Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/4aySRg1au-CAZp_TkyI_b8g0GNI.roa
File: 4aySRg1au-CAZp_TkyI_b8g0GNI.roa (raw, json)
Hash identifier: RF0ovvYKQ91Jzpf9hYiQGetsWEOrBpEDwz4nak0PlLo=
Subject key identifier: E1:AC:92:46:0D:5A:BB:E0:80:66:9F:D3:93:22:3F:6F:C8:34:18:D2
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 018B93EEB3255BEBA632F4F4B457A4C00A3A
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/4aySRg1au-CAZp_TkyI_b8g0GNI.roa
Signing time: Fri 03 Nov 2023 06:46:15 +0000
ROA not before: Fri 03 Nov 2023 06:46:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50889
IP address blocks: 217.199.222.0/24 maxlen: 24
89.248.237.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:ee:b3:25:5b:eb:a6:32:f4:f4:b4:57:a4:c0:0a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Nov 3 06:46:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e1ac92460d5abbe080669fd393223f6fc83418d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:af:b1:2d:e6:cd:7f:1c:50:5e:ae:3d:03:b4:
cf:e6:0d:ba:f7:a6:d8:ba:9f:ab:5a:87:11:cc:42:
db:e2:c1:e2:d2:3d:ef:7c:00:c3:53:c4:ae:5a:66:
03:1f:54:f0:96:ae:49:7e:9d:6c:c7:5d:68:88:dd:
dd:d3:40:26:1b:cf:57:01:38:ba:f6:d5:c7:35:74:
d6:0e:bd:4c:87:ef:9b:75:ac:fc:17:32:dd:7e:19:
0e:fb:c8:5e:65:bb:92:4d:3c:6a:20:bb:4c:50:71:
1d:d9:ff:9c:93:40:74:98:e5:0f:8a:c9:ea:80:f3:
18:e0:fd:22:63:bb:b5:cd:da:88:a5:59:4b:75:36:
8d:9e:5e:8f:ef:45:45:35:87:7b:c5:b9:63:e3:11:
e6:27:2c:83:23:ee:d0:cd:3d:96:6c:c8:0b:df:7c:
8a:55:1a:1d:b5:39:1a:60:5e:fc:8a:ac:76:6b:cd:
14:e3:a4:75:44:f7:e4:e0:81:c4:03:25:f8:2c:12:
35:c6:b1:15:7d:9c:ff:c0:83:9c:3b:b8:37:68:d0:
68:d2:f2:0c:e5:1f:68:c3:8e:31:ac:c4:ff:61:8c:
26:5a:60:9a:b7:b7:47:0a:09:ff:4c:e6:56:8a:c2:
6a:0c:c1:54:b3:87:81:b4:e4:3b:9d:4f:9e:07:63:
7e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:AC:92:46:0D:5A:BB:E0:80:66:9F:D3:93:22:3F:6F:C8:34:18:D2
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/4aySRg1au-CAZp_TkyI_b8g0GNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.237.0/24
217.199.222.0/24
Signature Algorithm: sha256WithRSAEncryption
48:9d:12:b1:9f:0d:ec:35:be:42:14:76:bc:14:48:18:d0:2f:
72:86:1f:ef:59:6f:28:6d:1d:fc:db:93:2c:87:dd:bd:cc:e9:
a8:75:d5:5f:46:36:7a:d0:c4:fe:96:5f:26:b9:8f:7d:ab:07:
7a:9c:1a:2f:5c:39:86:69:60:00:da:02:fc:ab:dc:8f:da:08:
11:2c:2c:8d:97:d7:f9:40:c4:7c:7f:1c:f3:43:ae:b4:07:59:
f6:9a:83:32:92:e7:59:87:b1:e2:fa:fe:e8:2d:ef:12:6e:43:
43:d3:eb:09:a2:99:af:60:70:73:27:50:7b:9d:c4:a9:20:95:
40:6f:f5:4a:98:3e:17:7c:80:20:7c:2e:c0:73:a1:ef:db:ad:
49:19:28:b9:7e:5a:65:79:cf:6c:3b:94:4e:21:0d:84:1e:7b:
1a:bd:49:43:87:85:0f:d1:c6:eb:8b:4e:33:18:c8:d7:4a:d4:
1d:e7:c4:a8:d3:d6:25:0d:05:c4:fe:27:75:b8:0d:36:5f:e3:
c6:dc:94:ba:27:f9:00:b4:98:92:dd:d6:1e:ac:49:43:d9:15:
b9:98:04:82:a8:be:8e:4b:1e:e8:a2:23:a2:c5:a6:7c:91:af:
25:f9:1f:92:3b:a9:c6:e9:3f:36:66:73:8a:28:5f:3f:0b:72:
f9:da:64:80
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYuT7rMlW+umMvT0tFekwAo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjMxMTAzMDY0NjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMWFjOTI0NjBkNWFiYmUwODA2NjlmZDM5MzIyM2Y2ZmM4MzQxOGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6+xLebNfxxQXq49A7TP5g2696bY
up+rWocRzELb4sHi0j3vfADDU8SuWmYDH1Twlq5Jfp1sx11oiN3d00AmG89XATi6
9tXHNXTWDr1Mh++bdaz8FzLdfhkO+8heZbuSTTxqILtMUHEd2f+ck0B0mOUPisnq
gPMY4P0iY7u1zdqIpVlLdTaNnl6P70VFNYd7xblj4xHmJyyDI+7QzT2WbMgL33yK
VRodtTkaYF78iqx2a80U46R1RPfk4IHEAyX4LBI1xrEVfZz/wIOcO7g3aNBo0vIM
5R9ow44xrMT/YYwmWmCat7dHCgn/TOZWisJqDMFUs4eBtOQ7nU+eB2N+ZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOGskkYNWrvggGaf05MiP2/INBjSMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvNGF5U1JnMWF1LUNBWnBfVGt5SV9iOGcwR05JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfjtAwQA
2cfeMA0GCSqGSIb3DQEBCwUAA4IBAQBInRKxnw3sNb5CFHa8FEgY0C9yhh/vWW8o
bR3825Msh929zOmoddVfRjZ60MT+ll8muY99qwd6nBovXDmGaWAA2gL8q9yP2ggR
LCyNl9f5QMR8fxzzQ660B1n2moMykudZh7Hi+v7oLe8SbkND0+sJopmvYHBzJ1B7
ncSpIJVAb/VKmD4XfIAgfC7Ac6Hv261JGSi5flplec9sO5ROIQ2EHnsavUlDh4UP
0cbri04zGMjXStQd58So09YlDQXE/id1uA02X+PG3JS6J/kAtJiS3dYerElD2RW5
mASCqL6OSx7ooiOixaZ8ka8l+R+SO6nG6T82ZnOKKF8/C3L52mSA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:33 2025 by rpki-client