Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/msDQqSIEs4AltpNYJk1DZQT-s2c.roa
File: msDQqSIEs4AltpNYJk1DZQT-s2c.roa (raw, json)
Hash identifier: 0jHk43QQzMq5+zAWAtXKkM2TGauUGrfBbvqgGytwdZA=
Subject key identifier: 9A:C0:D0:A9:22:04:B3:80:25:B6:93:58:26:4D:43:65:04:FE:B3:67
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018A9AABE0EE8AFCB92C8975B05EFBBBF7D0
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/msDQqSIEs4AltpNYJk1DZQT-s2c.roa
Signing time: Fri 15 Sep 2023 21:07:50 +0000
ROA not before: Fri 15 Sep 2023 21:07:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7018
IP address blocks: 89.249.203.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:9a:ab:e0:ee:8a:fc:b9:2c:89:75:b0:5e:fb:bb:f7:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Sep 15 21:07:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ac0d0a92204b38025b69358264d436504feb367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9d:62:d4:e7:af:3e:87:a4:48:7e:20:1e:3d:
b8:c4:e2:98:98:d8:27:02:47:de:81:ab:c0:a6:08:
6f:e0:20:27:25:19:72:13:ac:c1:a0:23:92:af:f5:
65:d6:02:d1:89:74:8f:ee:92:ea:af:21:f5:78:8e:
34:8f:18:66:fc:41:1f:f0:8e:9a:6d:56:3d:3f:d4:
12:4a:89:66:69:71:9a:98:5a:d3:94:11:5d:d4:e1:
e8:7d:b4:56:59:97:ed:03:ad:95:2a:f5:d6:9c:79:
a2:f4:11:d3:8e:87:1a:5f:66:69:98:5e:69:de:1b:
f5:30:00:d3:d5:e7:80:41:ca:5b:4d:3f:45:9c:18:
97:f0:fa:0b:c0:ba:26:95:73:95:e4:67:3a:4b:34:
b8:aa:d5:ab:64:b3:83:8c:38:aa:b7:1d:c5:5b:eb:
ab:f4:61:0f:09:eb:09:29:34:79:62:e7:0a:2f:9c:
d0:ee:5b:3b:40:4c:0b:78:c0:24:6f:9a:33:57:2a:
79:a6:d6:f7:c0:f5:b0:d8:1b:cb:c3:cd:99:85:51:
20:72:b1:f8:43:77:aa:ad:29:7e:d2:bd:0b:95:4f:
d7:d7:49:03:16:3e:73:70:79:4f:a3:20:e7:b2:4f:
44:0a:d6:11:0c:e8:f4:cc:ea:9f:76:98:61:3a:3c:
a7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C0:D0:A9:22:04:B3:80:25:B6:93:58:26:4D:43:65:04:FE:B3:67
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/msDQqSIEs4AltpNYJk1DZQT-s2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.203.0/24
Signature Algorithm: sha256WithRSAEncryption
da:7f:9c:f2:c3:63:94:4e:9d:7c:d6:1d:de:d7:aa:74:2b:f8:
77:82:7c:13:d2:a5:a2:2f:b3:10:a2:5e:f8:14:1a:e4:ab:db:
97:6a:14:24:99:f0:ce:14:06:aa:43:bb:6b:ff:48:aa:6a:d9:
a4:26:4b:bd:17:03:f3:3b:16:42:1d:d3:8c:5e:fa:db:74:a1:
ea:ed:15:69:f0:48:7b:2c:6b:a7:08:aa:bb:51:52:2b:8e:78:
bc:8e:cd:b6:26:cb:14:65:3e:98:34:18:93:ae:fc:8c:31:83:
7e:38:52:ef:47:6e:d2:df:e4:37:03:4e:83:f1:1f:fd:96:ae:
65:00:b0:60:2f:76:ba:dd:29:fb:4e:81:c3:59:88:06:51:a8:
5a:09:d2:46:72:30:47:ff:f0:94:b9:80:df:25:96:a6:db:09:
5f:25:26:17:ae:e3:af:08:1a:b9:cb:bd:23:2f:85:a5:76:43:
7e:37:1b:5f:68:18:21:61:20:04:99:af:d8:96:01:63:8e:cb:
ea:19:09:ca:aa:74:46:6d:79:10:17:68:fc:fa:ab:eb:04:e9:
20:cf:3f:af:fe:50:58:1b:b4:bb:1d:5d:d0:69:3c:69:af:47:
7e:c9:04:f5:04:82:80:17:53:35:fc:2c:45:bf:ec:53:31:33:
06:dd:1b:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYqaq+Duivy5LIl1sF77u/fQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjMwOTE1MjEwNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWMwZDBhOTIyMDRiMzgwMjViNjkzNTgyNjRkNDM2NTA0ZmViMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh51i1OevPoekSH4gHj24xOKYmNgn
AkfegavApghv4CAnJRlyE6zBoCOSr/Vl1gLRiXSP7pLqryH1eI40jxhm/EEf8I6a
bVY9P9QSSolmaXGamFrTlBFd1OHofbRWWZftA62VKvXWnHmi9BHTjocaX2ZpmF5p
3hv1MADT1eeAQcpbTT9FnBiX8PoLwLomlXOV5Gc6SzS4qtWrZLODjDiqtx3FW+ur
9GEPCesJKTR5YucKL5zQ7ls7QEwLeMAkb5ozVyp5ptb3wPWw2BvLw82ZhVEgcrH4
Q3eqrSl+0r0LlU/X10kDFj5zcHlPoyDnsk9ECtYRDOj0zOqfdphhOjynxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJrA0KkiBLOAJbaTWCZNQ2UE/rNnMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvbXNEUXFTSUVzNEFsdHBOWUprMURaUVQtczJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnLMA0G
CSqGSIb3DQEBCwUAA4IBAQDaf5zyw2OUTp181h3e16p0K/h3gnwT0qWiL7MQol74
FBrkq9uXahQkmfDOFAaqQ7tr/0iqatmkJku9FwPzOxZCHdOMXvrbdKHq7RVp8Eh7
LGunCKq7UVIrjni8js22JssUZT6YNBiTrvyMMYN+OFLvR27S3+Q3A06D8R/9lq5l
ALBgL3a63Sn7ToHDWYgGUahaCdJGcjBH//CUuYDfJZam2wlfJSYXruOvCBq5y70j
L4WldkN+NxtfaBghYSAEma/YlgFjjsvqGQnKqnRGbXkQF2j8+qvrBOkgzz+v/lBY
G7S7HV3QaTxpr0d+yQT1BIKAF1M1/CxFv+xTMTMG3RsX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:29 2025 by rpki-client