Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/F7ue1zf8PGKaZ8wKrUQG3Qo-iYQ.roa
File: F7ue1zf8PGKaZ8wKrUQG3Qo-iYQ.roa (raw, json)
Hash identifier: ALBvGI/XG1vfwUV/pgZgZjWy/GkaKyZ8vvzUvrNmdqM=
Subject key identifier: 17:BB:9E:D7:37:FC:3C:62:9A:67:CC:0A:AD:44:06:DD:0A:3E:89:84
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 0185726B777CC7D484799C96C505B604784C
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/F7ue1zf8PGKaZ8wKrUQG3Qo-iYQ.roa
Signing time: Mon 02 Jan 2023 12:18:43 +0000
ROA not before: Mon 02 Jan 2023 12:18:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212271
IP address blocks: 152.89.169.0/24 maxlen: 24
152.89.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:6b:77:7c:c7:d4:84:79:9c:96:c5:05:b6:04:78:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 2 12:18:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17bb9ed737fc3c629a67cc0aad4406dd0a3e8984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5a:1a:d4:db:26:ca:a7:9d:cf:52:6b:4e:28:
87:55:6e:f4:c0:44:11:9b:21:96:15:5f:70:ee:ae:
05:3e:2d:a3:9d:e0:66:19:9d:62:51:c5:90:64:60:
75:de:30:b1:e5:01:49:84:bf:8b:e1:a9:95:14:74:
1c:3d:24:61:29:aa:3e:19:80:8b:5a:17:9b:6f:93:
1b:d0:fc:7b:7b:f1:72:f7:7c:3f:9c:c2:5e:bf:37:
cd:f6:5f:c1:9a:e3:7c:16:af:43:88:b8:87:43:a9:
84:55:04:5f:3e:11:dc:c4:63:83:5b:f4:36:9c:0f:
5e:2c:3f:fc:f1:c3:79:31:6c:cd:1e:d2:7b:11:24:
00:87:1a:bc:80:35:a1:fd:92:4f:03:cb:fc:4d:0b:
20:6d:0f:fe:6e:3d:d9:92:2f:44:c5:3d:24:b9:95:
98:d8:69:42:16:e1:bb:7f:a5:5f:ce:22:e7:7e:0e:
92:2b:f5:a0:22:7f:23:a3:51:1e:7b:e0:2d:02:c4:
c0:4b:33:a1:c1:cb:95:f8:a2:23:da:aa:6c:ba:6a:
9f:30:85:3e:f7:af:06:b8:90:ad:d9:05:9a:e4:ad:
15:61:c4:30:83:34:a7:8b:cd:70:6b:36:19:66:86:
49:5a:0d:56:ae:1a:a0:e0:55:24:2c:5d:75:51:9c:
b0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:BB:9E:D7:37:FC:3C:62:9A:67:CC:0A:AD:44:06:DD:0A:3E:89:84
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/F7ue1zf8PGKaZ8wKrUQG3Qo-iYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.168.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:d8:3f:e3:74:c7:a1:31:c1:9e:2c:ee:71:9e:00:77:e7:c5:
6c:44:e2:c3:e4:84:44:e2:8e:82:ac:1c:23:58:2e:92:eb:b8:
7d:48:dd:c7:30:67:99:10:32:95:cd:25:eb:39:13:c7:6e:d5:
54:69:56:27:5e:d0:11:9b:ea:64:c8:97:44:7e:70:a9:4d:a3:
ab:90:7c:c9:4a:e8:b7:5a:48:92:1b:65:48:73:aa:0e:a2:cb:
d8:28:0e:39:d2:92:31:14:c2:71:ca:d3:2d:7f:d7:4c:78:89:
e1:31:81:50:ae:ac:96:c1:1c:2d:11:46:8b:20:d6:77:dc:67:
d3:89:4f:a2:2b:ee:f7:80:c1:09:61:85:9d:8e:19:d4:da:60:
a6:68:90:d5:82:5a:76:a9:54:ea:2d:de:34:2f:1b:ec:9d:a4:
07:c1:b6:cb:8c:c4:9e:45:32:6d:25:98:d5:55:fe:b1:5c:2b:
72:8a:f5:b5:e8:52:3d:52:3a:43:c5:28:ab:3a:71:21:66:b6:
97:2d:45:1b:9a:03:25:5c:55:bc:ee:5c:59:52:d0:d2:b4:f2:
a0:66:d9:54:ff:ec:b4:6b:44:db:7a:5e:ac:ec:a6:6c:06:7b:
87:8b:4d:b0:bb:34:d5:cf:0a:53:86:1f:02:e0:bc:21:fc:95:
51:10:4e:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVya3d8x9SEeZyWxQW2BHhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZjU0M2UyM2UyOWZiMDM3NDhkMDkzOTcyNmYzMGZlOWFm
ZmExOWUwHhcNMjMwMTAyMTIxODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2JiOWVkNzM3ZmMzYzYyOWE2N2NjMGFhZDQ0MDZkZDBhM2U4OTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnloa1Nsmyqedz1JrTiiHVW70wEQR
myGWFV9w7q4FPi2jneBmGZ1iUcWQZGB13jCx5QFJhL+L4amVFHQcPSRhKao+GYCL
Whebb5Mb0Px7e/Fy93w/nMJevzfN9l/BmuN8Fq9DiLiHQ6mEVQRfPhHcxGODW/Q2
nA9eLD/88cN5MWzNHtJ7ESQAhxq8gDWh/ZJPA8v8TQsgbQ/+bj3Zki9ExT0kuZWY
2GlCFuG7f6VfziLnfg6SK/WgIn8jo1Eee+AtAsTASzOhwcuV+KIj2qpsumqfMIU+
968GuJCt2QWa5K0VYcQwgzSni81wazYZZoZJWg1Wrhqg4FUkLF11UZywLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBe7ntc3/DximmfMCq1EBt0KPomEMB8GA1UdIwQY
MBaAFAv1Q+I+KfsDdI0JOXJvMP6a/6GeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMt
YTM1ZmM0MzhkNGNhLzEvRjd1ZTF6ZjhQR0thWjh3S3JVUUczUW8taVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS9hZmEzNGMtZjNmMC00MDVjLWIwODMtYTM1ZmM0MzhkNGNh
LzEvQ19WRDRqNHAtd04walFrNWNtOHdfcHJfb1o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFmoMA0G
CSqGSIb3DQEBCwUAA4IBAQCp2D/jdMehMcGeLO5xngB358VsROLD5IRE4o6CrBwj
WC6S67h9SN3HMGeZEDKVzSXrORPHbtVUaVYnXtARm+pkyJdEfnCpTaOrkHzJSui3
WkiSG2VIc6oOosvYKA450pIxFMJxytMtf9dMeInhMYFQrqyWwRwtEUaLINZ33GfT
iU+iK+73gMEJYYWdjhnU2mCmaJDVglp2qVTqLd40LxvsnaQHwbbLjMSeRTJtJZjV
Vf6xXCtyivW16FI9UjpDxSirOnEhZraXLUUbmgMlXFW87lxZUtDStPKgZtlU/+y0
a0Tbel6s7KZsBnuHi02wuzTVzwpThh8C4Lwh/JVREE5Y
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:49 2025 by rpki-client