Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/0QO6VK9j6OZ1Y4ZT-JpdpqhCZmI.roa
File: 0QO6VK9j6OZ1Y4ZT-JpdpqhCZmI.roa (raw, json)
Hash identifier: 4g5cA8cAul2mFJAI22mYfSmVzSgLO/I7O0Od76lsLHc=
Subject key identifier: D1:03:BA:54:AF:63:E8:E6:75:63:86:53:F8:9A:5D:A6:A8:42:66:62
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018ACC20828E6FE4583028C031C1D0020898
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/0QO6VK9j6OZ1Y4ZT-JpdpqhCZmI.roa
Signing time: Mon 25 Sep 2023 11:36:37 +0000
ROA not before: Mon 25 Sep 2023 11:36:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211376
IP address blocks: 89.249.206.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:20:82:8e:6f:e4:58:30:28:c0:31:c1:d0:02:08:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Sep 25 11:36:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d103ba54af63e8e675638653f89a5da6a8426662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:7f:c3:53:7a:a3:cb:fd:df:cd:5e:c5:46:a7:
c6:17:60:ba:50:d9:81:a8:bc:bd:ed:70:46:6b:b4:
c7:e9:e1:af:d8:6d:16:a8:c8:5d:d6:8c:92:3f:c2:
15:85:e1:ed:7d:25:eb:ad:58:f2:1b:a2:da:2c:1b:
1d:e0:41:28:5b:f5:f0:b1:d5:61:b8:4a:96:01:e3:
4f:62:4e:b6:c0:8e:f7:0b:d5:e6:b6:6f:07:25:cb:
3c:d1:57:9c:bf:b6:57:94:57:ab:a0:3d:81:83:49:
d9:69:1a:9e:a7:45:ff:76:22:c8:a9:20:d5:cc:04:
d7:31:e4:6a:39:3f:1d:af:eb:1e:a4:21:08:3b:a2:
91:4d:ba:93:24:33:b0:4c:6b:03:4b:08:8a:2b:94:
67:f6:ca:65:30:c4:bf:ba:96:d9:98:e1:e9:58:39:
1e:ac:1e:1c:08:72:28:46:44:ae:77:a4:b8:bc:d3:
bc:2d:a2:c0:42:8a:db:6e:49:5e:e5:a5:ef:17:45:
99:00:16:95:37:b8:b9:e1:6f:b6:01:3a:15:a2:65:
35:c3:b8:46:02:1d:85:d1:b2:d9:9b:d8:76:38:cf:
79:1e:36:08:48:24:ea:62:3d:ee:ab:f7:0c:25:ab:
8f:3c:75:8f:6c:e6:79:66:06:bf:ee:7e:65:d3:a4:
1d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:03:BA:54:AF:63:E8:E6:75:63:86:53:F8:9A:5D:A6:A8:42:66:62
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/0QO6VK9j6OZ1Y4ZT-JpdpqhCZmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.206.0/24
Signature Algorithm: sha256WithRSAEncryption
65:55:00:af:c0:f6:7d:be:ea:7a:17:95:80:ac:f3:4c:37:90:
f0:e9:3f:db:a2:2d:2a:fd:37:ab:14:d2:26:3d:57:f1:fd:4b:
60:f3:ac:b7:c2:33:3d:ae:94:9c:ad:13:9e:26:60:00:91:84:
87:d8:52:b1:62:43:2c:0e:bf:ac:56:a2:84:d5:35:f5:dc:17:
ec:38:c3:4a:70:f6:5e:0e:6c:0a:fd:ec:bf:ac:e0:a4:89:e3:
37:a0:b2:2f:4f:d3:b3:7e:56:95:0c:03:79:af:2a:ca:50:bc:
cf:ce:1d:00:15:e7:01:58:c9:79:e6:1f:8e:e3:9f:13:b0:36:
60:b2:e3:c8:d1:a9:48:1b:5a:71:79:2d:a5:43:12:f0:dd:6c:
bd:68:06:b5:b6:03:cf:02:13:8b:76:48:f0:f6:ab:55:4e:51:
aa:e2:dd:9f:71:c3:15:b2:e9:b3:4f:b3:80:bf:c9:6b:61:b4:
12:fe:10:2f:d3:da:8b:be:09:a8:06:dc:87:8a:bf:6b:7a:64:
fe:d1:f2:6d:ee:d8:70:3e:bc:ce:05:c9:08:42:6e:00:0b:07:
e7:ba:13:a8:fa:1a:37:8f:60:c3:be:50:71:46:46:ba:f6:21:
e2:97:02:cf:c8:15:00:b3:ec:14:8f:e5:96:16:b5:0a:ce:ae:
43:78:57:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrMIIKOb+RYMCjAMcHQAgiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMwOTI1MTEzNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTAzYmE1NGFmNjNlOGU2NzU2Mzg2NTNmODlhNWRhNmE4NDI2NjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiH/DU3qjy/3fzV7FRqfGF2C6UNmB
qLy97XBGa7TH6eGv2G0WqMhd1oySP8IVheHtfSXrrVjyG6LaLBsd4EEoW/XwsdVh
uEqWAeNPYk62wI73C9Xmtm8HJcs80Vecv7ZXlFeroD2Bg0nZaRqep0X/diLIqSDV
zATXMeRqOT8dr+sepCEIO6KRTbqTJDOwTGsDSwiKK5Rn9splMMS/upbZmOHpWDke
rB4cCHIoRkSud6S4vNO8LaLAQorbbkle5aXvF0WZABaVN7i54W+2AToVomU1w7hG
Ah2F0bLZm9h2OM95HjYISCTqYj3uq/cMJauPPHWPbOZ5Zga/7n5l06Qd+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNEDulSvY+jmdWOGU/iaXaaoQmZiMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvMFFPNlZLOWo2T1oxWTRaVC1KcGRwcWhDWm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnOMA0G
CSqGSIb3DQEBCwUAA4IBAQBlVQCvwPZ9vup6F5WArPNMN5Dw6T/boi0q/TerFNIm
PVfx/Utg86y3wjM9rpScrROeJmAAkYSH2FKxYkMsDr+sVqKE1TX13BfsOMNKcPZe
DmwK/ey/rOCkieM3oLIvT9OzflaVDAN5ryrKULzPzh0AFecBWMl55h+O458TsDZg
suPI0alIG1pxeS2lQxLw3Wy9aAa1tgPPAhOLdkjw9qtVTlGq4t2fccMVsumzT7OA
v8lrYbQS/hAv09qLvgmoBtyHir9remT+0fJt7thwPrzOBckIQm4ACwfnuhOo+ho3
j2DDvlBxRka69iHilwLPyBUAs+wUj+WWFrUKzq5DeFfW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:50 2025 by rpki-client