Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/RQb3gjWaws6pTe24Uf0EUUZ2eYk.roa
File: RQb3gjWaws6pTe24Uf0EUUZ2eYk.roa (raw, json)
Hash identifier: wuqHGFpA3D42Qe9frKJM2mXrGwb8fptpxIKzA9Hk6mg=
Subject key identifier: 45:06:F7:82:35:9A:C2:CE:A9:4D:ED:B8:51:FD:04:51:46:76:79:89
Certificate issuer: /CN=1242466f8f8645c9f39f04874ddadf0d7136f67f
Certificate serial: BA8C
Authority key identifier: 12:42:46:6F:8F:86:45:C9:F3:9F:04:87:4D:DA:DF:0D:71:36:F6:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EkJGb4-GRcnznwSHTdrfDXE29n8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/RQb3gjWaws6pTe24Uf0EUUZ2eYk.roa
Signing time: Sat 09 Apr 2022 10:12:26 +0000
ROA not before: Sat 09 Apr 2022 10:12:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206089
IP address blocks: 89.46.36.0/24 maxlen: 24
89.33.43.0/24 maxlen: 24
89.33.40.0/24 maxlen: 24
89.33.42.0/24 maxlen: 24
185.196.33.0/24 maxlen: 24
185.196.34.0/24 maxlen: 24
185.196.35.0/24 maxlen: 24
185.196.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47756 (0xba8c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1242466f8f8645c9f39f04874ddadf0d7136f67f
Validity
Not Before: Apr 9 10:12:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4506f782359ac2cea94dedb851fd045146767989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:94:bf:52:08:da:8f:e5:c6:23:96:f4:9e:e9:
06:af:29:f6:39:70:58:95:23:23:b8:c6:84:12:39:
09:c4:e5:7d:70:25:e6:47:56:4f:84:b4:ca:65:96:
c2:e1:cc:91:04:fd:8b:21:d1:19:36:a2:a8:a2:57:
d8:cc:0a:5b:97:37:c1:5e:65:d1:5b:e6:80:08:b9:
0a:f5:87:76:44:e6:9f:f6:d6:96:82:cb:8a:63:7a:
50:7c:d3:31:ad:31:58:5e:c1:2f:22:ad:c8:32:1b:
f5:2b:ff:c5:c4:c9:d1:9d:3c:d6:94:b2:9d:4a:8a:
6d:76:e6:ae:c8:f6:06:b2:b1:a5:1a:09:9e:8f:90:
0f:d0:66:62:84:81:30:c1:a2:f8:cb:a0:45:c9:e0:
24:04:29:20:09:74:04:f8:c0:5e:7a:2b:96:40:2a:
83:19:9c:cf:4d:be:54:02:84:3e:a1:07:29:15:b4:
92:bc:fd:20:78:c4:34:b7:23:59:2d:25:b8:41:6a:
9f:2b:d0:81:98:01:88:22:99:c9:7f:6e:d2:5e:6a:
d9:3c:db:d1:ee:ee:56:ac:d4:77:67:f6:f3:f5:06:
89:12:c7:e3:ca:6a:b6:c4:b5:8a:f9:1f:83:5b:19:
91:e3:2c:2c:15:6e:0e:e2:7d:2c:ae:47:eb:c9:3d:
bd:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:06:F7:82:35:9A:C2:CE:A9:4D:ED:B8:51:FD:04:51:46:76:79:89
X509v3 Authority Key Identifier:
keyid:12:42:46:6F:8F:86:45:C9:F3:9F:04:87:4D:DA:DF:0D:71:36:F6:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EkJGb4-GRcnznwSHTdrfDXE29n8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/RQb3gjWaws6pTe24Uf0EUUZ2eYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/EkJGb4-GRcnznwSHTdrfDXE29n8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.40.0/24
89.33.42.0/23
