Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/h-tADssttyceGCDYcSrLcAHqKNI.roa
File: h-tADssttyceGCDYcSrLcAHqKNI.roa (raw, json)
Hash identifier: NMoa75UyB+pv5uKL4PylEwhpfzpvsb9oxKcihuFwqi0=
Subject key identifier: 87:EB:40:0E:CB:2D:B7:27:1E:18:20:D8:71:2A:CB:70:01:EA:28:D2
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 077F87E3
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/h-tADssttyceGCDYcSrLcAHqKNI.roa
Signing time: Sat 01 Jan 2022 11:59:45 +0000
ROA not before: Sat 01 Jan 2022 11:59:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39494
IP address blocks: 89.104.64.0/19 maxlen: 19
89.104.76.0/24 maxlen: 24
89.111.128.0/18 maxlen: 18
79.174.72.0/22 maxlen: 22
89.111.144.0/20 maxlen: 20
89.111.160.0/20 maxlen: 20
89.111.176.0/20 maxlen: 20
89.111.177.0/24 maxlen: 24
89.111.176.0/22 maxlen: 22
2a01:d8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125798371 (0x77f87e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 1 11:59:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87eb400ecb2db7271e1820d8712acb7001ea28d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fc:da:83:58:96:d2:d4:e8:e9:9b:f4:8e:1f:
c0:c2:04:f1:4e:92:a4:91:12:4b:fa:1c:54:bd:0c:
3b:92:d4:ae:9c:73:31:94:ba:be:07:8d:88:e9:0e:
c0:de:1d:cc:b8:e3:ab:85:61:19:db:4a:76:39:b5:
c2:e0:c5:5f:f7:65:cd:c0:2f:1f:e7:fd:bc:2b:01:
bd:10:03:6e:bd:ab:e9:f9:c1:f7:e0:ff:c3:ec:35:
5c:42:e5:60:66:de:9e:b4:48:e6:d5:ef:a7:4e:b5:
91:26:89:11:65:08:c8:ef:9c:42:11:fd:96:ee:bc:
ee:33:e9:13:68:3c:55:75:db:53:05:01:e5:63:77:
8a:d0:b5:cd:3c:3b:84:5f:49:61:1d:ca:83:d6:7f:
f6:c1:71:79:ab:32:b1:5f:24:9a:af:32:33:c3:31:
8f:ff:8f:e5:89:f0:8f:cb:25:41:b4:5c:63:99:91:
e8:5c:c3:e3:43:45:f2:bd:d4:ff:73:18:23:c8:5e:
d0:c7:28:b2:cc:de:62:68:ef:a3:fd:8a:18:35:34:
c6:44:1e:c7:b9:61:85:31:ec:fb:01:d2:44:4d:85:
f4:e5:b1:c9:0a:46:e5:9a:a0:6a:06:fd:b4:cf:31:
f6:e2:ec:f5:f6:3c:89:23:48:eb:0e:b7:36:fc:75:
90:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EB:40:0E:CB:2D:B7:27:1E:18:20:D8:71:2A:CB:70:01:EA:28:D2
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/h-tADssttyceGCDYcSrLcAHqKNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.72.0/22
89.104.64.0/19
89.111.128.0/18
IPv6:
2a01:d8::/32
Signature Algorithm: sha256WithRSAEncryption
20:be:9a:e4:d9:19:4e:b4:d9:bd:e2:4b:38:93:f0:22:3b:4c:
65:ba:4a:81:3c:69:43:bc:9b:a5:87:c9:47:f9:de:80:67:1a:
14:46:ab:4c:4c:a4:6f:35:f3:2c:00:27:0d:59:4d:c5:77:48:
