Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/owEuGXM34PH9IZF_Rs03-y5s-20.roa
File: owEuGXM34PH9IZF_Rs03-y5s-20.roa (raw, json)
Hash identifier: ZFlcvBTL4jIwhdp4peFf/heRul5RcvdPG4yetTDpO7Y=
Subject key identifier: A3:01:2E:19:73:37:E0:F1:FD:21:91:7F:46:CD:37:FB:2E:6C:FB:6D
Certificate issuer: /CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Certificate serial: 01856D6F8B240F5BE7585A6ED9AF40642966
Authority key identifier: B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/owEuGXM34PH9IZF_Rs03-y5s-20.roa
Signing time: Sun 01 Jan 2023 13:05:04 +0000
ROA not before: Sun 01 Jan 2023 13:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34226
IP address blocks: 89.107.248.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:8b:24:0f:5b:e7:58:5a:6e:d9:af:40:64:29:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Validity
Not Before: Jan 1 13:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3012e197337e0f1fd21917f46cd37fb2e6cfb6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b0:0d:c7:5a:f5:2e:e1:f8:5c:8a:43:3a:fc:
ac:9c:cb:57:68:00:48:f5:32:16:84:c0:a6:7e:a9:
b1:0e:1d:1c:b1:e4:2e:6b:cf:38:24:1d:8f:e0:64:
d1:2e:07:50:f2:72:f0:51:aa:25:25:d8:8b:d6:09:
61:13:7d:a3:53:72:eb:21:18:2d:3e:23:fe:98:40:
3c:70:fd:15:d1:6a:da:7f:ea:e5:6c:9a:a8:35:03:
46:29:c1:4d:3c:fb:91:ae:d4:33:92:3d:19:48:e8:
64:d6:77:25:5b:1d:1c:21:fe:bc:b4:90:ba:77:99:
17:b1:f2:e1:11:8e:a7:e4:91:50:2b:43:35:e5:cf:
90:4d:0b:58:e1:af:a2:38:f6:ac:61:92:04:ea:11:
7a:6f:34:41:15:d7:11:4c:da:e8:68:ef:b3:8e:72:
5c:06:f8:fe:e9:db:ac:8f:5f:d5:1e:5f:0a:d8:06:
d3:51:81:aa:3e:5e:12:46:c6:af:57:a6:fc:6f:13:
d9:e6:6f:e4:cc:24:c7:ea:fe:67:43:94:d7:43:8b:
2d:dc:ee:49:77:6c:7e:cd:5f:2b:ef:e3:ee:3c:73:
78:21:ad:c6:ae:2d:c4:42:25:63:e5:2b:0f:93:27:
29:14:f1:be:df:c4:5c:ce:5b:d7:a9:72:3f:79:fc:
e4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:01:2E:19:73:37:E0:F1:FD:21:91:7F:46:CD:37:FB:2E:6C:FB:6D
X509v3 Authority Key Identifier:
keyid:B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/owEuGXM34PH9IZF_Rs03-y5s-20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.248.0/21
Signature Algorithm: sha256WithRSAEncryption
93:c1:81:74:31:45:c1:c0:4b:a2:52:84:5a:61:22:3e:44:3a:
c0:7e:2a:34:d8:8a:f7:68:20:31:51:69:63:e6:18:8c:bc:86:
59:8b:cc:c7:7f:45:c4:6d:fd:59:0c:71:b3:ff:58:f2:44:2c:
f0:97:71:06:a0:54:68:5d:ed:13:b9:97:2d:98:e2:b7:74:68:
1d:82:7e:53:e7:e2:4d:b3:ac:bb:e1:6a:1c:41:ef:33:52:48:
6c:c9:c8:b4:72:57:73:22:2e:f8:71:d2:c6:02:bd:76:e3:d7:
36:67:a1:11:25:d9:87:a2:76:cb:b3:fa:26:9d:97:79:d7:ad:
28:d3:49:b1:3c:75:d5:82:94:4c:ac:7a:b7:07:31:2d:ed:f0:
38:19:33:ed:c9:6b:51:77:cf:2f:47:71:55:79:33:e4:ee:74:
ff:8a:32:77:cb:ca:e0:f4:85:64:26:2a:5a:7b:27:4c:71:30:
1a:a0:f5:51:99:86:d8:bf:25:a8:50:9d:0c:83:85:20:78:9c:
4e:ce:f6:41:42:5d:7f:1c:2e:9f:bf:33:32:cf:6e:18:d6:46:
f2:14:6c:bd:d5:7e:cf:e1:48:48:fe:e5:98:64:7d:88:22:f7:
53:c7:00:b7:3e:1b:9a:6b:f9:f0:31:f1:f7:02:be:56:e3:99:
2e:7c:59:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtb4skD1vnWFpu2a9AZClmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjM1MGEwYWUzMmU3M2U2NjBjNDE2YzNmMTQwNmVkZDM2
MTVmODIwHhcNMjMwMTAxMTMwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzAxMmUxOTczMzdlMGYxZmQyMTkxN2Y0NmNkMzdmYjJlNmNmYjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rANx1r1LuH4XIpDOvysnMtXaABI
9TIWhMCmfqmxDh0cseQua884JB2P4GTRLgdQ8nLwUaolJdiL1glhE32jU3LrIRgt
PiP+mEA8cP0V0Wraf+rlbJqoNQNGKcFNPPuRrtQzkj0ZSOhk1nclWx0cIf68tJC6
d5kXsfLhEY6n5JFQK0M15c+QTQtY4a+iOPasYZIE6hF6bzRBFdcRTNroaO+zjnJc
Bvj+6dusj1/VHl8K2AbTUYGqPl4SRsavV6b8bxPZ5m/kzCTH6v5nQ5TXQ4st3O5J
d2x+zV8r7+PuPHN4Ia3Gri3EQiVj5SsPkycpFPG+38RczlvXqXI/efzkAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKMBLhlzN+Dx/SGRf0bNN/subPttMB8GA1UdIwQY
MBaAFLmzUKCuMuc+ZgxBbD8UBu3TYV+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2Et
ZWY3M2I3YjRjYTNjLzEvb3dFdUdYTTM0UEg5SVpGX1JzMDMteTVzLTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2EtZWY3M2I3YjRjYTNj
LzEvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWWv4MA0G
CSqGSIb3DQEBCwUAA4IBAQCTwYF0MUXBwEuiUoRaYSI+RDrAfio02Ir3aCAxUWlj
5hiMvIZZi8zHf0XEbf1ZDHGz/1jyRCzwl3EGoFRoXe0TuZctmOK3dGgdgn5T5+JN
s6y74WocQe8zUkhsyci0cldzIi74cdLGAr1249c2Z6ERJdmHonbLs/omnZd5160o
00mxPHXVgpRMrHq3BzEt7fA4GTPtyWtRd88vR3FVeTPk7nT/ijJ3y8rg9IVkJipa
eydMcTAaoPVRmYbYvyWoUJ0Mg4UgeJxOzvZBQl1/HC6fvzMyz24Y1kbyFGy91X7P
4UhI/uWYZH2IIvdTxwC3Phuaa/nwMfH3Ar5W45kufFmk
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:32:51 2025 by rpki-client