Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/T9AIkaUvVDxFLNeKW2-_IGbpnpk.roa
File: T9AIkaUvVDxFLNeKW2-_IGbpnpk.roa (raw, json)
Hash identifier: e9lewKlXPLMB2jqT+bVHjFaz5xgY6DTed3GH4ASY9wg=
Subject key identifier: 4F:D0:08:91:A5:2F:54:3C:45:2C:D7:8A:5B:6F:BF:20:66:E9:9E:99
Certificate issuer: /CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Certificate serial: 10AE9738
Authority key identifier: D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/T9AIkaUvVDxFLNeKW2-_IGbpnpk.roa
Signing time: Tue 14 Jun 2022 13:43:44 +0000
ROA not before: Tue 14 Jun 2022 13:43:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24611
IP address blocks: 89.41.248.0/21 maxlen: 24
89.37.200.0/21 maxlen: 24
80.92.64.0/19 maxlen: 24
94.177.88.0/21 maxlen: 24
31.216.144.0/21 maxlen: 24
2001:b20::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279877432 (0x10ae9738)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Validity
Not Before: Jun 14 13:43:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4fd00891a52f543c452cd78a5b6fbf2066e99e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:57:b1:40:49:ef:d8:01:a2:a4:50:b1:55:9c:
aa:55:55:86:e3:38:d4:af:c8:b8:7e:c2:e7:f6:0d:
fa:ce:9e:b3:77:40:f5:8f:fb:10:3a:2a:9a:ef:eb:
72:0f:93:79:47:71:47:51:cd:ab:5f:84:23:f8:f8:
cc:34:3f:43:85:eb:c0:ed:37:5e:2b:cb:dc:c4:08:
33:77:80:2d:01:8a:ac:69:f2:37:bc:77:b4:5b:87:
92:f7:5e:e3:8f:93:7d:b3:cd:c4:28:4d:f8:22:10:
82:ab:72:aa:a6:17:99:f5:df:42:7f:3c:e0:4d:57:
6b:52:ea:9d:bf:2f:10:2b:c0:09:23:bc:63:ca:94:
dd:ee:15:f9:e9:07:f8:ff:97:0b:b2:0f:39:10:51:
b9:dd:53:47:92:a7:99:ba:d9:13:8b:7e:74:8e:c2:
75:af:91:24:c5:2d:6d:4e:b3:09:4e:2d:36:3c:06:
c3:0d:eb:48:c6:c3:c1:fc:82:b1:b6:3b:3b:91:d8:
ff:9c:ec:99:d8:53:c6:94:70:51:4b:61:15:a2:ce:
8f:ac:3e:b0:e9:3d:d4:ac:4a:97:2f:bf:6c:c7:56:
aa:3c:00:45:69:b3:99:6e:e0:7f:5d:b5:73:64:c7:
6d:17:fa:f3:e5:f6:87:2e:ca:98:9b:03:33:0c:1b:
96:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:D0:08:91:A5:2F:54:3C:45:2C:D7:8A:5B:6F:BF:20:66:E9:9E:99
X509v3 Authority Key Identifier:
keyid:D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/T9AIkaUvVDxFLNeKW2-_IGbpnpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/0QENo1diQjJM77LIHBM5psDjtAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.144.0/21
80.92.64.0/19
89.37.200.0/21
89.41.248.0/21
94.177.88.0/21
IPv6:
2001:b20::/29
Signature Algorithm: sha256WithRSAEncryption
4b:c0:2b:33:39:e3:a9:8e:8d:87:70:2d:dd:2d:09:a3:d6:a3:
