Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/0zfTxkjxbtCapKNLRolzzwQRLP8.roa
File: 0zfTxkjxbtCapKNLRolzzwQRLP8.roa (raw, json)
Hash identifier: jhJ3GHZhDph2XCcEUKCi1GQn/8FnyVyNiBBAMt3H5zI=
Subject key identifier: D3:37:D3:C6:48:F1:6E:D0:9A:A4:A3:4B:46:89:73:CF:04:11:2C:FF
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018AD7C290DC1B99D65AEF13F84EE845A5D7
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/0zfTxkjxbtCapKNLRolzzwQRLP8.roa
Signing time: Wed 27 Sep 2023 17:49:27 +0000
ROA not before: Wed 27 Sep 2023 17:49:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 89.249.200.0/24 maxlen: 24
89.249.201.0/24 maxlen: 24
89.249.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d7:c2:90:dc:1b:99:d6:5a:ef:13:f8:4e:e8:45:a5:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Sep 27 17:49:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d337d3c648f16ed09aa4a34b468973cf04112cff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6a:75:28:db:f0:b0:71:bd:3b:85:36:de:de:
83:d0:7a:69:77:09:f4:f2:6e:41:ed:17:b4:f2:ed:
1f:0f:af:78:db:c1:96:84:40:f5:c7:b6:a8:30:96:
32:1d:80:7b:22:63:51:bb:3c:e9:29:c6:6b:5e:12:
99:d3:d4:43:0c:e5:18:03:46:bd:67:ee:ee:30:c1:
41:a3:0a:82:b7:45:72:00:f2:94:a5:ae:e0:4d:9d:
54:6c:21:13:cd:9c:9e:f9:46:95:98:4f:0a:a2:97:
0f:82:86:89:07:cd:14:ca:eb:8b:91:2e:5a:bb:50:
bb:ae:a4:d7:8c:a0:62:2a:d6:bc:fe:5c:ce:bf:d9:
da:18:c3:7b:10:2a:0e:01:29:5e:6f:42:5b:9b:26:
bb:64:2a:48:3f:a0:22:f2:05:03:2e:19:7c:24:3e:
0e:69:26:9a:0a:a3:ff:f8:a0:fc:00:3f:55:0e:81:
b0:25:93:4c:7b:82:29:31:7c:c0:b8:da:d9:4a:b8:
cf:21:9e:27:0d:81:ec:1e:dc:0e:1b:60:f9:f5:6b:
e8:45:1e:f6:9d:2a:cd:bb:2e:2b:ef:d0:5b:cf:9c:
ae:e9:11:50:14:d4:41:06:03:ca:c4:0b:d8:a3:56:
56:87:26:a0:93:5f:e6:16:5d:a2:45:fb:0f:ff:8e:
80:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:37:D3:C6:48:F1:6E:D0:9A:A4:A3:4B:46:89:73:CF:04:11:2C:FF
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/0zfTxkjxbtCapKNLRolzzwQRLP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.200.0-89.249.202.255
Signature Algorithm: sha256WithRSAEncryption
4a:11:1f:0b:26:1d:75:1f:2d:b8:d0:c8:a7:6a:26:38:82:08:
a3:c9:71:3e:7d:57:02:c7:e4:94:ee:80:bd:62:9f:1d:10:12:
78:d1:aa:6f:39:a2:7a:e5:5f:f8:5a:70:83:ed:cc:1e:9e:a2:
78:92:8b:de:3b:2e:db:f1:97:95:48:17:cc:d8:6e:d3:27:02:
03:18:7e:ea:da:76:9b:ec:db:55:9e:fc:f3:02:ad:2e:94:1a:
ed:7f:74:68:81:1f:15:42:13:92:9d:86:93:b2:a9:da:bd:1f:
02:d0:6e:76:06:61:01:23:e8:f6:30:92:7d:d7:73:09:81:df:
7c:3a:2a:66:73:2d:b3:59:bd:cf:f2:3e:53:c8:f5:da:10:ca:
bb:52:86:38:6d:07:98:0c:d7:31:eb:d8:af:70:02:95:58:ac:
22:eb:47:90:02:20:62:9a:e3:29:8b:a6:7a:af:bd:f0:ae:94:
47:dc:2e:36:a6:5c:58:e6:ca:de:ab:d7:88:13:4b:c3:da:17:
5d:ea:1e:49:10:79:a9:d4:68:cc:a8:ff:e2:2d:cd:16:44:83:
e8:6d:2b:c6:f1:73:fb:b3:54:08:0e:ad:b4:23:1c:13:a0:a7:
51:a9:e4:5f:e0:52:29:76:af:8c:c1:3a:89:55:4b:48:93:9e:
45:fd:3e:7f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYrXwpDcG5nWWu8T+E7oRaXXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMwOTI3MTc0OTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzM3ZDNjNjQ4ZjE2ZWQwOWFhNGEzNGI0Njg5NzNjZjA0MTEyY2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2mp1KNvwsHG9O4U23t6D0Hppdwn0
8m5B7Re08u0fD69428GWhED1x7aoMJYyHYB7ImNRuzzpKcZrXhKZ09RDDOUYA0a9
Z+7uMMFBowqCt0VyAPKUpa7gTZ1UbCETzZye+UaVmE8KopcPgoaJB80UyuuLkS5a
u1C7rqTXjKBiKta8/lzOv9naGMN7ECoOASleb0Jbmya7ZCpIP6Ai8gUDLhl8JD4O
aSaaCqP/+KD8AD9VDoGwJZNMe4IpMXzAuNrZSrjPIZ4nDYHsHtwOG2D59WvoRR72
nSrNuy4r79Bbz5yu6RFQFNRBBgPKxAvYo1ZWhyagk1/mFl2iRfsP/46A2wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNM308ZI8W7QmqSjS0aJc88EESz/MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvMHpmVHhranhidENhcEtOTFJvbHp6d1FSTFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANZ+cgD
BABZ+cowDQYJKoZIhvcNAQELBQADggEBAEoRHwsmHXUfLbjQyKdqJjiCCKPJcT59
VwLH5JTugL1inx0QEnjRqm85onrlX/hacIPtzB6eoniSi947Ltvxl5VIF8zYbtMn
AgMYfuradpvs21We/PMCrS6UGu1/dGiBHxVCE5KdhpOyqdq9HwLQbnYGYQEj6PYw
kn3XcwmB33w6KmZzLbNZvc/yPlPI9doQyrtShjhtB5gM1zHr2K9wApVYrCLrR5AC
IGKa4ymLpnqvvfCulEfcLjamXFjmyt6r14gTS8PaF13qHkkQeanUaMyo/+ItzRZE
g+htK8bxc/uzVAgOrbQjHBOgp1Gp5F/gUil2r4zBOolVS0iTnkX9Pn8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:03 2025 by rpki-client