Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ikFfvH1mrHFDIyDsFbpTa5DYktg.roa
File: ikFfvH1mrHFDIyDsFbpTa5DYktg.roa (raw, json)
Hash identifier: mUbQR0DbwCbGTBCjL5kwuwQxFubnlP+AoPcMEMdnvI0=
Subject key identifier: 8A:41:5F:BC:7D:66:AC:71:43:23:20:EC:15:BA:53:6B:90:D8:92:D8
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 108CC031
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ikFfvH1mrHFDIyDsFbpTa5DYktg.roa
Signing time: Sat 01 Jan 2022 10:02:10 +0000
ROA not before: Sat 01 Jan 2022 10:02:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42846
IP address blocks: 89.252.137.0/24 maxlen: 24
89.252.134.0/24 maxlen: 24
89.252.138.0/24 maxlen: 24
31.192.212.0/24 maxlen: 24
89.252.159.0/24 maxlen: 24
31.192.214.0/24 maxlen: 24
159.253.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 277659697 (0x108cc031)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 1 10:02:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a415fbc7d66ac71432320ec15ba536b90d892d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5d:3a:d7:4e:1b:e7:53:f1:00:92:8a:f7:96:
5a:69:f6:04:d4:88:15:e0:7a:1c:2a:6a:ec:fc:f3:
e6:b7:f9:fd:8a:63:f1:c9:5f:d2:ee:9d:b5:b5:4b:
17:4a:81:3c:8e:40:b0:fd:25:9d:64:45:c5:62:0d:
ed:29:f3:a3:46:d5:83:80:85:33:3b:a6:0b:8c:c7:
8e:56:99:ac:67:22:d8:b5:b0:c8:7d:88:dd:46:92:
7e:44:fb:31:4b:7a:d5:8c:c6:61:43:e3:97:f8:a1:
36:6e:75:4f:fc:e7:89:15:54:1f:9f:e8:60:3d:e0:
a3:93:50:a1:be:52:47:27:6b:ca:4f:12:52:b1:7b:
56:f9:cf:2c:9c:54:1e:26:b9:5c:57:f6:bb:cc:29:
f4:3b:0d:42:38:68:14:85:41:a5:4b:1a:23:e9:3c:
a8:89:1e:1b:85:21:cc:22:71:b0:b7:0d:26:4b:b6:
54:07:1d:e7:ce:2d:8c:76:da:dd:65:a9:77:cc:d0:
ae:ea:96:9f:36:65:b9:44:37:b1:30:65:f7:7b:76:
5d:25:63:89:42:51:bb:95:fd:fd:6e:68:fb:df:00:
f1:6e:c1:27:0e:06:b7:b5:e1:76:6f:0d:1a:29:f5:
be:4c:c4:8a:78:9c:e5:09:72:1b:41:37:da:5f:21:
e0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:41:5F:BC:7D:66:AC:71:43:23:20:EC:15:BA:53:6B:90:D8:92:D8
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ikFfvH1mrHFDIyDsFbpTa5DYktg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.212.0/24
31.192.214.0/24
89.252.134.0/24
89.252.137.0-89.252.138.255
89.252.159.0/24
159.253.37.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:66:59:49:1c:8a:c1:66:75:36:08:c2:19:1c:52:9c:52:6b:
c4:2c:87:1f:b1:71:32:b7:39:ef:57:9e:7f:e7:b1:5a:5c:a8:
cc:2d:db:70:b2:10:f3:ae:39:94:ed:31:3a:45:66:78:81:4a:
3e:0d:eb:d8:59:98:25:bb:1b:06:0f:fb:75:12:31:80:74:66:
9e:5d:96:88:ae:99:25:51:f0:63:78:15:1b:20:dd:99:5d:8a:
4d:91:68:7f:8c:b5:1c:fb:a5:a5:8a:64:d7:68:20:73:52:c3:
ec:34:7d:e6:da:2b:a0:7b:dd:a4:80:b3:88:64:14:e8:49:c7:
15:83:c4:cb:f6:23:8c:5e:f0:86:24:5f:69:73:d6:40:20:9b:
1a:26:30:b2:0e:b0:e1:63:1a:d8:a6:93:f3:44:c3:2e:b0:fd:
43:31:62:bd:08:cd:c0:69:af:6f:aa:73:a3:04:c9:5a:42:57:
e9:d2:de:a9:26:ea:c1:aa:6b:99:6a:e5:76:d2:93:c6:17:0c:
23:d9:1a:af:fa:17:ad:af:c3:ee:4a:7b:9a:28:0e:60:8d:de:
1e:46:43:df:83:5d:31:12:a4:e4:92:b3:99:fc:c8:9f:4d:cf:
de:7d:3c:a7:2c:b7:17:74:b8:60:be:03:17:2c:62:1b:af:3e:
7c:bb:00:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEEIzAMTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NWU0YWVkM2VmNzJiZWUzMTQxNjYwZDExNDllMTZkMDc5MjA1ZjNjMB4XDTIyMDEw
MTEwMDIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE0MTVmYmM3ZDY2
YWM3MTQzMjMyMGVjMTViYTUzNmI5MGQ4OTJkODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxdOtdOG+dT8QCSiveWWmn2BNSIFeB6HCpq7Pzz5rf5/Ypj
8clf0u6dtbVLF0qBPI5AsP0lnWRFxWIN7Snzo0bVg4CFMzumC4zHjlaZrGci2LWw
yH2I3UaSfkT7MUt61YzGYUPjl/ihNm51T/zniRVUH5/oYD3go5NQob5SRydryk8S
UrF7VvnPLJxUHia5XFf2u8wp9DsNQjhoFIVBpUsaI+k8qIkeG4UhzCJxsLcNJku2
VAcd584tjHba3WWpd8zQruqWnzZluUQ3sTBl93t2XSVjiUJRu5X9/W5o+98A8W7B
Jw4Gt7Xhdm8NGin1vkzEinic5QlyG0E32l8h4EcCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBSKQV+8fWascUMjIOwVulNrkNiS2DAfBgNVHSMEGDAWgBQl5K7T73K+4xQW
YNEUnhbQeSBfPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0plU3UwLTl5dnVNVUZtRFJGSjRXMEhrZ1h6dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjMzNmQwLTk0OTQtNDZkMy05ODYxLWVkM2UzOGY5NTc3Zi8x
L2lrRmZ2SDFtckhGREl5RHNGYnBUYTVEWWt0Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjMzNmQwLTk0OTQtNDZkMy05ODYxLWVkM2UzOGY5NTc3Zi8xL0plU3UwLTl5dnVN
VUZtRFJGSjRXMEhrZ1h6dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAB/A1AMEAB/A1gMEAFn8hjAMAwQA
WfyJAwQAWfyKAwQAWfyfAwQAn/0lMA0GCSqGSIb3DQEBCwUAA4IBAQAdZllJHIrB
ZnU2CMIZHFKcUmvELIcfsXEytznvV55/57FaXKjMLdtwshDzrjmU7TE6RWZ4gUo+
DevYWZgluxsGD/t1EjGAdGaeXZaIrpklUfBjeBUbIN2ZXYpNkWh/jLUc+6WlimTX
aCBzUsPsNH3m2iuge92kgLOIZBToSccVg8TL9iOMXvCGJF9pc9ZAIJsaJjCyDrDh
YxrYppPzRMMusP1DMWK9CM3Aaa9vqnOjBMlaQlfp0t6pJurBqmuZauV20pPGFwwj
2Rqv+hetr8PuSnuaKA5gjd4eRkPfg10xEqTkkrOZ/MifTc/efTynLLcXdLhgvgMX
LGIbrz58uwCP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:08 2024 by rpki-client on console-ams.rpki-client.org