87:f6:56:71:30:40:64:14:48:54:33:4b:24:81:25:7f:ae:4c:
bf:4c:00:3d:0a:08:46:1e:80:b8:7b:0a:08:c3:fe:48:42:a9:
68:88:96:74:f5:03:d9:7b:df:2d:c7:2e:32:72:19:e4:63:4c:
d6:20:ac:7f:b5:5c:05:8f:9a:b8:6c:56:53:22:3d:f6:da:f9:
22:b9:50:d8:46:e5:1c:72:88:f5:6a:84:6a:46:ab:db:09:ff:
64:4d:11:1d:a1:1d:35:8e:d4:9c:9a:2d:f9:94:22:af:5b:97:
c9:b2:7b:37:3a:66:74:16:44:3a:83:10:c4:1d:23:58:42:01:
f0:6c:b8:be:8f:a7:d2:97:a5:e8:62:6f:a9:00:a9:84:76:f7:
9e:c3:42:fe:16:b3:7a:2d:65:40:b2:c5:89:e7:24:37:bc:5c:
04:14:b1:1a:2e:06:45:95:2c:b4:16:cf:85:e8:31:64:c0:76:
5f:48:dd:6a:23:61:b2:b6:88:42:ee:94:08:0b:9a:30:ca:3a:
c7:f7:48:23
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEB3+H4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGZhZDIzZTExY2YwZDI0YTQ3NzU5NGViYTA5Zjk5YWNjNmYxZmZmMB4XDTIyMDEw
MTExNTk0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdlYjQwMGVjYjJk
YjcyNzFlMTgyMGQ4NzEyYWNiNzAwMWVhMjhkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKD82oNYltLU6Omb9I4fwMIE8U6SpJESS/ocVL0MO5LUrpxz
MZS6vgeNiOkOwN4dzLjjq4VhGdtKdjm1wuDFX/dlzcAvH+f9vCsBvRADbr2r6fnB
9+D/w+w1XELlYGbenrRI5tXvp061kSaJEWUIyO+cQhH9lu687jPpE2g8VXXbUwUB
5WN3itC1zTw7hF9JYR3Kg9Z/9sFxeasysV8kmq8yM8Mxj/+P5Ynwj8slQbRcY5mR
6FzD40NF8r3U/3MYI8he0McosszeYmjvo/2KGDU0xkQex7lhhTHs+wHSRE2F9OWx
yQpG5Zqgagb9tM8x9uLs9fY8iSNI6w63Nvx1kJcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSH60AOyy23Jx4YINhxKstwAeoo0jAfBgNVHSMEGDAWgBS9+tI+Ec8NJKR3
WU66CfmazG8f/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZmclNQaEhQRFNTa2QxbE91Z241bXN4dkhfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvZTI1MjM5LTZhYjAtNDkxOS1hNzZhLTRmNGU3MWUzMjA4NC8x
L2gtdEFEc3N0dHljZUdDRFljU3JMY0FIcUtOSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
ZTI1MjM5LTZhYjAtNDkxOS1hNzZhLTRmNGU3MWUzMjA4NC8xL3ZmclNQaEhQRFNT
a2QxbE91Z241bXN4dkhfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAk+uSAMEBVloQAMEBllvgDANBAIA
AjAHAwUAKgEA2DANBgkqhkiG9w0BAQsFAAOCAQEAIL6a5NkZTrTZveJLOJPwIjtM
ZbpKgTxpQ7ybpYfJR/negGcaFEarTEykbzXzLAAnDVlNxXdIh/ZWcTBAZBRIVDNL
JIElf65Mv0wAPQoIRh6AuHsKCMP+SEKpaIiWdPUD2XvfLccuMnIZ5GNM1iCsf7Vc
BY+auGxWUyI99tr5IrlQ2EblHHKI9WqEakar2wn/ZE0RHaEdNY7UnJot+ZQir1uX
ybJ7NzpmdBZEOoMQxB0jWEIB8Gy4vo+n0pel6GJvqQCphHb3nsNC/hazei1lQLLF
ieckN7xcBBSxGi4GRZUstBbPhegxZMB2X0jdaiNhsraIQu6UCAuaMMo6x/dIIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:13 2024 by rpki-client on console-ams.rpki-client.org