89.46.36.0/24
185.196.32.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:ee:cf:3b:b6:23:ce:ae:b3:ef:cf:cf:f6:a7:4d:bb:34:de:
7a:0c:cd:ab:fd:36:6e:2f:af:ca:18:c9:40:18:40:8b:95:19:
14:2f:71:37:87:b5:15:ae:dd:a2:7c:be:87:28:c1:d1:bf:3f:
2c:2a:fa:92:64:53:7a:03:bd:d7:78:cd:ca:52:35:6f:fe:3f:
0a:98:f8:8e:91:e3:8e:e4:f1:2c:ce:a8:4d:eb:15:77:50:f3:
9a:b5:82:a6:00:6f:88:48:89:53:e8:7a:3c:1c:86:ac:f3:7e:
f0:ad:9c:45:12:56:cf:c2:56:ce:9c:94:c9:9f:52:1b:f6:09:
77:cd:4b:a4:da:4e:4b:f1:7a:18:dc:c9:af:6b:3b:44:ab:77:
11:e7:1e:cd:5d:d6:72:1b:77:5f:50:61:cc:c8:d5:02:e6:48:
f3:b5:99:7e:ce:92:41:fc:92:72:39:1f:fc:03:75:74:5a:e8:
15:e1:12:c6:c9:fa:a5:c1:f0:01:ce:4e:71:fc:c7:54:0d:95:
86:98:c0:83:a1:38:78:cc:18:24:92:82:19:2e:23:a0:a0:88:
fb:cb:cf:a9:78:22:27:45:b9:5d:10:1f:20:12:4e:7f:58:ab:
14:a4:49:92:8d:64:02:ea:49:3d:c0:05:a3:a2:e8:54:7f:9b:
37:f5:6a:c1
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDALqMMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDEy
NDI0NjZmOGY4NjQ1YzlmMzlmMDQ4NzRkZGFkZjBkNzEzNmY2N2YwHhcNMjIwNDA5
MTAxMjI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg0NTA2Zjc4MjM1OWFj
MmNlYTk0ZGVkYjg1MWZkMDQ1MTQ2NzY3OTg5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvJS/Ugjaj+XGI5b0nukGryn2OXBYlSMjuMaEEjkJxOV9cCXm
R1ZPhLTKZZbC4cyRBP2LIdEZNqKoolfYzApblzfBXmXRW+aACLkK9Yd2ROaf9taW
gsuKY3pQfNMxrTFYXsEvIq3IMhv1K//FxMnRnTzWlLKdSoptduauyPYGsrGlGgme
j5AP0GZihIEwwaL4y6BFyeAkBCkgCXQE+MBeeiuWQCqDGZzPTb5UAoQ+oQcpFbSS
vP0geMQ0tyNZLSW4QWqfK9CBmAGIIpnJf27SXmrZPNvR7u5WrNR3Z/bz9QaJEsfj
ymq2xLWK+R+DWxmR4ywsFW4O4n0srkfryT29GwIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFEUG94I1msLOqU3tuFH9BFFGdnmJMB8GA1UdIwQYMBaAFBJCRm+PhkXJ858E
h03a3w1xNvZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RWtKR2I0LUdSY256bndTSFRkcmZEWEUyOW44LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMC85MzE0OWMtMDgyOS00ZmNkLWJkMzUtMGY1NWVhMzNhZmUzLzEv
UlFiM2dqV2F3czZwVGUyNFVmMEVVVVoyZVlrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85
MzE0OWMtMDgyOS00ZmNkLWJkMzUtMGY1NWVhMzNhZmUzLzEvRWtKR2I0LUdSY256
bndTSFRkcmZEWEUyOW44LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSEoAwQBWSEqAwQAWS4kAwQCucQg
MA0GCSqGSIb3DQEBCwUAA4IBAQAr7s87tiPOrrPvz8/2p027NN56DM2r/TZuL6/K
GMlAGECLlRkUL3E3h7UVrt2ifL6HKMHRvz8sKvqSZFN6A73XeM3KUjVv/j8KmPiO
keOO5PEszqhN6xV3UPOatYKmAG+ISIlT6Ho8HIas837wrZxFElbPwlbOnJTJn1Ib
9gl3zUuk2k5L8XoY3MmvaztEq3cR5x7NXdZyG3dfUGHMyNUC5kjztZl+zpJB/JJy
OR/8A3V0WugV4RLGyfqlwfABzk5x/MdUDZWGmMCDoTh4zBgkkoIZLiOgoIj7y8+p
eCInRbldEB8gEk5/WKsUpEmSjWQC6kk9wAWjouhUf5s39WrB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:02 2023 by rpki-client on console-ams.rpki-client.org