Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/i8vEMQomUUhyleXusccI5UXJLlQ.roa
File: i8vEMQomUUhyleXusccI5UXJLlQ.roa (raw, json)
Hash identifier: lyT0tKyhq8xBb37O8wLCTCkN9tTfdBF9uVQ7u006cJs=
Subject key identifier: 8B:CB:C4:31:0A:26:51:48:72:95:E5:EE:B1:C7:08:E5:45:C9:2E:54
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 01829275FB52A1066F18A2C6FAC6D7338301
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/i8vEMQomUUhyleXusccI5UXJLlQ.roa
Signing time: Fri 12 Aug 2022 14:29:41 +0000
ROA not before: Fri 12 Aug 2022 14:29:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205771
IP address blocks: 89.21.65.0/24 maxlen: 24
128.127.149.0/24 maxlen: 24
128.127.150.0/24 maxlen: 24
213.166.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:92:75:fb:52:a1:06:6f:18:a2:c6:fa:c6:d7:33:83:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Aug 12 14:29:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bcbc4310a2651487295e5eeb1c708e545c92e54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:9e:b9:7f:36:6c:2c:53:7c:1f:c9:44:59:70:
ab:cd:74:e1:1e:1f:bc:1b:20:63:34:16:12:f9:43:
c7:e1:b9:9d:6d:07:df:71:71:07:2d:6c:e9:ca:39:
b9:c7:9f:e0:a4:32:62:37:b2:0b:0b:95:8d:bc:2e:
f1:84:87:a9:ef:b1:3b:61:32:10:2b:f7:1b:cc:1a:
b5:2e:26:6d:7e:31:4c:02:fd:a2:5b:1b:5e:f3:3a:
86:3d:89:23:cd:8b:ee:7c:64:c0:23:d9:f7:20:a8:
bf:27:b8:64:ff:62:d3:a2:82:f9:68:a6:5a:5d:12:
05:1d:31:b7:fd:55:cb:e7:bc:25:3c:76:31:14:04:
81:6e:e6:1a:4e:a6:0f:5d:b0:28:02:0b:cd:b3:bb:
dc:7d:78:b5:22:08:79:ba:86:f4:47:0b:6b:79:ac:
6a:a7:1a:24:49:aa:73:03:be:af:f8:b1:3f:c5:04:
78:4b:81:6e:ab:1e:ce:17:68:df:9f:9a:d3:b8:a8:
5c:1b:b5:0f:b4:50:06:1c:8b:35:34:8f:0b:9d:61:
f7:98:cf:db:f6:d7:fe:14:cb:db:33:bd:f9:67:99:
da:07:f8:e0:35:74:d2:29:5f:c5:b4:40:eb:c7:75:
f1:25:9c:ab:7a:16:26:32:57:2e:94:3f:a4:d1:af:
32:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:CB:C4:31:0A:26:51:48:72:95:E5:EE:B1:C7:08:E5:45:C9:2E:54
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/i8vEMQomUUhyleXusccI5UXJLlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.21.65.0/24
128.127.149.0-128.127.150.255
213.166.85.0/24
Signature Algorithm: sha256WithRSAEncryption
91:6f:0b:56:22:5b:92:59:f4:fe:de:9f:ec:81:cf:85:2e:f2:
a4:29:1a:4e:f1:09:dd:1e:db:ee:1c:3e:dc:02:7e:a3:1b:24:
a5:f8:67:75:01:5c:d8:ce:15:7f:02:4f:40:ba:8a:74:1f:74:
13:7d:3d:17:cf:7e:55:21:01:7c:ee:19:3c:08:a6:20:bb:47:
2f:d1:04:30:7f:ff:0f:fd:66:06:b0:4c:d9:dc:8f:00:33:52:
2a:93:ea:6f:57:b4:a1:2b:4e:2e:8d:00:fa:bc:fc:ca:f6:43:
31:af:28:fd:49:f1:83:c1:b0:ec:99:4e:8f:99:9a:bc:75:f1:
eb:2d:68:f1:79:fb:5c:a0:d2:f3:0f:1e:39:b8:5e:a3:ba:30:
0b:95:10:eb:e1:32:d6:8e:e3:bb:98:e4:b9:f8:3d:fd:90:98:
e6:fe:cd:ad:45:dd:47:04:5d:96:c5:06:3c:56:5f:2d:5c:30:
14:bb:f0:62:59:70:70:92:f8:6e:f8:9a:5f:2a:d1:7d:c4:a1:
2d:7c:70:b7:b2:36:e1:ac:41:61:93:2f:b4:d3:ce:13:8b:30:
77:dc:e8:c2:8e:61:f6:d5:31:9f:0e:71:3a:18:39:97:e8:c9:
c6:07:81:fa:52:0b:9a:85:cd:22:c1:ca:33:fd:08:10:39:b9:
44:b9:60:d2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYKSdftSoQZvGKLG+sbXM4MBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjIwODEyMTQyOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmNiYzQzMTBhMjY1MTQ4NzI5NWU1ZWViMWM3MDhlNTQ1YzkyZTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgp65fzZsLFN8H8lEWXCrzXThHh+8
GyBjNBYS+UPH4bmdbQffcXEHLWzpyjm5x5/gpDJiN7ILC5WNvC7xhIep77E7YTIQ
K/cbzBq1LiZtfjFMAv2iWxte8zqGPYkjzYvufGTAI9n3IKi/J7hk/2LTooL5aKZa
XRIFHTG3/VXL57wlPHYxFASBbuYaTqYPXbAoAgvNs7vcfXi1Igh5uob0Rwtreaxq
pxokSapzA76v+LE/xQR4S4Fuqx7OF2jfn5rTuKhcG7UPtFAGHIs1NI8LnWH3mM/b
9tf+FMvbM735Z5naB/jgNXTSKV/FtEDrx3XxJZyrehYmMlculD+k0a8yLwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIvLxDEKJlFIcpXl7rHHCOVFyS5UMB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvaTh2RU1Rb21VVWh5bGVYdXNjY0k1VVhKTGxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWRVBMAwD
BACAf5UDBACAf5YDBADVplUwDQYJKoZIhvcNAQELBQADggEBAJFvC1YiW5JZ9P7e
n+yBz4Uu8qQpGk7xCd0e2+4cPtwCfqMbJKX4Z3UBXNjOFX8CT0C6inQfdBN9PRfP
flUhAXzuGTwIpiC7Ry/RBDB//w/9ZgawTNncjwAzUiqT6m9XtKErTi6NAPq8/Mr2
QzGvKP1J8YPBsOyZTo+Zmrx18estaPF5+1yg0vMPHjm4XqO6MAuVEOvhMtaO47uY
5Ln4Pf2QmOb+za1F3UcEXZbFBjxWXy1cMBS78GJZcHCS+G74ml8q0X3EoS18cLey
NuGsQWGTL7TTzhOLMHfc6MKOYfbVMZ8OcToYOZfoycYHgfpSC5qFzSLByjP9CBA5
uUS5YNI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org