Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/s44Tm7rjnFMuy3jTK2gbsFF4vyU.roa
File: s44Tm7rjnFMuy3jTK2gbsFF4vyU.roa (raw, json)
Hash identifier: MRsbKcmVe0QM2q5W2J4N84P8Nf1JGpAF0n5kya1HqOw=
Subject key identifier: B3:8E:13:9B:BA:E3:9C:53:2E:CB:78:D3:2B:68:1B:B0:51:78:BF:25
Certificate issuer: /CN=82e39681c5aaefb35e54f4ad8afa428d4ffde06a
Certificate serial: 018C7DE8EDB75DDBA5B1484B69F86F7D9388
Authority key identifier: 82:E3:96:81:C5:AA:EF:B3:5E:54:F4:AD:8A:FA:42:8D:4F:FD:E0:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/s44Tm7rjnFMuy3jTK2gbsFF4vyU.roa
Signing time: Mon 18 Dec 2023 17:11:06 +0000
ROA not before: Mon 18 Dec 2023 17:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47576
IP address blocks: 89.207.144.0/22 maxlen: 22
185.251.96.0/22 maxlen: 22
2a0c:18c0::/32 maxlen: 32
2a02:2410::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7d:e8:ed:b7:5d:db:a5:b1:48:4b:69:f8:6f:7d:93:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e39681c5aaefb35e54f4ad8afa428d4ffde06a
Validity
Not Before: Dec 18 17:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b38e139bbae39c532ecb78d32b681bb05178bf25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d2:4b:64:7b:6a:e6:0b:55:91:1b:2d:d9:59:
f6:01:8b:48:26:cd:b4:53:ef:8d:7b:bd:90:54:1e:
60:6c:68:6a:90:d4:58:3b:98:3c:a3:43:8f:9a:dc:
a0:24:95:be:2d:2c:29:b3:71:14:98:a0:32:18:62:
0f:39:e8:66:f0:4d:e0:12:59:2f:3b:ee:8b:8e:d7:
e9:65:29:3c:ea:2e:c9:36:3f:05:ac:be:83:4b:d0:
28:8e:3d:51:81:ac:31:9b:48:ab:e1:57:b9:ae:10:
ad:38:71:1e:fa:3c:77:02:9e:0f:99:49:fa:bc:e9:
60:2b:ee:5e:77:e6:44:b7:5e:42:73:f7:26:d8:79:
6c:28:bd:24:b4:0b:f8:5c:68:91:1b:6a:c0:db:4f:
6d:5f:66:5c:92:47:51:09:03:8d:26:25:f6:af:b3:
8c:3d:d4:0e:24:ab:ee:3d:76:bc:b8:3c:4f:22:8f:
3e:35:6b:9e:21:a5:26:e5:30:44:9a:d2:f9:be:73:
8b:81:57:29:e9:15:17:11:4e:1d:49:74:d5:29:06:
17:0a:eb:d6:b7:58:2b:36:5a:f5:b6:b4:73:45:8b:
ac:0a:00:12:d0:d8:9d:1d:32:4d:e4:52:d6:a5:bc:
60:c6:53:b8:6b:57:92:84:0c:d6:37:c0:b6:a2:a5:
85:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:8E:13:9B:BA:E3:9C:53:2E:CB:78:D3:2B:68:1B:B0:51:78:BF:25
X509v3 Authority Key Identifier:
keyid:82:E3:96:81:C5:AA:EF:B3:5E:54:F4:AD:8A:FA:42:8D:4F:FD:E0:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guOWgcWq77NeVPStivpCjU_94Go.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/s44Tm7rjnFMuy3jTK2gbsFF4vyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/57b53e-3003-46a6-9ce8-fafd1496ae59/1/guOWgcWq77NeVPStivpCjU_94Go.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.144.0/22
185.251.96.0/22
IPv6:
2a02:2410::/32
2a0c:18c0::/32
