Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/1-ScXyiXPXpdvedtOqsaFwX1fLRg.roa
File: 1-ScXyiXPXpdvedtOqsaFwX1fLRg.roa (raw, json)
Hash identifier: UgkKq8uJSlc76XVQWuyjw0byTErzgMbYI0D37ak03Eg=
Subject key identifier: F9:27:17:CA:25:CF:5E:97:6F:79:DB:4E:AA:C6:85:C1:7D:5F:2D:18
Certificate issuer: /CN=8166038385b343d55e76b728efe23c0731787668
Certificate serial: A1260B
Authority key identifier: 81:66:03:83:85:B3:43:D5:5E:76:B7:28:EF:E2:3C:07:31:78:76:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gWYDg4WzQ9Vedrco7-I8BzF4dmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/1-ScXyiXPXpdvedtOqsaFwX1fLRg.roa
Signing time: Sat 01 Jan 2022 00:58:23 +0000
ROA not before: Sat 01 Jan 2022 00:58:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201825
IP address blocks: 89.17.35.0/24 maxlen: 24
185.127.224.0/22 maxlen: 22
89.17.33.0/24 maxlen: 24
89.17.49.0/24 maxlen: 24
89.17.51.0/24 maxlen: 24
89.17.52.0/22 maxlen: 22
89.17.56.0/21 maxlen: 21
185.62.192.0/22 maxlen: 22
217.15.53.0/24 maxlen: 24
217.15.62.0/23 maxlen: 23
2a04:f240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10561035 (0xa1260b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8166038385b343d55e76b728efe23c0731787668
Validity
Not Before: Jan 1 00:58:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f92717ca25cf5e976f79db4eaac685c17d5f2d18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:20:06:52:3e:e2:bc:e3:a8:a3:4d:53:c5:cc:
7f:08:6d:88:af:ca:75:f1:c6:15:17:ec:c1:be:e3:
ee:5e:c3:a0:6a:d0:60:2b:be:d1:8d:dc:65:1d:1b:
01:31:96:bd:05:c3:72:3f:3c:2a:80:14:a6:3c:78:
df:a4:33:29:ee:4a:95:2a:c7:5f:e4:16:2d:da:ea:
ae:22:ac:34:fa:e5:62:8d:d7:76:b5:f0:b9:23:4f:
c8:f2:e3:50:a3:b6:cc:cb:82:bd:1a:2e:6a:56:d2:
79:52:72:58:19:d6:a6:02:c6:9c:0f:c3:72:a7:25:
22:9a:00:c9:81:36:2c:97:6c:ce:8f:95:92:77:ed:
01:d3:7e:81:24:f9:44:1f:70:77:9e:45:20:41:1d:
b5:be:ac:cd:9f:b1:f2:1d:74:68:02:1b:8d:31:fa:
0e:00:c4:ae:60:b6:72:aa:41:2d:09:bd:50:94:9d:
2d:a3:9b:8b:3b:7b:73:19:13:2b:ca:43:ad:9c:58:
bd:a2:e1:03:7b:e8:b8:c7:3e:61:96:ec:20:cf:b1:
ff:1c:09:bd:dd:89:02:33:e8:84:70:71:bf:f7:9d:
7d:9a:5c:42:ff:82:80:32:2f:85:7c:3e:bb:e2:1c:
b3:77:52:53:9b:54:88:68:5e:e5:b5:40:a7:a2:4a:
97:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:27:17:CA:25:CF:5E:97:6F:79:DB:4E:AA:C6:85:C1:7D:5F:2D:18
X509v3 Authority Key Identifier:
keyid:81:66:03:83:85:B3:43:D5:5E:76:B7:28:EF:E2:3C:07:31:78:76:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gWYDg4WzQ9Vedrco7-I8BzF4dmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/1-ScXyiXPXpdvedtOqsaFwX1fLRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/48cfd0-3238-4aaf-b663-4373b65790b8/1/gWYDg4WzQ9Vedrco7-I8BzF4dmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.17.33.0/24
89.17.35.0/24
89.17.49.0/24
89.17.51.0-89.17.63.255
