Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/9pNZ8n2UTiD874SnGpOQX1kqC9s.roa
File: 9pNZ8n2UTiD874SnGpOQX1kqC9s.roa (raw, json)
Hash identifier: /bh025M9y7CJlnHfeZA7pLCwgfHSOXktBqgxN53QxFw=
Subject key identifier: F6:93:59:F2:7D:94:4E:20:FC:EF:84:A7:1A:93:90:5F:59:2A:0B:DB
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01853499299568CA8F7AA3BD6098936F8A15
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/9pNZ8n2UTiD874SnGpOQX1kqC9s.roa
Signing time: Wed 21 Dec 2022 12:12:10 +0000
ROA not before: Wed 21 Dec 2022 12:12:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212949
IP address blocks: 217.61.88.0/21 maxlen: 24
167.160.8.0/23 maxlen: 24
167.160.6.0/23 maxlen: 24
167.160.22.0/23 maxlen: 24
167.160.24.0/23 maxlen: 24
185.19.24.0/22 maxlen: 24
89.33.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:99:29:95:68:ca:8f:7a:a3:bd:60:98:93:6f:8a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 21 12:12:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f69359f27d944e20fcef84a71a93905f592a0bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d0:20:9a:97:67:fc:f2:7d:01:bb:8c:27:4b:
73:47:b5:b7:2e:65:0f:33:73:01:df:40:4e:91:3c:
14:c4:56:9a:26:e0:db:fc:6c:33:88:b6:ed:a3:2c:
e8:b3:5b:e0:b5:4e:02:ea:cb:83:44:a0:1c:f0:11:
b6:ae:70:57:26:6f:a4:b5:0d:a9:76:3d:03:9e:3b:
4e:73:09:2d:b6:0e:23:94:11:1e:de:0f:c4:23:38:
35:db:48:0a:c6:23:27:28:ff:4d:57:06:e1:b0:93:
7b:2b:75:a4:d2:a1:f3:11:3e:4e:fe:d9:1e:bf:15:
6d:4a:47:c8:e1:68:75:86:a1:ee:c2:a6:ac:e4:fd:
a9:e5:77:dc:c1:f1:83:c2:08:94:09:18:12:c8:a4:
ab:52:be:90:56:d1:9a:f3:24:4b:a8:a2:af:00:d9:
81:8c:e9:95:04:e7:0c:8a:2b:b8:a9:81:fd:c0:9f:
b2:ce:ee:40:1e:20:8b:d2:11:1a:54:5d:51:6b:1b:
71:73:6b:1b:9e:9e:9f:4b:f5:e2:5d:9f:35:62:bd:
9a:94:b7:5b:d7:8c:67:8e:7c:3e:35:c6:6c:95:94:
50:8b:77:92:58:3d:f0:e7:81:2d:a3:07:87:ae:5f:
62:6a:0b:16:c1:f2:89:7f:55:f3:ef:78:69:85:89:
d3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:93:59:F2:7D:94:4E:20:FC:EF:84:A7:1A:93:90:5F:59:2A:0B:DB
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/9pNZ8n2UTiD874SnGpOQX1kqC9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.108.0/22
167.160.6.0-167.160.9.255
167.160.22.0-167.160.25.255
185.19.24.0/22
217.61.88.0/21
Signature Algorithm: sha256WithRSAEncryption
69:31:53:ec:f8:49:02:f5:0c:68:14:4d:0d:c3:95:dd:07:83:
c3:b6:56:d1:fb:5f:b8:98:e6:14:03:42:7a:3d:e5:c1:70:7e:
7d:64:f5:0b:00:55:35:61:0e:20:14:2e:bd:04:5e:07:83:b5:
8e:a1:ca:01:db:8b:43:d1:62:96:45:bc:c9:6a:8a:d9:c0:a9:
bc:94:ac:bb:46:59:94:b0:3b:61:a4:fd:af:99:7e:c2:75:86:
3b:b3:a3:89:86:ca:b9:e7:5d:29:05:f8:55:97:c2:9a:42:8b:
fd:99:18:1c:ad:3e:2b:34:42:e5:d9:62:e1:9a:8a:5d:a1:12:
a0:66:d2:03:1d:08:dd:cd:28:91:e4:80:b3:ba:84:b6:70:53:
50:73:1d:d1:76:09:0f:5b:42:a1:11:99:d9:1b:a9:83:b6:a5:
55:b3:bb:ce:f1:05:c7:7d:94:29:e7:d1:16:c2:8d:a6:fb:de:
44:5e:e3:9e:eb:89:7a:22:52:e4:96:14:26:03:26:29:a7:ee:
9c:52:f1:a1:55:f9:5c:ec:89:fc:1d:1d:30:7d:14:67:d5:e9:
24:30:85:8f:7f:cd:17:f1:df:a2:39:b5:1d:9f:2e:96:a7:af:
75:31:3a:bb:a2:ba:43:e8:31:09:7e:46:94:1c:a4:15:3b:bd:
c4:1a:53:07
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYU0mSmVaMqPeqO9YJiTb4oVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIxMTIxMjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjkzNTlmMjdkOTQ0ZTIwZmNlZjg0YTcxYTkzOTA1ZjU5MmEwYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdAgmpdn/PJ9AbuMJ0tzR7W3LmUP
M3MB30BOkTwUxFaaJuDb/GwziLbtoyzos1vgtU4C6suDRKAc8BG2rnBXJm+ktQ2p
dj0DnjtOcwkttg4jlBEe3g/EIzg120gKxiMnKP9NVwbhsJN7K3Wk0qHzET5O/tke
vxVtSkfI4Wh1hqHuwqas5P2p5XfcwfGDwgiUCRgSyKSrUr6QVtGa8yRLqKKvANmB
jOmVBOcMiiu4qYH9wJ+yzu5AHiCL0hEaVF1Raxtxc2sbnp6fS/XiXZ81Yr2alLdb
14xnjnw+NcZslZRQi3eSWD3w54EtoweHrl9iagsWwfKJf1Xz73hphYnTIQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFPaTWfJ9lE4g/O+EpxqTkF9ZKgvbMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvOXBOWjhuMlVUaUQ4NzRTbkdwT1FYMWtxQzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCWSFsMAwD
BAGnoAYDBAGnoAgwDAMEAaegFgMEAaegGAMEArkTGAMEA9k9WDANBgkqhkiG9w0B
AQsFAAOCAQEAaTFT7PhJAvUMaBRNDcOV3QeDw7ZW0ftfuJjmFANCej3lwXB+fWT1
CwBVNWEOIBQuvQReB4O1jqHKAduLQ9FilkW8yWqK2cCpvJSsu0ZZlLA7YaT9r5l+
wnWGO7OjiYbKueddKQX4VZfCmkKL/ZkYHK0+KzRC5dli4ZqKXaESoGbSAx0I3c0o
keSAs7qEtnBTUHMd0XYJD1tCoRGZ2Rupg7alVbO7zvEFx32UKefRFsKNpvveRF7j
nuuJeiJS5JYUJgMmKafunFLxoVX5XOyJ/B0dMH0UZ9XpJDCFj3/NF/Hfojm1HZ8u
lqevdTE6u6K6Q+gxCX5GlBykFTu9xBpTBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:36 2024 by rpki-client on console-fra.rpki-client.org