Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/X9bkHibEtw896E3Mf9DGGBtUBoI.roa
File: X9bkHibEtw896E3Mf9DGGBtUBoI.roa (raw, json)
Hash identifier: /2FPvvy1FnBfZkcz9rx/lork3k9JnF8fBbcp8zWUlDw=
Subject key identifier: 5F:D6:E4:1E:26:C4:B7:0F:3D:E8:4D:CC:7F:D0:C6:18:1B:54:06:82
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 082DE767
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/X9bkHibEtw896E3Mf9DGGBtUBoI.roa
Signing time: Sun 20 Mar 2022 13:57:10 +0000
ROA not before: Sun 20 Mar 2022 13:57:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43489
IP address blocks: 89.111.135.0/24 maxlen: 24
89.104.93.0/24 maxlen: 24
89.104.95.0/24 maxlen: 24
31.177.70.0/24 maxlen: 24
2a01:d8:8::/48 maxlen: 48
2a02:2090:6800::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137226087 (0x82de767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Mar 20 13:57:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fd6e41e26c4b70f3de84dcc7fd0c6181b540682
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f0:9b:ac:71:7b:78:2c:1c:0c:99:6c:95:60:
87:f1:07:05:a0:3b:1d:38:66:b2:85:d9:ae:2c:e2:
1d:35:51:a8:e5:56:81:4a:58:95:10:d1:8c:f4:10:
3d:a1:95:5f:21:bc:35:7f:e3:a9:c6:6f:4c:65:eb:
01:44:15:1a:69:f5:ef:19:07:e6:0b:87:ff:a0:34:
fa:50:18:97:a5:d2:b7:34:e1:dd:ef:2c:45:50:ab:
8b:df:3d:f5:87:07:eb:83:a4:7e:31:2f:be:8c:fa:
9c:54:f9:c8:ce:22:85:bd:b8:50:a6:04:23:97:00:
77:50:8e:e8:b7:4b:14:c1:49:df:ba:4d:38:a6:0e:
f1:24:7d:15:97:68:6f:36:3e:76:d2:c9:5b:01:9a:
6f:43:77:3c:16:21:fb:7d:7a:ec:2f:37:a4:87:db:
3c:28:00:00:f0:2c:ae:7d:d3:1a:48:25:ae:4a:81:
9c:3d:9b:f2:b6:67:ec:c3:5d:bf:90:49:9f:fa:b1:
4c:aa:30:51:80:09:8e:52:6c:92:8b:27:27:54:16:
18:24:ee:16:5e:bc:4f:ed:73:4f:4b:07:01:8e:6f:
bf:6b:99:b0:8b:33:7e:ce:a1:86:b4:e2:61:2d:5b:
d7:f6:68:d4:ee:2f:32:00:16:41:bf:0a:b2:d0:26:
7d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D6:E4:1E:26:C4:B7:0F:3D:E8:4D:CC:7F:D0:C6:18:1B:54:06:82
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/X9bkHibEtw896E3Mf9DGGBtUBoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.70.0/24
89.104.93.0/24
89.104.95.0/24
89.111.135.0/24
IPv6:
2a01:d8:8::/48
2a02:2090:6800::/48
Signature Algorithm: sha256WithRSAEncryption
24:e0:4b:cf:a1:d5:6d:96:ff:87:0a:d9:92:c5:4c:04:45:b7:
b8:4c:55:08:3c:8f:9b:0a:55:e2:33:94:f6:13:09:8d:0d:5f:
b5:24:30:0c:14:0d:21:a4:82:19:80:37:48:18:40:ac:fa:7c:
db:71:c7:78:09:24:7b:a2:46:3f:50:d2:66:95:c0:1b:39:52:
9d:de:2c:4f:71:95:b8:fd:87:ad:13:ac:c1:63:96:32:4c:f4:
47:fc:01:35:29:13:ab:34:95:44:37:60:7b:f4:ef:a9:e7:a6:
11:29:58:b1:1b:7d:c4:f8:f1:14:ce:37:f3:38:00:1b:55:d1:
d2:b7:b6:d0:ec:64:65:c1:02:36:a7:b7:c4:d4:b8:e8:5c:11:
63:1f:9e:d4:63:a2:db:dd:fb:67:80:67:42:6b:d5:9d:f9:6c:
bf:d8:39:86:c6:73:0d:94:79:9e:68:e9:f1:63:7b:b6:55:ab:
3e:35:2e:33:b5:71:34:15:68:b6:bb:8c:18:8c:72:0e:a0:89:
7f:82:c5:28:7e:7d:0f:78:8a:ac:e1:80:fd:a9:01:70:be:18:
76:2f:8f:88:1b:6e:f5:a3:8d:a4:99:0b:11:e3:fe:f2:82:0e:
cf:ee:08:61:b6:cb:97:62:15:06:11:f6:85:a0:46:40:6e:cb:
d0:62:eb:e9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgIECC3nZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGZhZDIzZTExY2YwZDI0YTQ3NzU5NGViYTA5Zjk5YWNjNmYxZmZmMB4XDTIyMDMy
MDEzNTcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZkNmU0MWUyNmM0
YjcwZjNkZTg0ZGNjN2ZkMGM2MTgxYjU0MDY4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLwm6xxe3gsHAyZbJVgh/EHBaA7HThmsoXZriziHTVRqOVW
gUpYlRDRjPQQPaGVXyG8NX/jqcZvTGXrAUQVGmn17xkH5guH/6A0+lAYl6XStzTh
3e8sRVCri9899YcH64OkfjEvvoz6nFT5yM4ihb24UKYEI5cAd1CO6LdLFMFJ37pN
OKYO8SR9FZdobzY+dtLJWwGab0N3PBYh+3167C83pIfbPCgAAPAsrn3TGkglrkqB
nD2b8rZn7MNdv5BJn/qxTKowUYAJjlJskosnJ1QWGCTuFl68T+1zT0sHAY5vv2uZ
sIszfs6hhrTiYS1b1/Zo1O4vMgAWQb8KstAmfWkCAwEAAaOCAjUwggIxMB0GA1Ud
DgQWBBRf1uQeJsS3Dz3oTcx/0MYYG1QGgjAfBgNVHSMEGDAWgBS9+tI+Ec8NJKR3
WU66CfmazG8f/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZmclNQaEhQRFNTa2QxbE91Z241bXN4dkhfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvZTI1MjM5LTZhYjAtNDkxOS1hNzZhLTRmNGU3MWUzMjA4NC8x
L1g5YmtIaWJFdHc4OTZFM01mOURHR0J0VUJvSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
ZTI1MjM5LTZhYjAtNDkxOS1hNzZhLTRmNGU3MWUzMjA4NC8xL3ZmclNQaEhQRFNT
a2QxbE91Z241bXN4dkhfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBL
BggrBgEFBQcBBwEB/wQ8MDowHgQCAAEwGAMEAB+xRgMEAFloXQMEAFloXwMEAFlv
hzAYBAIAAjASAwcAKgEA2AAIAwcAKgIgkGgAMA0GCSqGSIb3DQEBCwUAA4IBAQAk
4EvPodVtlv+HCtmSxUwERbe4TFUIPI+bClXiM5T2EwmNDV+1JDAMFA0hpIIZgDdI
GECs+nzbccd4CSR7okY/UNJmlcAbOVKd3ixPcZW4/YetE6zBY5YyTPRH/AE1KROr
NJVEN2B79O+p56YRKVixG33E+PEUzjfzOAAbVdHSt7bQ7GRlwQI2p7fE1LjoXBFj
H57UY6Lb3ftngGdCa9Wd+Wy/2DmGxnMNlHmeaOnxY3u2Vas+NS4ztXE0FWi2u4wY
jHIOoIl/gsUofn0PeIqs4YD9qQFwvhh2L4+IG271o42kmQsR4/7ygg7P7ghhtsuX
YhUGEfaFoEZAbsvQYuvp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org