Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/57b7a3-a739-4262-8b01-0c3d4e31eba4/1/3PPkAzxFLB4G5o0TsrlT6dxsRaY.roa
File: 3PPkAzxFLB4G5o0TsrlT6dxsRaY.roa (raw, json)
Hash identifier: aDt7HJb1HcUDcbfnSz1e+25iaX87CaL+bQS2aoBLoMI=
Subject key identifier: DC:F3:E4:03:3C:45:2C:1E:06:E6:8D:13:B2:B9:53:E9:DC:6C:45:A6
Certificate issuer: /CN=89c31770db729895c6c3fd93375e5cd5613ef36a
Certificate serial: 0DA13E3B
Authority key identifier: 89:C3:17:70:DB:72:98:95:C6:C3:FD:93:37:5E:5C:D5:61:3E:F3:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/icMXcNtymJXGw_2TN15c1WE-82o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/57b7a3-a739-4262-8b01-0c3d4e31eba4/1/3PPkAzxFLB4G5o0TsrlT6dxsRaY.roa
Signing time: Sat 01 Jan 2022 08:55:29 +0000
ROA not before: Sat 01 Jan 2022 08:55:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200991
IP address blocks: 185.89.80.0/22 maxlen: 22
2a03:82e0:ffff::/48 maxlen: 48
2a03:82e0:1000::/36 maxlen: 36
2a03:82e0::/36 maxlen: 36
2a03:82e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 228671035 (0xda13e3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89c31770db729895c6c3fd93375e5cd5613ef36a
Validity
Not Before: Jan 1 08:55:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dcf3e4033c452c1e06e68d13b2b953e9dc6c45a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:15:c4:f8:32:a0:f3:f8:f2:e8:ef:2c:98:07:
30:4e:bd:77:3b:f2:2e:60:eb:a3:bc:12:be:16:5a:
07:d0:a0:92:95:33:35:35:a3:2b:72:f5:d3:c4:81:
7e:7c:8b:08:07:0f:2a:c1:05:90:6d:bd:9a:7f:0e:
83:08:27:55:ac:75:d0:ef:49:95:65:42:ef:9d:5c:
bb:14:a4:87:f0:2f:a5:68:a8:e5:e6:be:05:2b:72:
06:3f:a7:77:b5:02:9b:54:4c:f5:61:60:98:45:df:
69:b7:08:94:df:52:23:bf:dd:f8:18:b1:22:e8:69:
50:e0:70:a1:34:70:b0:17:4e:15:ae:05:c3:e5:c3:
ae:ce:76:9f:a9:71:a9:f9:9d:be:eb:42:59:a4:92:
d9:fa:64:ce:e1:19:ad:6c:2d:f6:7b:5c:af:0b:77:
68:cf:c9:89:87:b9:a2:9a:57:bf:e2:0a:a1:49:b1:
fa:06:42:85:a6:f0:47:5f:17:da:12:9a:bf:03:90:
28:f1:89:0e:79:c9:f4:43:63:9d:43:23:5f:b0:c5:
14:06:cd:c9:17:8e:90:94:3a:e9:c7:7b:88:3d:be:
72:37:55:ba:f4:05:8e:7b:6b:91:3e:5a:f9:22:17:
29:3d:64:72:d3:9b:27:1d:f1:b9:00:67:17:e3:65:
73:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:F3:E4:03:3C:45:2C:1E:06:E6:8D:13:B2:B9:53:E9:DC:6C:45:A6
X509v3 Authority Key Identifier:
keyid:89:C3:17:70:DB:72:98:95:C6:C3:FD:93:37:5E:5C:D5:61:3E:F3:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/icMXcNtymJXGw_2TN15c1WE-82o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/57b7a3-a739-4262-8b01-0c3d4e31eba4/1/3PPkAzxFLB4G5o0TsrlT6dxsRaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/57b7a3-a739-4262-8b01-0c3d4e31eba4/1/icMXcNtymJXGw_2TN15c1WE-82o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.80.0/22
