Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/0UnT-eavF8IjpqWPklPK7oYULWc.roa
File: 0UnT-eavF8IjpqWPklPK7oYULWc.roa (raw, json)
Hash identifier: vm21MOKDG8Gfx3t5GOlZOQF6Um6VKW4bouV7sFiFZcE=
Subject key identifier: D1:49:D3:F9:E6:AF:17:C2:23:A6:A5:8F:92:53:CA:EE:86:14:2D:67
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018C96A2C2C4BDCBB2D081E0F93B30E8E9A9
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/0UnT-eavF8IjpqWPklPK7oYULWc.roa
Signing time: Sat 23 Dec 2023 12:24:58 +0000
ROA not before: Sat 23 Dec 2023 12:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7029
IP address blocks: 89.249.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:96:a2:c2:c4:bd:cb:b2:d0:81:e0:f9:3b:30:e8:e9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Dec 23 12:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d149d3f9e6af17c223a6a58f9253caee86142d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f1:02:e1:f2:cb:0f:ad:d6:88:85:2b:fd:73:
b0:cd:73:c0:8f:4b:9d:9e:7d:57:1e:b0:2f:a4:60:
8e:51:5b:a5:d1:0d:94:ce:c9:b5:56:8e:fa:42:36:
36:2d:eb:77:2d:5c:fe:d9:db:40:19:ea:42:a7:57:
62:bf:a8:d0:1f:3f:67:bb:f3:ea:74:55:97:96:c8:
62:82:95:af:1c:43:49:a1:29:16:4c:25:74:1f:e9:
8c:3c:78:bd:c8:8b:3b:fa:a8:8d:57:f7:40:6c:81:
d9:7b:d5:a1:fa:92:c7:c5:3d:54:de:8c:81:a8:12:
62:be:3b:df:da:86:f7:7b:de:f5:db:bb:f8:62:b1:
f8:ce:f5:c2:ad:13:c8:dc:28:b0:31:ed:eb:09:f7:
0d:3e:4f:e8:e4:8a:15:d6:d9:4c:06:0c:87:43:82:
88:4d:fb:f0:26:49:ca:08:13:9c:74:c5:1e:d1:d6:
2c:b7:81:3d:12:de:0b:29:5e:3d:15:16:b7:04:61:
ed:a3:d1:57:8a:91:c1:d7:14:90:e5:83:8c:ae:6f:
f2:a7:b3:e9:61:dd:b5:d4:8a:68:96:04:67:ce:a5:
e6:c2:29:28:91:f9:bf:97:57:0a:86:0f:90:18:a9:
5f:57:48:86:a2:76:60:14:89:57:45:a7:a1:95:39:
48:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:49:D3:F9:E6:AF:17:C2:23:A6:A5:8F:92:53:CA:EE:86:14:2D:67
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/0UnT-eavF8IjpqWPklPK7oYULWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.204.0/24
Signature Algorithm: sha256WithRSAEncryption
98:6b:f2:3f:1f:2f:d0:99:83:87:28:d1:33:ff:57:3e:68:76:
c0:52:c5:ee:4d:df:24:43:6f:f7:71:de:88:b5:54:5e:9a:c1:
bc:b2:25:e0:87:0a:68:6c:f3:31:fc:28:e9:cc:f4:0f:5b:c8:
9e:9e:e0:91:f1:a5:cf:22:e3:fd:97:a8:d4:25:77:df:ab:d4:
13:cb:f3:e7:a8:20:8c:11:93:9f:07:55:cd:3d:28:29:f3:83:
72:71:62:dc:1c:e2:49:5f:8f:96:b8:65:fe:7c:de:6f:ec:33:
1f:81:00:c9:27:8f:a7:29:a4:66:d6:6a:94:ab:cf:79:0f:3a:
64:e7:bf:ed:2a:b3:73:05:43:99:55:85:10:a6:2c:dc:0f:9c:
b1:31:e3:f7:db:ab:d4:3b:b0:c4:34:67:87:21:57:0a:19:8a:
87:62:77:47:09:a7:97:39:6f:dc:69:c5:88:01:62:d2:f9:bf:
a8:21:b6:1f:d0:3e:0e:2e:f0:e9:2f:cc:5c:81:74:60:23:34:
03:16:49:4e:96:77:f9:d3:a5:fe:e4:c7:09:3c:db:ee:17:db:
de:67:89:f1:80:d6:72:39:7a:c6:55:b0:be:96:45:8f:eb:43:
ca:8d:35:f6:38:e8:23:5e:31:8d:f1:bc:fa:d6:50:35:cb:d2:
8b:5e:0c:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyWosLEvcuy0IHg+Tsw6OmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMjIzMTIyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTQ5ZDNmOWU2YWYxN2MyMjNhNmE1OGY5MjUzY2FlZTg2MTQyZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvEC4fLLD63WiIUr/XOwzXPAj0ud
nn1XHrAvpGCOUVul0Q2Uzsm1Vo76QjY2Let3LVz+2dtAGepCp1div6jQHz9nu/Pq
dFWXlshigpWvHENJoSkWTCV0H+mMPHi9yIs7+qiNV/dAbIHZe9Wh+pLHxT1U3oyB
qBJivjvf2ob3e97127v4YrH4zvXCrRPI3CiwMe3rCfcNPk/o5IoV1tlMBgyHQ4KI
TfvwJknKCBOcdMUe0dYst4E9Et4LKV49FRa3BGHto9FXipHB1xSQ5YOMrm/yp7Pp
Yd211IpolgRnzqXmwikokfm/l1cKhg+QGKlfV0iGonZgFIlXRaehlTlIiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFJ0/nmrxfCI6alj5JTyu6GFC1nMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvMFVuVC1lYXZGOElqcHFXUGtsUEs3b1lVTFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnMMA0G
CSqGSIb3DQEBCwUAA4IBAQCYa/I/Hy/QmYOHKNEz/1c+aHbAUsXuTd8kQ2/3cd6I
tVRemsG8siXghwpobPMx/CjpzPQPW8ienuCR8aXPIuP9l6jUJXffq9QTy/PnqCCM
EZOfB1XNPSgp84NycWLcHOJJX4+WuGX+fN5v7DMfgQDJJ4+nKaRm1mqUq895Dzpk
57/tKrNzBUOZVYUQpizcD5yxMeP326vUO7DENGeHIVcKGYqHYndHCaeXOW/cacWI
AWLS+b+oIbYf0D4OLvDpL8xcgXRgIzQDFklOlnf506X+5McJPNvuF9veZ4nxgNZy
OXrGVbC+lkWP60PKjTX2OOgjXjGN8bz61lA1y9KLXgyH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:07 2025 by rpki-client