Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/Spmt8-kB_ZM2Qn46tcVZNRSA2ec.roa
File: Spmt8-kB_ZM2Qn46tcVZNRSA2ec.roa (raw, json)
Hash identifier: 7nHds7v0bDgbiWHWqMv59lW2BCjUOCWGwbPZlMAMfVU=
Subject key identifier: 4A:99:AD:F3:E9:01:FD:93:36:42:7E:3A:B5:C5:59:35:14:80:D9:E7
Certificate issuer: /CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Certificate serial: 09C36C78
Authority key identifier: 36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/Spmt8-kB_ZM2Qn46tcVZNRSA2ec.roa
Signing time: Sun 24 Apr 2022 17:30:02 +0000
ROA not before: Sun 24 Apr 2022 17:30:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204145
IP address blocks: 89.35.179.0/24 maxlen: 24
185.113.64.0/24 maxlen: 24
185.113.65.0/24 maxlen: 24
185.113.66.0/24 maxlen: 24
185.113.67.0/24 maxlen: 24
185.50.73.0/24 maxlen: 24
185.50.74.0/24 maxlen: 24
185.50.75.0/24 maxlen: 24
185.50.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163802232 (0x9c36c78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3694fcc6bf6a8740fa7814641fd9d6ec8d862e5f
Validity
Not Before: Apr 24 17:30:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a99adf3e901fd9336427e3ab5c559351480d9e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:13:71:f3:1f:a0:f7:37:de:e2:94:37:cc:13:
81:03:67:30:51:9c:3a:fe:95:bb:33:82:91:c5:ee:
cc:b2:d4:33:09:9d:f2:3a:da:e9:d9:1e:a4:21:b6:
94:ed:91:9a:77:02:5a:04:02:de:59:8e:d3:69:4f:
96:ac:c6:fb:bf:2c:d8:68:6f:d7:ec:8b:bf:4c:1a:
04:22:14:89:ea:bb:a3:f0:dd:e9:bb:60:dc:5a:57:
68:2c:d5:51:51:72:d1:2f:cb:a0:ef:4b:49:f0:85:
16:68:3e:db:80:12:2f:a3:23:fe:4f:73:6f:85:f9:
38:ff:fe:32:6e:11:74:f2:c9:8b:7f:1f:04:90:40:
fe:07:c1:5c:17:19:31:8f:d0:fb:4b:72:4f:a0:eb:
dd:e5:47:6d:00:70:cf:c0:51:a9:29:97:93:38:ba:
91:d7:2c:0e:59:fb:e1:33:7c:a0:ca:bb:98:c6:4e:
29:b8:c9:15:1c:5b:2d:63:65:ec:d8:16:c6:c7:3f:
ad:b6:ad:24:3f:b1:88:f0:1a:ab:89:26:a7:b2:ee:
58:18:b0:95:08:98:08:a2:e3:4a:11:1c:ab:e9:fe:
df:8e:7c:d4:29:62:bf:a2:0b:f0:30:13:62:ec:d6:
a9:2f:ca:e4:a0:00:a1:82:30:35:3c:84:cb:ac:2d:
69:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:99:AD:F3:E9:01:FD:93:36:42:7E:3A:B5:C5:59:35:14:80:D9:E7
X509v3 Authority Key Identifier:
keyid:36:94:FC:C6:BF:6A:87:40:FA:78:14:64:1F:D9:D6:EC:8D:86:2E:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NpT8xr9qh0D6eBRkH9nW7I2GLl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/Spmt8-kB_ZM2Qn46tcVZNRSA2ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/a8dd9e-71f2-4f77-b575-0d3fce429bde/1/NpT8xr9qh0D6eBRkH9nW7I2GLl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.179.0/24
