Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/1cM-JGQA8DqXm1nFL-PKxc_ffko.roa
File: 1cM-JGQA8DqXm1nFL-PKxc_ffko.roa (raw, json)
Hash identifier: FAeGSE7rjGXE6PIQNxGX5fhTsA7e3g8/F5A+q8quuVw=
Subject key identifier: D5:C3:3E:24:64:00:F0:3A:97:9B:59:C5:2F:E3:CA:C5:CF:DF:7E:4A
Certificate issuer: /CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Certificate serial: 050E6633
Authority key identifier: 5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/1cM-JGQA8DqXm1nFL-PKxc_ffko.roa
Signing time: Sat 01 Jan 2022 12:03:26 +0000
ROA not before: Sat 01 Jan 2022 12:03:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29646
IP address blocks: 89.30.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84829747 (0x50e6633)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e400ac2396ae228d2b2e56f4b06739969379e44
Validity
Not Before: Jan 1 12:03:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5c33e246400f03a979b59c52fe3cac5cfdf7e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:77:05:9a:f5:2c:78:4f:a3:a5:88:91:3f:d9:
cf:65:d8:bc:59:ed:8a:b7:9f:5b:34:ad:a4:37:62:
37:64:de:4a:d1:b9:df:97:fb:7b:83:21:45:41:12:
11:3d:eb:b9:f3:28:44:33:4f:2e:4e:3c:7c:bb:38:
6e:8b:19:d4:10:cf:c1:8e:6b:02:25:1a:17:99:80:
57:1b:f5:2f:11:ac:db:66:bf:ea:89:e1:33:ba:af:
49:97:a3:04:90:d1:7e:90:88:7d:40:6b:5e:6c:97:
10:aa:ff:33:41:1e:0a:67:c4:a0:90:74:a6:f7:d4:
41:53:89:b7:2d:79:c2:58:6b:0f:07:d2:18:12:c0:
e7:05:f0:03:d3:ea:6e:05:fb:9e:ce:4f:5b:14:93:
94:1b:1f:24:05:43:e2:63:0c:e7:c6:02:c6:77:aa:
e6:98:ad:71:4d:67:ac:d8:ca:b9:9b:e6:58:29:ce:
72:b4:d9:59:e4:cf:c0:0b:d4:4e:b0:db:6a:9c:bd:
cd:53:79:04:1d:cf:60:0e:96:88:2f:ca:ed:af:0f:
65:28:49:c8:65:0a:9d:b0:9a:7a:d9:ab:65:3b:bd:
02:b5:e6:f0:5b:e5:cd:56:f0:c7:48:55:83:6b:11:
94:e6:9c:4e:77:b4:a5:1f:cc:60:2c:ea:0a:12:bb:
a0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C3:3E:24:64:00:F0:3A:97:9B:59:C5:2F:E3:CA:C5:CF:DF:7E:4A
X509v3 Authority Key Identifier:
keyid:5E:40:0A:C2:39:6A:E2:28:D2:B2:E5:6F:4B:06:73:99:69:37:9E:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/1cM-JGQA8DqXm1nFL-PKxc_ffko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/d67a95-cb36-4937-9226-dfed12f1a01e/1/XkAKwjlq4ijSsuVvSwZzmWk3nkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.30.113.0/24
Signature Algorithm: sha256WithRSAEncryption
28:ca:8e:37:7a:37:d3:2a:8f:f1:b0:cd:7f:26:ae:01:ed:b6:
a6:89:ed:73:fb:59:8e:91:48:9e:67:fb:72:b6:f1:48:84:92:
