
PQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAJZJNwDBAJZJpADBAJZKHgDBANe
sfgDBAK5OuADBAPZPRAwDQYJKoZIhvcNAQELBQADggEBALMXDfjPR63euLvYVVQo
sl9Jwvk7yoC60HW2sFYxt+3Q9sm88TcWT4sGRTF3Hco7EMJA8vaYUUN1xPmEuxjZ
YSZH/SvWbPbO4mx9cZ9HiKUyWTsVnM60dmLFNQQTfxo2+XAj8dEFK8DhGKFDO5SK
CO4ns+qYdsg5Z8SzAQEoJ6EKHZY3nKd83tFQH92ALl629bu8wGs7LdyL2+ORPPa9
FOnByf/yOKUTOSvGUbrUeRUr1uau5Eux+F6yzCFCbgn9BL91aQ5nNE+8fpPFvYOP
rWA2LzfyE6d9n75X9dGz100O+2W7tAnkQ6xTQvDtuq4+hPm/Qb16qbmqMP9El8s4
Al4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:42 2025 by rpki-client