185.50.72.0/22
185.113.64.0/22
Signature Algorithm: sha256WithRSAEncryption
19:9b:34:93:ac:f6:79:fb:a2:4b:e5:1e:80:39:b2:37:fe:0e:
76:2c:f2:2d:d4:b6:06:19:3b:fd:b0:7a:84:1c:66:a9:51:7b:
1d:9e:9c:b5:db:34:69:a3:69:3d:0c:c0:43:bb:9f:9a:af:31:
13:72:ca:17:d3:c0:f7:58:55:57:8b:b0:e9:2c:0a:df:7b:a1:
19:ab:2f:66:ac:45:e2:11:4f:39:ff:02:1b:25:ce:19:ae:e3:
54:a3:d2:4b:1d:8e:30:16:62:9c:88:bd:98:1f:19:87:3f:2c:
b0:50:26:f9:f5:6f:cf:df:7c:4a:6b:97:c7:30:46:76:a1:3f:
95:0e:44:15:da:ea:5e:91:46:75:03:19:a9:39:02:83:ed:e3:
48:7e:e8:05:7b:e0:21:bc:09:f0:24:73:4a:ff:19:cb:42:35:
ef:ae:60:66:7f:21:0e:36:77:a3:74:4e:e4:68:5a:1b:53:cb:
9c:02:44:1b:d6:72:2b:c8:f1:f4:d8:d9:89:00:37:82:5a:9d:
9f:cb:86:a6:27:5e:73:a8:46:17:38:78:3c:ec:d9:29:26:ba:
05:7b:ab:03:45:11:e1:c9:15:fe:5b:e6:a4:ce:00:02:84:c2:
d5:3a:f0:8a:ee:d1:15:2c:d1:31:ae:17:f2:84:d4:f9:0f:7f:
ae:a5:f1:15
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECcNseDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Njk0ZmNjNmJmNmE4NzQwZmE3ODE0NjQxZmQ5ZDZlYzhkODYyZTVmMB4XDTIyMDQy
NDE3MzAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGE5OWFkZjNlOTAx
ZmQ5MzM2NDI3ZTNhYjVjNTU5MzUxNDgwZDllNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcTcfMfoPc33uKUN8wTgQNnMFGcOv6VuzOCkcXuzLLUMwmd
8jra6dkepCG2lO2RmncCWgQC3lmO02lPlqzG+78s2Ghv1+yLv0waBCIUieq7o/Dd
6btg3FpXaCzVUVFy0S/LoO9LSfCFFmg+24ASL6Mj/k9zb4X5OP/+Mm4RdPLJi38f
BJBA/gfBXBcZMY/Q+0tyT6Dr3eVHbQBwz8BRqSmXkzi6kdcsDln74TN8oMq7mMZO
KbjJFRxbLWNl7NgWxsc/rbatJD+xiPAaq4kmp7LuWBiwlQiYCKLjShEcq+n+3458
1Cliv6IL8DATYuzWqS/K5KAAoYIwNTyEy6wtaWcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRKma3z6QH9kzZCfjq1xVk1FIDZ5zAfBgNVHSMEGDAWgBQ2lPzGv2qHQPp4
FGQf2dbsjYYuXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05wVDh4cjlxaDBENmVCUmtIOW5XN0kyR0xsOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvYThkZDllLTcxZjItNGY3Ny1iNTc1LTBkM2ZjZTQyOWJkZS8x
L1NwbXQ4LWtCX1pNMlFuNDZ0Y1ZaTlJTQTJlYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
YThkZDllLTcxZjItNGY3Ny1iNTc1LTBkM2ZjZTQyOWJkZS8xL05wVDh4cjlxaDBE
NmVCUmtIOW5XN0kyR0xsOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFkjswMEArkySAMEArlxQDANBgkq
hkiG9w0BAQsFAAOCAQEAGZs0k6z2efuiS+UegDmyN/4OdizyLdS2Bhk7/bB6hBxm
qVF7HZ6ctds0aaNpPQzAQ7ufmq8xE3LKF9PA91hVV4uw6SwK33uhGasvZqxF4hFP
Of8CGyXOGa7jVKPSSx2OMBZinIi9mB8Zhz8ssFAm+fVvz998SmuXxzBGdqE/lQ5E
FdrqXpFGdQMZqTkCg+3jSH7oBXvgIbwJ8CRzSv8Zy0I1765gZn8hDjZ3o3RO5Gha
G1PLnAJEG9ZyK8jx9NjZiQA3glqdn8uGpidec6hGFzh4POzZKSa6BXurA0UR4ckV
/lvmpM4AAoTC1Trwiu7RFSzRMa4X8oTU+Q9/rqXxFQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:57 2025 by rpki-client