Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/fGFKty7f48R3GNIhlAQytCoGBLU.roa
File: fGFKty7f48R3GNIhlAQytCoGBLU.roa (raw, json)
Hash identifier: +SNqE+sETnPz3vY/93y4FMRTJez/4jcdFQGdLp8YIIw=
Subject key identifier: 7C:61:4A:B7:2E:DF:E3:C4:77:18:D2:21:94:04:32:B4:2A:06:04:B5
Certificate issuer: /CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Certificate serial: 01856D6F8A379F860A09B19C01A59295BCEF
Authority key identifier: B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/fGFKty7f48R3GNIhlAQytCoGBLU.roa
Signing time: Sun 01 Jan 2023 13:05:04 +0000
ROA not before: Sun 01 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20845
IP address blocks: 89.107.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:8a:37:9f:86:0a:09:b1:9c:01:a5:92:95:bc:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Validity
Not Before: Jan 1 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c614ab72edfe3c47718d221940432b42a0604b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:12:a8:22:4b:5c:20:6e:9d:cb:b5:9f:c9:35:
5b:3a:5e:57:6e:12:d0:ff:0e:71:3d:f5:6e:a8:db:
9b:b6:ab:0d:96:dd:8f:33:56:c6:85:3a:39:fe:5d:
a2:a0:a7:c1:07:24:a7:6e:e2:90:4b:d3:63:d5:ee:
54:ff:2e:e5:0c:69:68:28:56:1f:69:6d:14:79:92:
f8:54:bc:98:63:0a:34:94:bb:7c:76:69:66:a3:d1:
36:ee:36:fa:58:c0:27:84:6b:aa:fb:1a:5e:52:3e:
fc:29:6f:42:19:64:7b:85:7a:09:06:e9:2d:6e:00:
2b:7d:d6:ee:d9:86:6b:c8:5b:02:a4:a6:a1:ab:99:
74:62:85:25:85:e9:1e:ca:1b:b3:05:77:cc:d2:81:
31:39:84:4a:72:39:2c:17:13:da:80:b8:a4:3c:67:
70:ab:98:85:a6:25:a3:75:ed:e1:00:99:4d:db:bd:
6f:45:51:e6:94:a3:b8:23:ce:b1:39:d8:0c:a7:9d:
e9:fa:eb:e4:95:e5:e4:d7:5d:61:59:8b:42:27:d8:
d4:d0:8f:aa:ad:7a:61:ed:80:7a:de:ef:fe:cc:76:
a5:42:1c:74:06:92:7b:f0:b9:ae:21:7e:2b:1b:3a:
20:36:ac:7d:b9:f3:fd:7a:70:c6:51:cc:37:8c:f3:
0d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:61:4A:B7:2E:DF:E3:C4:77:18:D2:21:94:04:32:B4:2A:06:04:B5
X509v3 Authority Key Identifier:
keyid:B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/fGFKty7f48R3GNIhlAQytCoGBLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.248.0/24
Signature Algorithm: sha256WithRSAEncryption
81:07:f4:fe:e4:81:4c:d6:05:bb:30:ed:8e:19:37:a6:ec:a3:
e0:18:0b:4d:ce:b2:ca:69:34:56:85:ee:ad:dc:b2:3c:7b:fb:
e5:a9:74:36:76:a0:13:48:4a:b9:1e:c1:f0:a1:c5:a8:d9:ae:
97:ad:85:8b:d7:91:d3:c1:80:05:b1:bd:01:1c:d2:cd:d7:67:
48:4e:da:26:85:da:a1:1c:d7:5b:37:71:17:57:19:bc:c6:f2:
bb:92:f9:c8:67:71:f1:e9:4f:64:21:e7:8b:6e:05:a4:62:43:
2f:5b:c2:ba:46:f2:d6:8c:9b:a7:28:1c:95:41:3e:75:e5:02:
8c:77:d8:76:8b:22:32:2a:6c:27:47:ca:48:7d:07:e0:9c:87:
95:df:7b:54:7c:25:4a:90:99:23:5a:0d:82:92:fa:01:b9:c6:
2c:d0:d6:91:43:4a:8a:9a:77:5f:c7:98:1e:00:cb:05:71:35:
1e:c5:a2:6f:0c:89:77:63:34:67:d7:f7:7c:6c:a4:44:4c:e8:
77:10:b3:80:91:d6:a9:3a:db:3a:33:25:7b:a6:ab:6c:ba:e9:
bd:3f:83:fe:36:25:ec:86:8a:e2:e6:42:04:2f:b9:95:8b:ba:
26:29:1d:ec:97:fc:b9:78:0a:9e:4f:fb:e2:6e:72:37:50:ef:
dd:59:9c:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb4o3n4YKCbGcAaWSlbzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjM1MGEwYWUzMmU3M2U2NjBjNDE2YzNmMTQwNmVkZDM2
MTVmODIwHhcNMjMwMTAxMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzYxNGFiNzJlZGZlM2M0NzcxOGQyMjE5NDA0MzJiNDJhMDYwNGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRKoIktcIG6dy7WfyTVbOl5XbhLQ
/w5xPfVuqNubtqsNlt2PM1bGhTo5/l2ioKfBBySnbuKQS9Nj1e5U/y7lDGloKFYf
aW0UeZL4VLyYYwo0lLt8dmlmo9E27jb6WMAnhGuq+xpeUj78KW9CGWR7hXoJBukt
bgArfdbu2YZryFsCpKahq5l0YoUlhekeyhuzBXfM0oExOYRKcjksFxPagLikPGdw
q5iFpiWjde3hAJlN271vRVHmlKO4I86xOdgMp53p+uvkleXk111hWYtCJ9jU0I+q
rXph7YB63u/+zHalQhx0BpJ78LmuIX4rGzogNqx9ufP9enDGUcw3jPMNQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHxhSrcu3+PEdxjSIZQEMrQqBgS1MB8GA1UdIwQY
MBaAFLmzUKCuMuc+ZgxBbD8UBu3TYV+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2Et
ZWY3M2I3YjRjYTNjLzEvZkdGS3R5N2Y0OFIzR05JaGxBUXl0Q29HQkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2EtZWY3M2I3YjRjYTNj
LzEvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWv4MA0G
CSqGSIb3DQEBCwUAA4IBAQCBB/T+5IFM1gW7MO2OGTem7KPgGAtNzrLKaTRWhe6t
3LI8e/vlqXQ2dqATSEq5HsHwocWo2a6XrYWL15HTwYAFsb0BHNLN12dITtomhdqh
HNdbN3EXVxm8xvK7kvnIZ3Hx6U9kIeeLbgWkYkMvW8K6RvLWjJunKByVQT515QKM
d9h2iyIyKmwnR8pIfQfgnIeV33tUfCVKkJkjWg2CkvoBucYs0NaRQ0qKmndfx5ge
AMsFcTUexaJvDIl3YzRn1/d8bKRETOh3ELOAkdapOts6MyV7pqtsuum9P4P+NiXs
hori5kIEL7mVi7omKR3sl/y5eAqeT/vibnI3UO/dWZzU
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:47 2025 by rpki-client