185.62.192.0/22
185.127.224.0/22
217.15.53.0/24
217.15.62.0/23
IPv6:
2a04:f240::/29
Signature Algorithm: sha256WithRSAEncryption
02:92:33:ca:2d:eb:80:42:0f:d4:24:8b:36:9c:f1:93:56:da:
40:79:78:61:6e:dd:85:01:23:2b:99:6c:92:6b:ad:c7:1e:69:
c6:27:6e:c5:7d:fc:1c:3d:11:ab:b2:57:50:c2:7b:cf:66:e6:
2e:53:63:a2:4d:af:34:ca:f9:f1:df:27:19:b2:ed:97:e0:90:
c3:ea:49:10:3d:f0:f7:64:bb:67:bd:e2:58:02:6b:fb:db:90:
dc:bf:90:5c:f8:19:87:79:d4:de:54:f1:82:8a:c8:9d:65:d6:
9d:e0:86:0f:95:ec:cf:f7:41:b0:4e:15:7d:43:99:2c:d3:db:
10:83:78:0f:62:94:2a:13:54:5f:15:98:9e:75:9e:2c:21:16:
7c:19:7d:13:20:47:88:fc:6a:2a:f6:65:d1:33:ec:28:e8:f0:
da:9e:3c:74:05:44:a1:c6:a9:4c:e0:d9:52:1d:a6:7a:b4:12:
30:0d:35:97:8c:6d:a0:64:76:5e:a6:67:66:40:88:99:20:9e:
ca:35:7f:65:cb:6c:dc:08:5f:da:cc:c1:51:84:de:a5:47:33:
4d:4b:68:cb:a2:e0:d9:3f:97:fc:85:04:bf:4b:13:64:00:f7:
08:d7:00:5a:a2:15:db:e3:22:eb:ac:e3:28:40:2d:98:0f:ef:
02:21:d1:e8
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEAKEmCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MTY2MDM4Mzg1YjM0M2Q1NWU3NmI3MjhlZmUyM2MwNzMxNzg3NjY4MB4XDTIyMDEw
MTAwNTgyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjkyNzE3Y2EyNWNm
NWU5NzZmNzlkYjRlYWFjNjg1YzE3ZDVmMmQxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIggBlI+4rzjqKNNU8XMfwhtiK/KdfHGFRfswb7j7l7DoGrQ
YCu+0Y3cZR0bATGWvQXDcj88KoAUpjx436QzKe5KlSrHX+QWLdrqriKsNPrlYo3X
drXwuSNPyPLjUKO2zMuCvRoualbSeVJyWBnWpgLGnA/DcqclIpoAyYE2LJdszo+V
knftAdN+gST5RB9wd55FIEEdtb6szZ+x8h10aAIbjTH6DgDErmC2cqpBLQm9UJSd
LaObizt7cxkTK8pDrZxYvaLhA3vouMc+YZbsIM+x/xwJvd2JAjPohHBxv/edfZpc
Qv+CgDIvhXw+u+Ics3dSU5tUiGhe5bVAp6JKl4cCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBT5JxfKJc9el295206qxoXBfV8tGDAfBgNVHSMEGDAWgBSBZgODhbND1V52
tyjv4jwHMXh2aDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dXWURnNFd6UTlWZWRyY283LUk4QnpGNGRtZy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjMvNDhjZmQwLTMyMzgtNGFhZi1iNjYzLTQzNzNiNjU3OTBiOC8x
LzEtU2NYeWlYUFhwZHZlZHRPcXNhRndYMWZMUmcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Iz
LzQ4Y2ZkMC0zMjM4LTRhYWYtYjY2My00MzczYjY1NzkwYjgvMS9nV1lEZzRXelE5
VmVkcmNvNy1JOEJ6RjRkbWcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
YAYIKwYBBQUHAQcBAf8EUTBPMD4EAgABMDgDBABZESEDBABZESMDBABZETEwDAME
AFkRMwMEBlkRAAMEArk+wAMEArl/4AMEANkPNQMEAdkPPjANBAIAAjAHAwUDKgTy
QDANBgkqhkiG9w0BAQsFAAOCAQEAApIzyi3rgEIP1CSLNpzxk1baQHl4YW7dhQEj
K5lskmutxx5pxiduxX38HD0Rq7JXUMJ7z2bmLlNjok2vNMr58d8nGbLtl+CQw+pJ
ED3w92S7Z73iWAJr+9uQ3L+QXPgZh3nU3lTxgorInWXWneCGD5Xsz/dBsE4VfUOZ
LNPbEIN4D2KUKhNUXxWYnnWeLCEWfBl9EyBHiPxqKvZl0TPsKOjw2p48dAVEocap
TODZUh2merQSMA01l4xtoGR2XqZnZkCImSCeyjV/Zcts3Ahf2szBUYTepUczTUto
y6Lg2T+X/IUEv0sTZAD3CNcAWqIV2+Mi66zjKEAtmA/vAiHR6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:28 2024 by rpki-client on console-ams.rpki-client.org