Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l8TKRNa8Uctx1Uk3nGuuJM9MDBM.roa
File: l8TKRNa8Uctx1Uk3nGuuJM9MDBM.roa (raw, json)
Hash identifier: +YAbFJMBCXbBb+n2gcSTWHwWLy5hKh96575ruq/YeH4=
Subject key identifier: 97:C4:CA:44:D6:BC:51:CB:71:D5:49:37:9C:6B:AE:24:CF:4C:0C:13
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A220C3617C51404F48CD7E5F9BA4E1A33
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l8TKRNa8Uctx1Uk3nGuuJM9MDBM.roa
Signing time: Wed 23 Aug 2023 10:59:00 +0000
ROA not before: Wed 23 Aug 2023 10:59:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197842
IP address blocks: 87.120.69.0/24 maxlen: 24
87.120.68.0/24 maxlen: 24
164.40.185.0/24 maxlen: 24
93.123.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:0c:36:17:c5:14:04:f4:8c:d7:e5:f9:ba:4e:1a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 23 10:59:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97c4ca44d6bc51cb71d549379c6bae24cf4c0c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:fb:d7:a0:5d:62:85:d8:31:46:99:a9:62:63:
22:75:45:d8:c4:ad:0d:e2:bf:5f:f9:82:09:4d:44:
7f:9d:eb:c5:03:7f:ba:4e:65:f6:5a:06:80:36:15:
c4:32:ac:12:ef:3a:25:72:61:ac:b0:56:c4:3a:e6:
52:b1:30:57:4f:7f:68:8b:2d:cc:2b:b3:81:f4:fa:
ef:13:2e:11:af:24:c9:dd:ac:aa:5f:43:19:e7:b4:
78:3a:5c:5a:c5:22:27:02:e2:c6:45:7d:cd:dc:82:
1c:f1:19:c0:48:df:c0:bf:37:ed:45:9d:e5:65:49:
c2:60:65:2b:72:88:cb:5a:3a:01:27:d9:29:18:23:
e4:9b:a1:49:f0:94:aa:f7:cf:77:69:58:65:66:7f:
63:7d:ed:5f:fc:ea:e6:77:c4:a1:1a:71:87:27:cc:
7b:b2:69:30:4b:d0:aa:88:57:58:f7:b9:82:c7:57:
ca:0e:95:72:b2:54:3f:ad:35:84:6e:1d:15:14:60:
0a:c5:c6:e1:2f:ff:5d:12:47:74:fa:ed:9a:b3:95:
25:76:8e:b2:41:0f:44:46:74:8b:2d:ab:01:e5:a0:
ab:ae:92:c9:82:ee:e9:e0:3c:a8:23:07:59:69:f7:
ac:6c:5c:81:fb:4b:37:36:a1:ed:9e:af:dc:93:94:
90:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C4:CA:44:D6:BC:51:CB:71:D5:49:37:9C:6B:AE:24:CF:4C:0C:13
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/l8TKRNa8Uctx1Uk3nGuuJM9MDBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
93.123.75.0/24
164.40.185.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:6c:61:bc:94:44:79:5c:83:3c:9a:ce:71:bb:8e:b2:fc:69:
74:bc:20:e9:4e:c9:87:e7:a3:ca:87:dc:6d:8c:ed:3e:9f:c3:
a3:89:63:1c:49:fc:ac:aa:53:e3:26:6d:9e:7d:72:d6:8d:c5:
bd:06:94:17:e8:55:3d:db:7e:71:b9:0f:4e:23:b3:e0:e0:9f:
0b:2e:d7:0b:78:ed:7c:89:da:c8:52:2e:34:5b:94:ec:03:c1:
23:45:9b:ff:ec:c8:1c:28:f5:af:8d:b6:87:d9:b0:aa:6b:66:
8b:40:06:53:48:7d:74:06:ee:ec:9c:07:b5:4a:84:e9:f0:86:
7f:e9:97:a8:b6:e0:b3:4d:70:91:d7:27:53:6b:4c:a9:0a:f2:
e5:09:39:c0:84:6a:4d:61:56:2b:aa:79:1f:50:4c:0f:90:21:
c1:80:05:4e:00:9c:35:4c:b0:3f:a1:fd:c3:a1:14:da:4c:e4:
35:93:bb:32:c4:3d:9f:3c:c3:e1:68:ae:3b:43:6a:3f:78:01:
bd:83:d3:63:7c:bf:d7:34:2d:5f:2a:e8:e9:de:ce:dc:e9:ba:
ff:7b:b8:05:07:06:71:d5:bc:cc:15:a0:9b:78:cb:90:79:c5:
a9:da:52:e0:5f:86:23:43:7a:a6:3d:61:a8:78:38:ef:19:53:
57:ba:b7:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYoiDDYXxRQE9IzX5fm6ThozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODIzMTA1OTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M0Y2E0NGQ2YmM1MWNiNzFkNTQ5Mzc5YzZiYWUyNGNmNGMwYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvvXoF1ihdgxRpmpYmMidUXYxK0N
4r9f+YIJTUR/nevFA3+6TmX2WgaANhXEMqwS7zolcmGssFbEOuZSsTBXT39oiy3M
K7OB9PrvEy4RryTJ3ayqX0MZ57R4OlxaxSInAuLGRX3N3IIc8RnASN/AvzftRZ3l
ZUnCYGUrcojLWjoBJ9kpGCPkm6FJ8JSq9893aVhlZn9jfe1f/Ormd8ShGnGHJ8x7
smkwS9CqiFdY97mCx1fKDpVyslQ/rTWEbh0VFGAKxcbhL/9dEkd0+u2as5Uldo6y
QQ9ERnSLLasB5aCrrpLJgu7p4DyoIwdZafesbFyB+0s3NqHtnq/ck5SQowIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJfEykTWvFHLcdVJN5xrriTPTAwTMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbDhUS1JOYThVY3R4MVVrM25HdXVKTTlNREJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBV3hEAwQA
XXtLAwQApCi5MA0GCSqGSIb3DQEBCwUAA4IBAQCabGG8lER5XIM8ms5xu46y/Gl0
vCDpTsmH56PKh9xtjO0+n8OjiWMcSfysqlPjJm2efXLWjcW9BpQX6FU9235xuQ9O
I7Pg4J8LLtcLeO18idrIUi40W5TsA8EjRZv/7MgcKPWvjbaH2bCqa2aLQAZTSH10
Bu7snAe1SoTp8IZ/6ZeotuCzTXCR1ydTa0ypCvLlCTnAhGpNYVYrqnkfUEwPkCHB
gAVOAJw1TLA/of3DoRTaTOQ1k7syxD2fPMPhaK47Q2o/eAG9g9NjfL/XNC1fKujp
3s7c6br/e7gFBwZx1bzMFaCbeMuQecWp2lLgX4YjQ3qmPWGoeDjvGVNXurdd
-----END CERTIFICATE-----
Generated at Tue Apr 29 17:29:16 2025 by rpki-client