
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/yo_i6Nxj_eXMEankxilK4ageRr8.roa
File: yo_i6Nxj_eXMEankxilK4ageRr8.roa (raw, json)
Hash identifier: 93Pz1doGAi/A18KJsHJrreCA0ZYiqcZh1QW7SFXtz1I=
Subject key identifier: CA:8F:E2:E8:DC:63:FD:E5:CC:11:A9:E4:C6:29:4A:E1:A8:1E:46:BF
Certificate issuer: /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial: 018571B0FA9D7AD63C2D9F033F88528F8D98
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/yo_i6Nxj_eXMEankxilK4ageRr8.roa
Signing time: Mon 02 Jan 2023 08:55:01 +0000
ROA not before: Mon 02 Jan 2023 08:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48671
IP address blocks: 89.38.232.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:fa:9d:7a:d6:3c:2d:9f:03:3f:88:52:8f:8d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Validity
Not Before: Jan 2 08:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ca8fe2e8dc63fde5cc11a9e4c6294ae1a81e46bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:40:0d:e8:0d:c9:df:d1:7a:5a:34:d2:8f:1f:
8f:5a:a3:70:f6:e0:19:a8:2b:ee:f2:8a:1c:55:b9:
49:ad:ff:1b:b2:06:cd:84:18:a1:d5:35:ca:12:bb:
26:d4:68:b7:40:98:5a:b6:34:03:4b:43:38:b0:9a:
ba:35:c6:3f:47:84:c1:bf:d9:bb:2a:1f:c6:0e:17:
0a:07:e2:40:0b:2b:aa:5d:3d:d0:a2:92:dc:75:09:
76:b4:3e:c2:3b:72:92:38:5a:90:e1:c4:f3:e1:8d:
99:52:aa:4b:7a:d8:d5:4a:f8:61:c4:bb:55:5a:58:
46:6b:36:61:5e:f5:b0:eb:e5:75:e8:ae:2d:71:9c:
98:25:81:b1:70:1a:41:c4:63:40:1a:5c:8a:e1:3a:
17:97:bf:d0:85:87:5d:df:9d:86:b6:9b:a4:26:3e:
d6:53:93:6e:d1:94:38:ee:5a:d4:24:44:b6:48:9e:
57:0d:a5:d1:9d:14:dc:89:d9:65:5f:23:4d:48:41:
96:70:01:6e:06:fa:fb:b1:5d:01:9d:3c:33:7a:2f:
b7:60:d7:d0:11:79:34:51:85:54:33:11:a3:87:a8:
44:a0:ef:fe:2d:07:26:5e:5d:fc:b3:80:b0:a8:5c:
51:19:1d:df:b7:4f:85:d3:07:7f:cb:70:a2:1f:ec:
b2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:8F:E2:E8:DC:63:FD:E5:CC:11:A9:E4:C6:29:4A:E1:A8:1E:46:BF
X509v3 Authority Key Identifier:
keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/yo_i6Nxj_eXMEankxilK4ageRr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.232.0/24
Signature Algorithm: sha256WithRSAEncryption
50:9d:40:65:80:f8:eb:a1:8c:d2:0f:d0:ad:fa:63:33:a6:e5:
6a:b4:0f:f0:77:a6:0e:75:21:03:eb:5b:19:28:8d:cb:e1:06:
5f:9b:7d:08:9e:b2:63:4e:d9:c3:e4:98:1c:70:7d:68:18:c2:
a3:b6:e5:e9:11:aa:01:2a:be:e8:c5:a4:88:ac:ba:88:88:7a:
4d:2a:c6:3b:b8:ba:1b:19:d7:84:3a:9e:a9:15:bb:87:17:e6:
43:06:21:df:5c:59:36:47:d0:ca:42:30:da:c0:45:63:0e:37:
19:fd:b6:40:6b:97:73:58:bd:db:9c:5b:bc:7b:38:14:9e:e5:
2f:aa:6c:c3:f7:1f:72:11:ff:b6:22:48:a7:42:7d:84:7f:be:
05:e5:46:97:0d:d2:53:a5:ec:c7:05:e0:6e:d3:24:d6:1b:0a:
c7:7a:0c:63:2c:01:e5:45:ce:ad:25:64:3e:51:c7:2f:af:ad:
b8:f2:4c:11:f6:45:2e:96:4f:80:20:75:2d:14:21:0f:4a:1a:
20:23:1c:02:a6:e6:fd:ac:36:b8:70:6a:ff:6c:6a:f3:a6:b3:
16:ce:6d:da:c8:7f:33:12:f2:ea:87:1d:65:a6:01:e3:fd:c7:
5f:f3:92:42:7c:48:a1:1e:a0:20:e7:24:df:73:cf:3d:92:fb:
b5:ec:ca:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsPqdetY8LZ8DP4hSj42YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjMwMTAyMDg1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYThmZTJlOGRjNjNmZGU1Y2MxMWE5ZTRjNjI5NGFlMWE4MWU0NmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEAN6A3J39F6WjTSjx+PWqNw9uAZ
qCvu8oocVblJrf8bsgbNhBih1TXKErsm1Gi3QJhatjQDS0M4sJq6NcY/R4TBv9m7
Kh/GDhcKB+JACyuqXT3QopLcdQl2tD7CO3KSOFqQ4cTz4Y2ZUqpLetjVSvhhxLtV
WlhGazZhXvWw6+V16K4tcZyYJYGxcBpBxGNAGlyK4ToXl7/QhYdd352GtpukJj7W
U5Nu0ZQ47lrUJES2SJ5XDaXRnRTcidllXyNNSEGWcAFuBvr7sV0BnTwzei+3YNfQ
EXk0UYVUMxGjh6hEoO/+LQcmXl38s4CwqFxRGR3ft0+F0wd/y3CiH+yyowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMqP4ujcY/3lzBGp5MYpSuGoHka/MB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEveW9faTZOeGpfZVhNRWFua3hpbEs0YWdlUnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSboMA0G
CSqGSIb3DQEBCwUAA4IBAQBQnUBlgPjroYzSD9Ct+mMzpuVqtA/wd6YOdSED61sZ
KI3L4QZfm30InrJjTtnD5JgccH1oGMKjtuXpEaoBKr7oxaSIrLqIiHpNKsY7uLob
GdeEOp6pFbuHF+ZDBiHfXFk2R9DKQjDawEVjDjcZ/bZAa5dzWL3bnFu8ezgUnuUv
qmzD9x9yEf+2IkinQn2Ef74F5UaXDdJTpezHBeBu0yTWGwrHegxjLAHlRc6tJWQ+
Uccvr6248kwR9kUulk+AIHUtFCEPShogIxwCpub9rDa4cGr/bGrzprMWzm3ayH8z
EvLqhx1lpgHj/cdf85JCfEihHqAg5yTfc889kvu17MpL
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:44 2025 by rpki-client