83:b7:7e:01:bd:92:3b:78:51:2f:99:91:65:76:5d:50:ad:b2:
8e:58:e9:a7:02:e2:d1:f3:af:90:5d:77:0f:c8:7d:8d:45:77:
ea:1e:da:30:5a:48:94:85:90:3e:49:42:8e:aa:32:b0:8a:8d:
4a:cd:28:a8:1b:5f:00:17:54:9a:40:80:3f:4c:c0:2f:d5:42:
6c:4c:62:c7:7d:d4:da:25:ad:11:0d:93:e4:e6:df:24:4c:89:
63:61:0c:de:53:e0:d1:17:ee:4c:65:4b:ae:51:ba:fc:3d:7d:
0e:b0:2f:7c:75:e4:e0:94:de:6d:6c:d3:0c:94:6d:d1:d0:c4:
e9:5e:5e:bd:c3:ea:16:ea:09:f7:7e:ca:f5:30:3a:7e:e3:01:
83:85:ec:b3:c6:a1:ba:a8:ad:35:20:c5:f6:57:f7:0f:02:ae:
a4:c8:5d:cf:bb:b7:70:56:19:c6:bd:85:47:67:c0:c2:1e:09:
37:34:38:c6:f8:4b:5f:ea:f7:3e:c4:9d:3c:86:cf:8f:67:ee:
38:4b:9d:fa:e8:53:63:01:6a:b9:fe:c0:26:c6:db:92:63:34:
40:2d:4c:32
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBQ5mMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTQwMGFjMjM5NmFlMjI4ZDJiMmU1NmY0YjA2NzM5OTY5Mzc5ZTQ0MB4XDTIyMDEw
MTEyMDMyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDVjMzNlMjQ2NDAw
ZjAzYTk3OWI1OWM1MmZlM2NhYzVjZmRmN2U0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZ3BZr1LHhPo6WIkT/Zz2XYvFntirefWzStpDdiN2TeStG5
35f7e4MhRUESET3rufMoRDNPLk48fLs4bosZ1BDPwY5rAiUaF5mAVxv1LxGs22a/
6onhM7qvSZejBJDRfpCIfUBrXmyXEKr/M0EeCmfEoJB0pvfUQVOJty15wlhrDwfS
GBLA5wXwA9PqbgX7ns5PWxSTlBsfJAVD4mMM58YCxneq5pitcU1nrNjKuZvmWCnO
crTZWeTPwAvUTrDbapy9zVN5BB3PYA6WiC/K7a8PZShJyGUKnbCaetmrZTu9ArXm
8FvlzVbwx0hVg2sRlOacTne0pR/MYCzqChK7oP8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTVwz4kZADwOpebWcUv48rFz99+SjAfBgNVHSMEGDAWgBReQArCOWriKNKy
5W9LBnOZaTeeRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hrQUt3amxxNGlqU3N1VnZTd1p6bVdrM25rUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvZDY3YTk1LWNiMzYtNDkzNy05MjI2LWRmZWQxMmYxYTAxZS8x
LzFjTS1KR1FBOERxWG0xbkZMLVBLeGNfZmZrby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
ZDY3YTk1LWNiMzYtNDkzNy05MjI2LWRmZWQxMmYxYTAxZS8xL1hrQUt3amxxNGlq
U3N1VnZTd1p6bVdrM25rUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkecTANBgkqhkiG9w0BAQsFAAOC
AQEAKMqON3o30yqP8bDNfyauAe22pontc/tZjpFInmf7crbxSISSg7d+Ab2SO3hR
L5mRZXZdUK2yjljppwLi0fOvkF13D8h9jUV36h7aMFpIlIWQPklCjqoysIqNSs0o
qBtfABdUmkCAP0zAL9VCbExix33U2iWtEQ2T5ObfJEyJY2EM3lPg0RfuTGVLrlG6
/D19DrAvfHXk4JTebWzTDJRt0dDE6V5evcPqFuoJ937K9TA6fuMBg4Xss8ahuqit
NSDF9lf3DwKupMhdz7u3cFYZxr2FR2fAwh4JNzQ4xvhLX+r3PsSdPIbPj2fuOEud
+uhTYwFquf7AJsbbkmM0QC1MMg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:58 2025 by rpki-client