Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/iyZ3FwHXjI1ij84ELt4ptCrGzBw.roa
File: iyZ3FwHXjI1ij84ELt4ptCrGzBw.roa (raw, json)
Hash identifier: i5CK8cQqrV8IBAja8Bir3o4mn9xyW91ddw61owzw4j0=
Subject key identifier: 8B:26:77:17:01:D7:8C:8D:62:8F:CE:04:2E:DE:29:B4:2A:C6:CC:1C
Certificate issuer: /CN=89887de01d8b1cbd50b75dbac91339f6617a4d8a
Certificate serial: 051CC7A7
Authority key identifier: 89:88:7D:E0:1D:8B:1C:BD:50:B7:5D:BA:C9:13:39:F6:61:7A:4D:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iYh94B2LHL1Qt126yRM59mF6TYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/iyZ3FwHXjI1ij84ELt4ptCrGzBw.roa
Signing time: Sat 01 Jan 2022 13:55:11 +0000
ROA not before: Sat 01 Jan 2022 13:55:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47806
IP address blocks: 152.89.145.0/24 maxlen: 24
152.89.144.0/22 maxlen: 22
152.89.144.0/24 maxlen: 24
152.89.144.0/23 maxlen: 23
152.89.147.0/24 maxlen: 24
152.89.146.0/23 maxlen: 23
152.89.146.0/24 maxlen: 24
185.251.210.0/24 maxlen: 24
185.251.210.0/23 maxlen: 23
185.251.209.0/24 maxlen: 24
185.251.208.0/24 maxlen: 24
185.251.208.0/22 maxlen: 22
185.251.208.0/23 maxlen: 23
185.251.211.0/24 maxlen: 24
93.88.31.0/24 maxlen: 24
93.88.30.0/23 maxlen: 23
93.88.30.0/24 maxlen: 24
93.88.28.0/22 maxlen: 22
93.88.29.0/24 maxlen: 24
93.88.28.0/24 maxlen: 24
93.88.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85772199 (0x51cc7a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89887de01d8b1cbd50b75dbac91339f6617a4d8a
Validity
Not Before: Jan 1 13:55:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b26771701d78c8d628fce042ede29b42ac6cc1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:28:56:c7:0b:b7:d6:1b:99:56:29:a0:48:6a:
58:ca:ee:f2:0a:04:f6:d8:c6:09:4e:89:de:69:79:
32:6c:8e:96:73:87:84:9e:47:cd:5a:3f:d5:25:74:
d8:a9:08:1a:b5:ff:6c:31:f0:92:41:5b:c2:91:a5:
bd:79:ea:fb:83:8d:a0:95:36:20:e5:40:d6:82:2f:
66:4f:d9:da:e6:dd:e6:4e:fe:d1:c5:d6:83:96:9c:
ee:e8:af:db:3d:4d:cd:8f:3c:88:5f:cc:66:79:9d:
5f:31:6c:a4:03:e4:04:18:8f:f1:3a:84:73:1f:b4:
95:63:73:f9:69:a1:a5:b0:d7:f1:1a:f1:49:36:8a:
d6:a1:6d:51:8d:f7:93:a7:09:51:da:c1:ac:27:51:
83:6a:25:ec:7d:55:e7:97:e9:6d:df:3e:29:e8:8c:
f2:9f:aa:d0:99:1a:17:38:60:44:1a:4f:06:59:1f:
3f:3b:86:f5:f2:5d:5c:51:74:7f:29:43:c3:f3:09:
49:a5:af:a2:d9:b8:5c:94:8a:04:a4:6b:ec:fd:30:
c1:79:cb:bd:30:44:a4:c0:5c:87:68:79:59:e1:4d:
5e:17:a7:89:fc:57:2b:7f:d6:be:79:b4:a0:7e:e5:
33:90:f5:47:b4:eb:24:7b:f6:6b:78:b5:79:26:22:
1c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:26:77:17:01:D7:8C:8D:62:8F:CE:04:2E:DE:29:B4:2A:C6:CC:1C
X509v3 Authority Key Identifier:
keyid:89:88:7D:E0:1D:8B:1C:BD:50:B7:5D:BA:C9:13:39:F6:61:7A:4D:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iYh94B2LHL1Qt126yRM59mF6TYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/iyZ3FwHXjI1ij84ELt4ptCrGzBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9ce742-0c5d-4c34-8765-5ed5157ced0a/1/iYh94B2LHL1Qt126yRM59mF6TYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.28.0/22
