Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/40OsxpcYZPQ8wPtMoGT3HEmJ7Gk.roa
File: 40OsxpcYZPQ8wPtMoGT3HEmJ7Gk.roa (raw, json)
Hash identifier: Hs3L3LWppD8R4lo3Dvaou3zKiLmjylpxuN2OFgIT1fc=
Subject key identifier: E3:43:AC:C6:97:18:64:F4:3C:C0:FB:4C:A0:64:F7:1C:49:89:EC:69
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018AF0A618E047057437B0795CC3D65916D2
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/40OsxpcYZPQ8wPtMoGT3HEmJ7Gk.roa
Signing time: Mon 02 Oct 2023 13:48:51 +0000
ROA not before: Mon 02 Oct 2023 13:48:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49981
IP address blocks: 89.249.205.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f0:a6:18:e0:47:05:74:37:b0:79:5c:c3:d6:59:16:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 2 13:48:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e343acc6971864f43cc0fb4ca064f71c4989ec69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0c:94:76:d6:fc:80:c5:94:f9:44:80:72:8b:
c4:ce:95:d4:b2:38:d9:2e:22:d7:d9:1a:3a:30:0f:
3b:9e:7e:ec:3b:6a:52:19:41:0c:e1:0a:16:43:97:
fc:5f:db:88:b1:97:01:22:8d:2f:5a:bd:16:ae:2d:
51:37:77:21:b4:73:ee:88:1d:fb:46:c6:34:ff:a7:
b4:ed:93:dc:47:43:88:0b:00:a2:53:5d:78:b1:2e:
41:b7:9c:2d:90:b7:9c:4d:9b:5a:e3:52:47:c2:4a:
84:04:cb:f2:52:0b:51:96:94:1f:47:62:32:3c:3d:
d8:f7:9a:45:2b:d2:fd:f0:8a:5d:a7:2d:33:32:e3:
6c:0e:b7:52:50:38:f1:89:c0:6e:d0:eb:29:58:48:
6b:a4:aa:89:66:e0:fb:d3:ae:e4:27:b6:58:7a:58:
4d:e4:ec:90:b9:e8:d0:65:60:6a:bf:8d:03:d8:87:
d3:87:2f:cc:09:7a:59:24:92:31:85:11:42:a4:3b:
79:59:b3:2b:b1:60:30:b5:72:b7:03:32:8c:1d:ad:
5c:c0:39:d7:77:82:0b:9b:c1:09:f1:4e:d0:05:b5:
f8:82:57:70:b5:d1:c4:fb:d7:e8:57:69:58:45:aa:
68:fb:7f:f0:c7:db:95:d2:c7:bd:3b:f5:42:4e:4c:
e9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:43:AC:C6:97:18:64:F4:3C:C0:FB:4C:A0:64:F7:1C:49:89:EC:69
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/40OsxpcYZPQ8wPtMoGT3HEmJ7Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.205.0/24
Signature Algorithm: sha256WithRSAEncryption
47:6e:76:88:6f:21:08:a5:93:ea:72:b4:94:c2:15:7b:5a:8c:
f3:01:87:3f:9c:86:df:4a:0b:93:7b:df:df:a9:18:f9:ba:5c:
43:2a:fa:30:79:6d:20:99:18:8a:3e:46:2d:6d:1d:a2:83:03:
d4:1c:9c:a3:64:9d:2f:b2:6b:6a:de:80:5e:8c:07:e4:ce:c9:
63:66:da:cd:86:c1:f7:2a:ff:2e:a6:f2:9a:fa:b1:79:83:e6:
d5:b4:d9:87:d4:6c:24:45:c1:78:16:61:75:0b:af:61:6a:01:
46:ab:d6:7e:78:01:a7:bd:91:6a:ad:83:7c:3f:d3:e3:3d:34:
0d:d8:a9:da:6e:93:90:42:ec:a0:48:7d:5d:60:29:70:a7:8e:
7a:ed:55:fa:b9:1b:2a:94:9d:f5:d3:15:05:25:81:29:3c:71:
08:65:f1:2c:3d:06:b1:83:16:b3:c5:77:18:11:b0:74:e5:1f:
38:1c:3d:8e:bd:bb:e5:ac:e3:25:72:95:53:75:76:cf:36:72:
8f:1d:fd:b8:dc:0f:75:95:d8:d4:21:da:06:46:3a:20:7b:85:
d2:51:fe:d6:8c:37:84:34:ed:03:7d:3b:31:35:e6:c0:79:bc:
03:ef:a5:b0:90:15:1a:b7:42:55:e8:12:1c:d3:98:a4:11:27:
27:67:74:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrwphjgRwV0N7B5XMPWWRbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMxMDAyMTM0ODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzQzYWNjNjk3MTg2NGY0M2NjMGZiNGNhMDY0ZjcxYzQ5ODllYzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgyUdtb8gMWU+USAcovEzpXUsjjZ
LiLX2Ro6MA87nn7sO2pSGUEM4QoWQ5f8X9uIsZcBIo0vWr0Wri1RN3chtHPuiB37
RsY0/6e07ZPcR0OICwCiU114sS5Bt5wtkLecTZta41JHwkqEBMvyUgtRlpQfR2Iy
PD3Y95pFK9L98Ipdpy0zMuNsDrdSUDjxicBu0OspWEhrpKqJZuD7067kJ7ZYelhN
5OyQuejQZWBqv40D2IfThy/MCXpZJJIxhRFCpDt5WbMrsWAwtXK3AzKMHa1cwDnX
d4ILm8EJ8U7QBbX4gldwtdHE+9foV2lYRapo+3/wx9uV0se9O/VCTkzppwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFONDrMaXGGT0PMD7TKBk9xxJiexpMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvNDBPc3hwY1laUFE4d1B0TW9HVDNIRW1KN0drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnNMA0G
CSqGSIb3DQEBCwUAA4IBAQBHbnaIbyEIpZPqcrSUwhV7WozzAYc/nIbfSguTe9/f
qRj5ulxDKvoweW0gmRiKPkYtbR2igwPUHJyjZJ0vsmtq3oBejAfkzsljZtrNhsH3
Kv8upvKa+rF5g+bVtNmH1GwkRcF4FmF1C69hagFGq9Z+eAGnvZFqrYN8P9PjPTQN
2KnabpOQQuygSH1dYClwp4567VX6uRsqlJ310xUFJYEpPHEIZfEsPQaxgxazxXcY
EbB05R84HD2OvbvlrOMlcpVTdXbPNnKPHf243A91ldjUIdoGRjoge4XSUf7WjDeE
NO0DfTsxNebAebwD76WwkBUat0JV6BIc05ikEScnZ3Sf
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:23 2025 by rpki-client