Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/8LUXUnnbUHQ5j8dGTFABuDNdy7w.roa
File: 8LUXUnnbUHQ5j8dGTFABuDNdy7w.roa (raw, json)
Hash identifier: 8w1ZJh4oLlA+iC+wBiJSK4dSsL5N4Rfr8RhSVWgd5fI=
Subject key identifier: F0:B5:17:52:79:DB:50:74:39:8F:C7:46:4C:50:01:B8:33:5D:CB:BC
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018533F6BDC9544F85210F7B9B93FD2ADA9F
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/8LUXUnnbUHQ5j8dGTFABuDNdy7w.roa
Signing time: Wed 21 Dec 2022 09:14:46 +0000
ROA not before: Wed 21 Dec 2022 09:14:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51223
IP address blocks: 185.26.4.0/22 maxlen: 24
89.32.80.0/21 maxlen: 24
89.36.44.0/22 maxlen: 24
178.237.128.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:33:f6:bd:c9:54:4f:85:21:0f:7b:9b:93:fd:2a:da:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 21 09:14:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0b5175279db5074398fc7464c5001b8335dcbbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b0:d2:ee:84:2c:67:30:90:d0:95:0a:c7:b1:
6c:f6:92:20:d7:52:c5:57:be:db:c2:b6:8a:1b:93:
1c:a2:62:06:5a:b9:69:ef:0c:9a:f3:d4:c2:52:36:
27:43:07:da:3f:85:8a:d7:70:af:f1:15:f5:80:e4:
16:5f:77:a0:12:2d:09:7c:7d:a5:a3:23:a2:66:80:
b7:cd:97:42:9f:d1:78:17:d1:ae:e5:b3:9c:a8:4b:
91:05:1e:0d:eb:ba:d0:87:c3:7a:c0:ab:b2:9d:86:
06:e6:7d:d2:bf:dd:d2:65:0e:ac:3f:02:db:eb:2c:
6a:f9:01:e4:42:f3:2a:46:be:1e:34:5f:1e:14:25:
10:3a:74:ed:0d:af:e9:09:20:af:ea:5e:83:5e:be:
2b:ae:26:6a:b0:97:d2:41:b8:ad:8c:b5:18:df:4b:
72:96:b9:65:08:bd:1c:65:89:81:95:92:57:27:8d:
ed:5e:d3:6d:87:a1:0f:91:ff:c5:e4:e9:1f:2b:cc:
9d:e8:d7:1b:7d:af:fa:0e:cf:aa:72:bd:24:d8:48:
b0:f8:eb:ee:63:33:8c:be:ca:03:cf:38:b6:91:26:
f4:ed:16:16:30:5b:18:1a:8c:7a:44:ee:ef:54:12:
e0:e9:48:3b:f0:af:61:f0:c1:22:71:b5:b6:23:0d:
c3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B5:17:52:79:DB:50:74:39:8F:C7:46:4C:50:01:B8:33:5D:CB:BC
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/8LUXUnnbUHQ5j8dGTFABuDNdy7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.80.0/21
89.36.44.0/22
178.237.128.0/20
185.26.4.0/22
Signature Algorithm: sha256WithRSAEncryption
93:4d:6d:7b:62:d8:69:a0:12:6b:b6:59:ab:e7:a4:35:01:1b:
af:7a:9b:07:71:26:f7:b6:3d:b5:44:bc:87:8b:cf:96:13:68:
37:cb:5d:19:16:ba:62:f5:a4:9d:b8:2c:75:9d:be:8a:26:e3:
e3:7b:5f:67:4a:bc:4a:19:26:65:8c:f9:5e:ba:bf:26:e5:35:
6e:62:ef:de:58:b6:87:49:70:82:c8:d2:35:5f:08:af:dd:00:
b9:31:f7:8f:fe:44:64:4a:09:50:c4:68:c2:03:55:47:32:31:
8a:d5:42:a5:6c:14:ed:0b:39:5b:d0:47:02:c9:d3:c5:60:b9:
d0:b7:35:56:c9:3a:8b:77:38:59:ed:49:74:d0:9c:28:f1:10:
19:d2:95:fa:6a:d1:f5:b1:ed:f2:5d:cb:66:8a:55:23:c4:c9:
93:56:cb:bd:a2:07:d1:4f:13:95:ba:ef:58:22:cc:bf:a8:e4:
4c:74:f5:b1:ca:de:0a:3b:28:c4:ac:cf:d1:f5:e8:eb:30:ac:
3d:b0:25:3e:d7:1b:d9:6b:b5:40:1b:d7:84:24:a6:e7:73:96:
92:e9:ef:70:5d:5b:19:66:21:4e:f5:95:d5:8c:a7:28:d1:b2:
b9:88:cd:88:1d:3f:b2:b9:5f:f2:24:f9:da:63:8a:50:ed:e3:
82:74:56:86
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUz9r3JVE+FIQ97m5P9KtqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIxMDkxNDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGI1MTc1Mjc5ZGI1MDc0Mzk4ZmM3NDY0YzUwMDFiODMzNWRjYmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibDS7oQsZzCQ0JUKx7Fs9pIg11LF
V77bwraKG5McomIGWrlp7wya89TCUjYnQwfaP4WK13Cv8RX1gOQWX3egEi0JfH2l
oyOiZoC3zZdCn9F4F9Gu5bOcqEuRBR4N67rQh8N6wKuynYYG5n3Sv93SZQ6sPwLb
6yxq+QHkQvMqRr4eNF8eFCUQOnTtDa/pCSCv6l6DXr4rriZqsJfSQbitjLUY30ty
lrllCL0cZYmBlZJXJ43tXtNth6EPkf/F5OkfK8yd6Ncbfa/6Ds+qcr0k2Eiw+Ovu
YzOMvsoDzzi2kSb07RYWMFsYGox6RO7vVBLg6Ug78K9h8MEicbW2Iw3DMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPC1F1J521B0OY/HRkxQAbgzXcu8MB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvOExVWFVubmJVSFE1ajhkR1RGQUJ1RE5keTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDWSBQAwQC
WSQsAwQEsu2AAwQCuRoEMA0GCSqGSIb3DQEBCwUAA4IBAQCTTW17YthpoBJrtlmr
56Q1ARuvepsHcSb3tj21RLyHi8+WE2g3y10ZFrpi9aSduCx1nb6KJuPje19nSrxK
GSZljPleur8m5TVuYu/eWLaHSXCCyNI1Xwiv3QC5MfeP/kRkSglQxGjCA1VHMjGK
1UKlbBTtCzlb0EcCydPFYLnQtzVWyTqLdzhZ7Ul00Jwo8RAZ0pX6atH1se3yXctm
ilUjxMmTVsu9ogfRTxOVuu9YIsy/qORMdPWxyt4KOyjErM/R9ejrMKw9sCU+1xvZ
a7VAG9eEJKbnc5aS6e9wXVsZZiFO9ZXVjKco0bK5iM2IHT+yuV/yJPnaY4pQ7eOC
dFaG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org