IPv6:
2a03:82e0::/32
Signature Algorithm: sha256WithRSAEncryption
07:8a:f3:2f:15:62:a7:73:df:8d:39:0c:65:5a:2a:23:b1:73:
31:b1:60:4f:01:ed:59:24:0a:bb:3d:ad:b1:c4:4e:c8:ef:16:
48:36:6c:b8:2f:cd:2b:ac:59:d4:79:0a:4e:df:91:73:91:02:
8c:c7:d9:ce:31:e6:13:20:17:53:c9:5f:b0:67:2d:e2:e9:fd:
57:6f:9e:02:0e:ec:af:25:b3:86:3a:8b:f7:a8:d2:34:17:c6:
20:cb:4c:f5:4e:a6:4d:6c:ab:70:7a:f0:58:a2:4c:7e:85:ba:
86:72:89:be:04:24:32:9d:99:89:4f:24:49:8d:a6:83:7b:28:
31:39:97:00:6b:61:8d:e3:64:04:90:4f:d0:1b:11:b1:5c:17:
3f:4c:ce:0f:83:ea:72:be:e1:8e:b9:75:ae:b6:2c:6b:ed:f4:
ae:74:79:3c:e7:cc:6b:8b:5d:63:87:7c:1a:1d:58:18:da:68:
20:54:22:a0:7c:51:6b:2d:f2:ac:2c:16:aa:7c:9d:49:0b:cd:
cf:e9:01:45:0f:ac:48:c8:6a:a4:76:9c:29:fb:df:fe:85:8b:
9a:9e:9a:77:f7:b5:f8:ee:c9:87:ac:07:13:ca:64:55:5d:b8:
ae:ec:10:66:d0:65:fb:86:7d:06:2e:94:ee:ad:51:e7:3e:e2:
b2:71:bf:50
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDaE+OzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OWMzMTc3MGRiNzI5ODk1YzZjM2ZkOTMzNzVlNWNkNTYxM2VmMzZhMB4XDTIyMDEw
MTA4NTUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNmM2U0MDMzYzQ1
MmMxZTA2ZTY4ZDEzYjJiOTUzZTlkYzZjNDVhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO8VxPgyoPP48ujvLJgHME69dzvyLmDro7wSvhZaB9CgkpUz
NTWjK3L108SBfnyLCAcPKsEFkG29mn8OgwgnVax10O9JlWVC751cuxSkh/AvpWio
5ea+BStyBj+nd7UCm1RM9WFgmEXfabcIlN9SI7/d+BixIuhpUOBwoTRwsBdOFa4F
w+XDrs52n6lxqfmdvutCWaSS2fpkzuEZrWwt9ntcrwt3aM/JiYe5oppXv+IKoUmx
+gZChabwR18X2hKavwOQKPGJDnnJ9ENjnUMjX7DFFAbNyReOkJQ66cd7iD2+cjdV
uvQFjntrkT5a+SIXKT1kctObJx3xuQBnF+Nlc+ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTc8+QDPEUsHgbmjROyuVPp3GxFpjAfBgNVHSMEGDAWgBSJwxdw23KYlcbD
/ZM3XlzVYT7zajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ljTVhjTnR5bUpYR3dfMlROMTVjMVdFLTgyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvNTdiN2EzLWE3MzktNDI2Mi04YjAxLTBjM2Q0ZTMxZWJhNC8x
LzNQUGtBenhGTEI0RzVvMFRzcmxUNmR4c1JhWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
NTdiN2EzLWE3MzktNDI2Mi04YjAxLTBjM2Q0ZTMxZWJhNC8xL2ljTVhjTnR5bUpY
R3dfMlROMTVjMVdFLTgyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlZUDANBAIAAjAHAwUAKgOC4DAN
BgkqhkiG9w0BAQsFAAOCAQEAB4rzLxVip3PfjTkMZVoqI7FzMbFgTwHtWSQKuz2t
scROyO8WSDZsuC/NK6xZ1HkKTt+Rc5ECjMfZzjHmEyAXU8lfsGct4un9V2+eAg7s
ryWzhjqL96jSNBfGIMtM9U6mTWyrcHrwWKJMfoW6hnKJvgQkMp2ZiU8kSY2mg3so
MTmXAGthjeNkBJBP0BsRsVwXP0zOD4Pqcr7hjrl1rrYsa+30rnR5POfMa4tdY4d8
Gh1YGNpoIFQioHxRay3yrCwWqnydSQvNz+kBRQ+sSMhqpHacKfvf/oWLmp6ad/e1
+O7Jh6wHE8pkVV24ruwQZtBl+4Z9Bi6U7q1R5z7isnG/UA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:31 2025 by rpki-client