152.89.144.0/22
185.251.208.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:5f:b0:cd:5d:7f:2b:85:ae:4a:86:77:3b:54:61:cd:45:21:
59:fc:c5:08:6c:da:a4:2c:1c:ed:07:1b:d7:46:de:20:14:af:
f8:33:8a:d5:52:05:47:99:2d:f6:79:92:d2:2a:82:2d:a4:61:
75:51:36:56:f6:a1:4d:a5:ff:bc:87:06:f3:b9:c7:c1:c2:db:
f6:8f:cf:2d:49:0d:f9:86:d2:5d:7e:16:b7:d9:5a:42:d7:0c:
1d:34:c7:e2:cc:be:40:bb:8f:47:92:fa:2e:de:28:81:f6:2b:
a9:51:f8:4c:cf:8a:56:5e:48:10:c3:6f:7f:07:6e:d0:ca:b3:
ef:67:46:44:24:94:7b:57:08:dd:9c:b9:1e:7e:d4:10:5b:7e:
22:f9:f2:88:4a:08:aa:a4:18:27:aa:94:58:5a:08:c3:bf:ac:
45:01:14:ab:c7:13:ab:42:1d:20:d3:c4:bb:85:56:99:5f:ed:
4c:af:e1:02:24:b9:46:02:3c:b5:e0:2c:61:5b:66:13:f1:00:
6c:2b:85:ae:fa:84:2b:61:93:41:47:bd:cf:bd:d8:c9:f0:55:
38:9f:9f:b4:8e:cc:8f:2d:3d:8f:98:cd:c1:4f:5a:0d:2b:0e:
0a:83:b5:bb:f0:b4:19:40:fe:1b:55:20:9f:50:cb:31:10:56:
da:f2:b6:79
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBRzHpzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTg4N2RlMDFkOGIxY2JkNTBiNzVkYmFjOTEzMzlmNjYxN2E0ZDhhMB4XDTIyMDEw
MTEzNTUxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGIyNjc3MTcwMWQ3
OGM4ZDYyOGZjZTA0MmVkZTI5YjQyYWM2Y2MxYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4oVscLt9YbmVYpoEhqWMru8goE9tjGCU6J3ml5MmyOlnOH
hJ5HzVo/1SV02KkIGrX/bDHwkkFbwpGlvXnq+4ONoJU2IOVA1oIvZk/Z2ubd5k7+
0cXWg5ac7uiv2z1NzY88iF/MZnmdXzFspAPkBBiP8TqEcx+0lWNz+WmhpbDX8Rrx
STaK1qFtUY33k6cJUdrBrCdRg2ol7H1V55fpbd8+KeiM8p+q0JkaFzhgRBpPBlkf
PzuG9fJdXFF0fylDw/MJSaWvotm4XJSKBKRr7P0wwXnLvTBEpMBch2h5WeFNXhen
ifxXK3/Wvnm0oH7lM5D1R7TrJHv2a3i1eSYiHA0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSLJncXAdeMjWKPzgQu3im0KsbMHDAfBgNVHSMEGDAWgBSJiH3gHYscvVC3
XbrJEzn2YXpNijAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lZaDk0QjJMSEwxUXQxMjZ5Uk01OW1GNlRZby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvOWNlNzQyLTBjNWQtNGMzNC04NzY1LTVlZDUxNTdjZWQwYS8x
L2l5WjNGd0hYakkxaWo4NEVMdDRwdENyR3pCdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
OWNlNzQyLTBjNWQtNGMzNC04NzY1LTVlZDUxNTdjZWQwYS8xL2lZaDk0QjJMSEwx
UXQxMjZ5Uk01OW1GNlRZby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAl1YHAMEAphZkAMEArn70DANBgkq
hkiG9w0BAQsFAAOCAQEAjF+wzV1/K4WuSoZ3O1RhzUUhWfzFCGzapCwc7Qcb10be
IBSv+DOK1VIFR5kt9nmS0iqCLaRhdVE2VvahTaX/vIcG87nHwcLb9o/PLUkN+YbS
XX4Wt9laQtcMHTTH4sy+QLuPR5L6Lt4ogfYrqVH4TM+KVl5IEMNvfwdu0Mqz72dG
RCSUe1cI3Zy5Hn7UEFt+IvnyiEoIqqQYJ6qUWFoIw7+sRQEUq8cTq0IdINPEu4VW
mV/tTK/hAiS5RgI8teAsYVtmE/EAbCuFrvqEK2GTQUe9z73YyfBVOJ+ftI7Mjy09
j5jNwU9aDSsOCoO1u/C0GUD+G1Ugn1DLMRBW2vK2eQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:41 2024 by rpki-client on console-ams.rpki-client.org