Signature Algorithm: sha256WithRSAEncryption
42:41:98:96:a0:76:e6:65:5b:10:6a:33:06:c9:c6:97:cd:86:
b0:9d:c4:fa:98:91:69:63:43:48:ca:d9:19:1a:2a:22:9e:a9:
29:f9:f6:eb:7d:f4:dc:d4:59:b5:fc:10:31:a2:85:78:fa:b9:
fe:39:41:bf:65:80:8a:41:3c:a5:7c:d8:4c:67:a3:27:b6:cb:
2e:70:dd:84:ec:40:60:24:5c:ce:e2:0c:c3:08:b6:af:77:d5:
9a:2d:f0:da:a0:f7:59:f5:7f:f4:1f:00:d3:83:73:e1:9a:39:
c3:20:43:73:e0:c3:b6:6c:27:8c:26:9a:75:7b:2f:f6:a8:57:
f0:f0:cd:bc:86:0d:dd:bb:ef:09:1c:55:44:a6:d7:b6:f0:df:
a1:45:58:ae:4a:a1:b8:13:fd:98:1c:62:c6:42:84:4b:fa:c9:
bb:4d:f0:1c:9a:4e:67:ef:7e:95:8f:75:06:88:91:65:5f:f6:
1e:2a:c6:6f:74:b7:57:b9:14:04:56:1f:44:98:45:c1:38:e0:
fc:d7:6f:79:d7:a5:75:19:ed:6f:44:f8:d8:d5:29:70:ef:25:
58:a7:13:e7:a4:39:64:c8:bc:04:9b:be:af:d2:1c:83:c0:f9:
c4:52:43:7e:e3:83:c9:d0:d0:51:bc:65:2f:0e:55:62:58:d3:
90:2a:48:b4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYx96O23XdulsUhLafhvfZOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTM5NjgxYzVhYWVmYjM1ZTU0ZjRhZDhhZmE0MjhkNGZm
ZGUwNmEwHhcNMjMxMjE4MTcxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzhlMTM5YmJhZTM5YzUzMmVjYjc4ZDMyYjY4MWJiMDUxNzhiZjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNJLZHtq5gtVkRst2Vn2AYtIJs20
U++Ne72QVB5gbGhqkNRYO5g8o0OPmtygJJW+LSwps3EUmKAyGGIPOehm8E3gElkv
O+6LjtfpZSk86i7JNj8FrL6DS9Aojj1Rgawxm0ir4Ve5rhCtOHEe+jx3Ap4PmUn6
vOlgK+5ed+ZEt15Cc/cm2HlsKL0ktAv4XGiRG2rA209tX2ZckkdRCQONJiX2r7OM
PdQOJKvuPXa8uDxPIo8+NWueIaUm5TBEmtL5vnOLgVcp6RUXEU4dSXTVKQYXCuvW
t1grNlr1trRzRYusCgAS0NidHTJN5FLWpbxgxlO4a1eShAzWN8C2oqWF/wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFLOOE5u645xTLst40ytoG7BReL8lMB8GA1UdIwQY
MBaAFILjloHFqu+zXlT0rYr6Qo1P/eBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VPV2djV3E3N05lVlBTdGl2cENqVV85NEdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81N2I1M2UtMzAwMy00NmE2LTljZTgt
ZmFmZDE0OTZhZTU5LzEvczQ0VG03cmpuRk11eTNqVEsyZ2JzRkY0dnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81N2I1M2UtMzAwMy00NmE2LTljZTgtZmFmZDE0OTZhZTU5
LzEvZ3VPV2djV3E3N05lVlBTdGl2cENqVV85NEdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCWc+QAwQC
uftgMBQEAgACMA4DBQAqAiQQAwUAKgwYwDANBgkqhkiG9w0BAQsFAAOCAQEAQkGY
lqB25mVbEGozBsnGl82GsJ3E+piRaWNDSMrZGRoqIp6pKfn263303NRZtfwQMaKF
ePq5/jlBv2WAikE8pXzYTGejJ7bLLnDdhOxAYCRczuIMwwi2r3fVmi3w2qD3WfV/
9B8A04Nz4Zo5wyBDc+DDtmwnjCaadXsv9qhX8PDNvIYN3bvvCRxVRKbXtvDfoUVY
rkqhuBP9mBxixkKES/rJu03wHJpOZ+9+lY91BoiRZV/2HirGb3S3V7kUBFYfRJhF
wTjg/NdvedeldRntb0T42NUpcO8lWKcT56Q5ZMi8BJu+r9Icg8D5xFJDfuODydDQ
UbxlLw5VYljTkCpItA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:46 2025 by rpki-client