Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/h-jNbRz94XyQnVf3CxUu9PP8vp0.roa
File: h-jNbRz94XyQnVf3CxUu9PP8vp0.roa (raw, json)
Hash identifier: v9Ao/7YEdFKb0mwpVY/JMalTt6CTE9YkZFUQrIJsW40=
Subject key identifier: 87:E8:CD:6D:1C:FD:E1:7C:90:9D:57:F7:0B:15:2E:F4:F3:FC:BE:9D
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01852EE2B14A1CF1527FB26BB624686DC261
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/h-jNbRz94XyQnVf3CxUu9PP8vp0.roa
Signing time: Tue 20 Dec 2022 09:34:46 +0000
ROA not before: Tue 20 Dec 2022 09:34:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199380
IP address blocks: 89.37.80.0/22 maxlen: 24
89.32.194.0/23 maxlen: 24
89.36.40.0/22 maxlen: 24
89.42.236.0/23 maxlen: 24
185.16.120.0/22 maxlen: 24
188.208.24.0/22 maxlen: 24
188.247.168.0/22 maxlen: 24
188.239.184.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2e:e2:b1:4a:1c:f1:52:7f:b2:6b:b6:24:68:6d:c2:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 20 09:34:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87e8cd6d1cfde17c909d57f70b152ef4f3fcbe9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:cd:5c:dc:74:14:6f:4d:f3:1c:aa:ed:f4:01:
ff:09:b7:43:c2:5e:d1:7c:e8:62:e2:00:db:91:bc:
2a:6b:51:04:92:47:9b:c8:9d:b5:21:82:87:9a:a0:
9f:bd:52:dc:4b:43:6b:54:12:50:80:90:db:df:d3:
fa:c7:cc:f5:fb:29:a6:ef:64:e6:ba:b6:8b:76:47:
69:8e:23:c5:29:65:cb:8c:68:83:01:1e:bb:20:82:
90:8d:08:66:21:2d:6b:e7:17:cc:ac:72:1d:86:b3:
49:51:8d:98:55:24:63:da:26:a9:77:c0:81:c6:17:
df:0e:99:74:fd:b8:dc:fa:bb:00:26:d2:a8:a1:1c:
61:cd:4a:fe:a2:67:06:eb:c9:d7:3b:e5:75:db:91:
91:a3:78:88:e9:5b:db:1f:63:5d:4d:6a:3e:0f:72:
7c:be:ad:11:c1:55:3e:54:7b:95:e1:6a:7e:e4:c0:
01:17:ca:37:58:38:4f:13:1b:59:f9:09:c2:4d:a3:
37:35:ff:8e:d6:1f:6f:4e:21:80:15:86:1a:ed:13:
ad:65:a4:d5:ad:b9:03:7f:b6:56:e0:cc:22:f7:e0:
8a:4a:db:cb:eb:56:b7:93:d7:ed:1c:2c:38:9f:eb:
63:78:05:a5:03:7d:75:21:47:60:f4:c6:ca:58:15:
a0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:E8:CD:6D:1C:FD:E1:7C:90:9D:57:F7:0B:15:2E:F4:F3:FC:BE:9D
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/h-jNbRz94XyQnVf3CxUu9PP8vp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.194.0/23
89.36.40.0/22
89.37.80.0/22
89.42.236.0/23
185.16.120.0/22
188.208.24.0/22
188.239.184.0/22
188.247.168.0/22
Signature Algorithm: sha256WithRSAEncryption
05:d8:5a:d8:15:76:44:ec:b7:9e:dc:31:78:a2:eb:f6:56:9f:
be:15:56:93:7a:00:2c:62:c3:f2:b0:f0:36:f6:6d:10:e6:a8:
e3:52:97:fa:f2:0c:16:d3:2a:b3:b8:21:73:c1:15:74:54:05:
7b:f1:f0:c0:c9:92:22:50:88:5a:c1:81:e0:78:99:26:e3:c0:
3e:a7:a3:08:31:51:41:94:d1:9a:24:4d:11:ba:11:9d:ea:29:
59:01:b1:ea:f0:ad:48:d8:90:5c:b7:f1:91:7e:76:78:11:5f:
a8:0b:10:79:ea:88:90:3e:fe:73:08:9a:d2:c8:24:bd:d4:7b:
f4:fa:ff:4d:76:46:96:5f:b8:b6:ac:7e:f7:bf:06:bf:e4:7d:
94:97:d1:21:75:97:69:d3:02:3e:89:cd:7c:67:1f:b8:75:d6:
37:b5:82:90:7f:1f:3d:8c:38:f6:dd:3e:56:9e:03:5d:df:b9:
60:96:a9:e5:cd:6e:51:e6:c4:e6:b8:be:eb:36:08:44:79:a6:
90:b7:3d:8a:81:e4:dd:cd:e7:f7:25:1f:a2:f4:37:bb:ce:21:
f6:00:0b:1a:a6:22:eb:39:fb:7b:92:b5:89:25:62:10:9a:1c:
47:80:10:e1:51:21:01:fd:f0:c8:35:85:40:ff:be:d4:28:23:
96:11:f6:ed
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYUu4rFKHPFSf7JrtiRobcJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIwMDkzNDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2U4Y2Q2ZDFjZmRlMTdjOTA5ZDU3ZjcwYjE1MmVmNGYzZmNiZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhc1c3HQUb03zHKrt9AH/CbdDwl7R
fOhi4gDbkbwqa1EEkkebyJ21IYKHmqCfvVLcS0NrVBJQgJDb39P6x8z1+ymm72Tm
uraLdkdpjiPFKWXLjGiDAR67IIKQjQhmIS1r5xfMrHIdhrNJUY2YVSRj2iapd8CB
xhffDpl0/bjc+rsAJtKooRxhzUr+omcG68nXO+V125GRo3iI6VvbH2NdTWo+D3J8
vq0RwVU+VHuV4Wp+5MABF8o3WDhPExtZ+QnCTaM3Nf+O1h9vTiGAFYYa7ROtZaTV
rbkDf7ZW4Mwi9+CKStvL61a3k9ftHCw4n+tjeAWlA311IUdg9MbKWBWglwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIfozW0c/eF8kJ1X9wsVLvTz/L6dMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvaC1qTmJSejk0WHlRblZmM0N4VXU5UFA4dnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBWSDCAwQC
WSQoAwQCWSVQAwQBWSrsAwQCuRB4AwQCvNAYAwQCvO+4AwQCvPeoMA0GCSqGSIb3
DQEBCwUAA4IBAQAF2FrYFXZE7Lee3DF4ouv2Vp++FVaTegAsYsPysPA29m0Q5qjj
Upf68gwW0yqzuCFzwRV0VAV78fDAyZIiUIhawYHgeJkm48A+p6MIMVFBlNGaJE0R
uhGd6ilZAbHq8K1I2JBct/GRfnZ4EV+oCxB56oiQPv5zCJrSyCS91Hv0+v9NdkaW
X7i2rH73vwa/5H2Ul9EhdZdp0wI+ic18Zx+4ddY3tYKQfx89jDj23T5WngNd37lg
lqnlzW5R5sTmuL7rNghEeaaQtz2KgeTdzef3JR+i9De7ziH2AAsapiLrOft7krWJ
JWIQmhxHgBDhUSEB/fDINYVA/77UKCOWEfbt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org