fc:cb:69:b8:cc:2b:45:a9:61:5d:24:8c:0f:3b:c5:ba:a8:7c:
38:b8:50:63:be:74:8d:79:a1:9d:3a:b1:32:70:1d:16:ca:bc:
c4:7e:90:10:68:21:ed:ba:a9:72:05:ce:30:09:3b:2c:c7:56:
18:90:4c:7e:f1:81:b8:2a:69:78:99:66:a9:29:58:de:14:80:
e0:f2:5d:bf:3d:6e:d9:62:e3:c0:1c:32:f0:90:4b:c7:34:52:
66:95:5e:00:e9:36:c0:8a:82:69:75:c4:87:d8:09:68:5d:a7:
a0:f8:34:e8:43:76:d0:b8:d8:a2:a7:09:d7:6d:81:b3:86:aa:
03:91:7c:62:74:b4:b7:4c:cd:36:91:60:2f:0e:50:c5:1b:67:
ff:37:50:fe:62:5b:50:26:08:29:7f:29:b5:e7:08:eb:87:d3:
90:1e:44:35:77:ab:24:af:53:8f:23:98:25:bd:e3:6e:37:bb:
00:e8:16:df:7f:7d:60:de:d0:c2:07:77:4b:d2:72:fb:1d:4f:
50:60:67:3a:8c:53:9f:a0:98:65:a5:3a:51:87:67:ba:c6:64:
11:0b:c7:f1:91:ef:35:ec:57:df:35:32:fc:25:d3:fe:fa:a5:
43:c1:a6:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEEK6XODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTAxMGRhMzU3NjI0MjMyNGNlZmIyYzgxYzEzMzlhNmMwZTNiNDAzMB4XDTIyMDYx
NDEzNDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGZkMDA4OTFhNTJm
NTQzYzQ1MmNkNzhhNWI2ZmJmMjA2NmU5OWU5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVXsUBJ79gBoqRQsVWcqlVVhuM41K/IuH7C5/YN+s6es3dA
9Y/7EDoqmu/rcg+TeUdxR1HNq1+EI/j4zDQ/Q4XrwO03XivL3MQIM3eALQGKrGny
N7x3tFuHkvde44+TfbPNxChN+CIQgqtyqqYXmfXfQn884E1Xa1Lqnb8vECvACSO8
Y8qU3e4V+ekH+P+XC7IPORBRud1TR5KnmbrZE4t+dI7Cda+RJMUtbU6zCU4tNjwG
ww3rSMbDwfyCsbY7O5HY/5zsmdhTxpRwUUthFaLOj6w+sOk91KxKly+/bMdWqjwA
RWmzmW7gf121c2THbRf68+X2hy7KmJsDMwwblpMCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRP0AiRpS9UPEUs14pbb78gZumemTAfBgNVHSMEGDAWgBTRAQ2jV2JCMkzv
ssgcEzmmwOO0AzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBRRU5vMWRpUWpKTTc3TElIQk01cHNEanRBTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvNTc3YjExLTcwMDktNDg2Yy05MDEwLWE3MDQxMmZiYzgzMi8x
L1Q5QUlrYVV2VkR4RkxOZUtXMi1fSUdicG5way5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
NTc3YjExLTcwMDktNDg2Yy05MDEwLWE3MDQxMmZiYzgzMi8xLzBRRU5vMWRpUWpK
TTc3TElIQk01cHNEanRBTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAx/YkAMEBVBcQAMEA1klyAMEA1kp
+AMEA16xWDANBAIAAjAHAwUDIAELIDANBgkqhkiG9w0BAQsFAAOCAQEAS8ArMznj
qY6Nh3At3S0Jo9aj/MtpuMwrRalhXSSMDzvFuqh8OLhQY750jXmhnTqxMnAdFsq8
xH6QEGgh7bqpcgXOMAk7LMdWGJBMfvGBuCppeJlmqSlY3hSA4PJdvz1u2WLjwBwy
8JBLxzRSZpVeAOk2wIqCaXXEh9gJaF2noPg06EN20LjYoqcJ122Bs4aqA5F8YnS0
t0zNNpFgLw5QxRtn/zdQ/mJbUCYIKX8ptecI64fTkB5ENXerJK9TjyOYJb3jbje7
AOgW3399YN7Qwgd3S9Jy+x1PUGBnOoxTn6CYZaU6UYdnusZkEQvH8ZHvNexX3zUy
/CXT/vqlQ8Gmwg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:19 2025 by rpki-client