Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/j7bV9EvoE_tIEIByjdvh5sPsF2A.roa
File: j7bV9EvoE_tIEIByjdvh5sPsF2A.roa (raw, json)
Hash identifier: RQ1ODuWC0NmhxW4Z+XNud6VRnPYBmXcplZw5+PRjDhY=
Subject key identifier: 8F:B6:D5:F4:4B:E8:13:FB:48:10:80:72:8D:DB:E1:E6:C3:EC:17:60
Certificate issuer: /CN=a733bd111fd8cb76f4883bbbcbfda59db66ed2de
Certificate serial: 01823F509A3B6F3CD44CDCD5A9076C6C46A0
Authority key identifier: A7:33:BD:11:1F:D8:CB:76:F4:88:3B:BB:CB:FD:A5:9D:B6:6E:D2:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/j7bV9EvoE_tIEIByjdvh5sPsF2A.roa
Signing time: Wed 27 Jul 2022 11:00:23 +0000
ROA not before: Wed 27 Jul 2022 11:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201010
IP address blocks: 185.89.24.0/22 maxlen: 24
2a05:d500::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3f:50:9a:3b:6f:3c:d4:4c:dc:d5:a9:07:6c:6c:46:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a733bd111fd8cb76f4883bbbcbfda59db66ed2de
Validity
Not Before: Jul 27 11:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8fb6d5f44be813fb481080728ddbe1e6c3ec1760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:c1:9e:c6:17:db:c1:55:44:2b:89:59:2b:fe:
84:e9:04:3e:4c:6f:2a:63:6c:c6:de:36:74:58:85:
0e:f1:d0:0f:02:46:b5:9b:20:05:87:d2:c1:7e:54:
27:ea:18:54:98:36:ed:87:58:17:08:8e:5b:e0:db:
c5:a4:df:ef:c2:d5:75:26:b1:3f:45:4d:a6:14:07:
7d:56:9d:c2:4c:04:07:f2:8f:4d:e8:70:08:b8:02:
9f:c8:11:6b:fc:e2:ca:38:18:01:67:f2:0c:a2:41:
e9:ac:7e:9d:46:38:33:c1:b5:fc:7b:d4:78:54:b7:
2e:24:fd:63:bd:30:3a:fe:f8:c7:b9:25:57:3d:be:
5c:ee:7b:f5:17:b3:5f:2d:9c:d4:4a:f7:a7:d2:18:
26:59:66:2e:b6:94:a7:4e:91:8d:e4:d6:c0:51:a9:
9a:ba:c3:f7:ec:df:cd:f1:a9:10:13:7c:93:8f:74:
15:47:58:f6:72:7e:1f:2d:9c:fa:04:6e:6a:21:02:
41:c7:31:92:b0:f8:c0:3f:82:29:f6:a4:55:90:57:
14:0c:0b:7d:94:ff:67:8b:f6:4d:2f:db:9e:76:3d:
5b:48:7f:c7:58:9b:69:96:20:f3:7b:73:42:41:f4:
1f:6f:be:d8:57:65:40:21:ce:34:fa:da:42:5b:ac:
4f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B6:D5:F4:4B:E8:13:FB:48:10:80:72:8D:DB:E1:E6:C3:EC:17:60
X509v3 Authority Key Identifier:
keyid:A7:33:BD:11:1F:D8:CB:76:F4:88:3B:BB:CB:FD:A5:9D:B6:6E:D2:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/j7bV9EvoE_tIEIByjdvh5sPsF2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.24.0/22
IPv6:
2a05:d500::/29
Signature Algorithm: sha256WithRSAEncryption
95:76:b9:f9:b3:7c:eb:c3:20:38:20:04:3c:08:bc:79:64:b9:
0e:00:8f:f9:6d:27:72:0d:f9:ce:93:64:45:cd:89:49:37:b3:
cd:c0:e4:e5:a5:e2:69:3b:e8:b4:34:dc:a4:ed:02:46:fe:f5:
09:93:e0:fb:ed:d3:e3:ad:f1:de:3b:db:a2:f5:87:99:4e:27:
31:31:b5:99:48:3e:49:f3:ab:3b:4e:38:be:1c:64:52:fe:eb:
6e:79:9a:07:da:d8:62:9f:30:ba:51:47:70:6e:3a:93:e9:68:
9c:9d:30:86:6c:47:43:c3:3c:ab:2d:d9:95:0c:03:c5:ed:f9:
34:0a:95:13:7c:6a:1b:84:04:e4:a2:c4:aa:f4:e6:27:a2:5b:
89:f0:03:16:85:8d:bb:cb:11:53:66:68:ce:8f:4f:d0:88:cc:
9d:62:53:8b:26:a6:71:08:af:40:6a:45:61:ed:72:a1:cf:37:
39:ae:29:94:5d:2f:14:11:ef:06:ae:cd:e2:51:bc:76:de:92:
09:ca:11:7a:4b:a9:50:d7:3c:4e:6b:56:fb:d6:0b:2f:a6:f5:
c7:e9:99:24:58:ae:44:25:fc:c8:6f:34:b6:0d:7d:8e:49:ab:
a3:0d:2d:34:40:ce:b1:77:8a:3e:d8:01:94:24:f2:57:06:69:
12:d6:e5:c0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYI/UJo7bzzUTNzVqQdsbEagMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MzNiZDExMWZkOGNiNzZmNDg4M2JiYmNiZmRhNTlkYjY2
ZWQyZGUwHhcNMjIwNzI3MTEwMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmI2ZDVmNDRiZTgxM2ZiNDgxMDgwNzI4ZGRiZTFlNmMzZWMxNzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6sGexhfbwVVEK4lZK/6E6QQ+TG8q
Y2zG3jZ0WIUO8dAPAka1myAFh9LBflQn6hhUmDbth1gXCI5b4NvFpN/vwtV1JrE/
RU2mFAd9Vp3CTAQH8o9N6HAIuAKfyBFr/OLKOBgBZ/IMokHprH6dRjgzwbX8e9R4
VLcuJP1jvTA6/vjHuSVXPb5c7nv1F7NfLZzUSven0hgmWWYutpSnTpGN5NbAUama
usP37N/N8akQE3yTj3QVR1j2cn4fLZz6BG5qIQJBxzGSsPjAP4Ip9qRVkFcUDAt9
lP9ni/ZNL9uedj1bSH/HWJtpliDze3NCQfQfb77YV2VAIc40+tpCW6xPFwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI+21fRL6BP7SBCAco3b4ebD7BdgMB8GA1UdIwQY
MBaAFKczvREf2Mt29Ig7u8v9pZ22btLeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHpPOUVSX1l5M2IwaUR1N3lfMmxuYlp1MHQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wNzNiMTktMDgzOS00M2FjLThiNWIt
MDhjZWQ5MmM5NzcwLzEvajdiVjlFdm9FX3RJRUlCeWpkdmg1c1BzRjJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wNzNiMTktMDgzOS00M2FjLThiNWItMDhjZWQ5MmM5Nzcw
LzEvcHpPOUVSX1l5M2IwaUR1N3lfMmxuYlp1MHQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVkYMA0E
AgACMAcDBQMqBdUAMA0GCSqGSIb3DQEBCwUAA4IBAQCVdrn5s3zrwyA4IAQ8CLx5
ZLkOAI/5bSdyDfnOk2RFzYlJN7PNwOTlpeJpO+i0NNyk7QJG/vUJk+D77dPjrfHe
O9ui9YeZTicxMbWZSD5J86s7Tji+HGRS/utueZoH2thinzC6UUdwbjqT6WicnTCG
bEdDwzyrLdmVDAPF7fk0CpUTfGobhATkosSq9OYnoluJ8AMWhY27yxFTZmjOj0/Q
iMydYlOLJqZxCK9AakVh7XKhzzc5rimUXS8UEe8Grs3iUbx23pIJyhF6S6lQ1zxO
a1b71gsvpvXH6ZkkWK5EJfzIbzS2DX2OSaujDS00QM6xd4o+2AGUJPJXBmkS1uXA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:43 2025 by rpki-client