Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/xhtqF3ZE2FsWQFfOzouhQ3w-FTc.roa
File: xhtqF3ZE2FsWQFfOzouhQ3w-FTc.roa (raw, json)
Hash identifier: /wSlTT3a/cOuJt4Z4LDZwLRGPmmivBn/3bAHutyoTdk=
Subject key identifier: C6:1B:6A:17:76:44:D8:5B:16:40:57:CE:CE:8B:A1:43:7C:3E:15:37
Certificate issuer: /CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Certificate serial: 01856FA720DB95E177A54110A002ADD7E0C2
Authority key identifier: 9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/xhtqF3ZE2FsWQFfOzouhQ3w-FTc.roa
Signing time: Sun 01 Jan 2023 23:25:01 +0000
ROA not before: Sun 01 Jan 2023 23:25:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205139
IP address blocks: 89.45.216.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:20:db:95:e1:77:a5:41:10:a0:02:ad:d7:e0:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b200d0e7ad3cef72238b5164c4b2cdde23a6a1e
Validity
Not Before: Jan 1 23:25:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c61b6a177644d85b164057cece8ba1437c3e1537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9c:e8:2a:32:ca:2e:15:43:f6:14:a7:83:e4:
67:d7:62:50:bc:df:14:4e:3e:a1:71:ee:7f:63:b3:
75:4e:f9:85:62:98:6e:7e:49:0e:cd:1e:44:76:a7:
e7:e6:eb:e0:aa:bd:30:73:9a:ef:13:58:c9:5a:45:
3a:4d:0f:31:fc:3c:40:48:69:06:ed:b2:e6:0a:83:
d7:c7:84:97:be:5e:25:0c:b4:d9:a9:48:67:7c:69:
05:78:52:cd:7e:4e:05:4a:6d:b8:f6:7a:cc:3f:47:
be:b8:d2:c1:c1:7c:32:77:a0:9a:9a:ac:3d:96:f2:
d9:28:0c:a4:d5:0e:3d:96:ae:6a:c8:7e:ab:fe:e7:
63:b3:f6:31:cb:a6:bb:09:6b:3b:65:c8:54:14:5b:
80:78:0f:41:ef:c6:e5:8b:01:1b:87:38:a6:2d:66:
18:87:7e:fd:3b:06:dc:17:71:1f:f2:be:98:a9:3f:
91:4d:c5:6a:5d:9a:d2:f7:60:09:7c:98:f8:44:c9:
e4:70:78:13:e6:70:ea:0a:85:2c:4a:c4:e4:30:1a:
d3:c1:fc:df:90:a6:c5:17:69:1e:81:66:e8:e7:ee:
f5:af:ec:9e:90:2c:32:d1:12:f2:e1:a8:2b:ba:4b:
cd:50:1a:4a:72:e1:99:fa:a7:83:31:58:bd:73:ce:
38:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1B:6A:17:76:44:D8:5B:16:40:57:CE:CE:8B:A1:43:7C:3E:15:37
X509v3 Authority Key Identifier:
keyid:9B:20:0D:0E:7A:D3:CE:F7:22:38:B5:16:4C:4B:2C:DD:E2:3A:6A:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/myANDnrTzvciOLUWTEss3eI6ah4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/xhtqF3ZE2FsWQFfOzouhQ3w-FTc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/fcbcc6-739b-4f5c-ae3c-a4f08dbb85a5/1/myANDnrTzvciOLUWTEss3eI6ah4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.216.0/22
Signature Algorithm: sha256WithRSAEncryption
11:1e:6f:1a:bf:07:54:25:49:c2:c1:59:67:23:00:b0:38:60:
b8:b7:6b:44:4a:e6:07:f6:c1:c8:ba:48:e7:43:16:04:d1:d1:
33:2d:e9:67:3d:38:2d:e9:2f:a6:2d:f5:c1:46:7e:f7:5d:c4:
ca:d9:ea:74:9d:44:a3:8a:52:0e:ab:3e:f2:a7:39:7d:06:e0:
e4:5c:5b:ad:66:ca:01:3c:a9:57:4a:04:bb:23:36:14:0c:10:
72:39:f2:3f:da:15:76:cc:e8:03:7a:80:a0:54:cd:9a:ec:81:
68:93:9f:c6:e5:0c:48:2d:9e:b4:02:39:5c:67:93:b8:03:55:
44:4d:3a:bd:8f:0b:ba:f9:43:75:e4:88:56:9a:0d:80:ff:94:
28:7e:9c:10:59:a5:ae:1d:98:c1:1b:9c:65:1d:4c:66:d0:51:
c4:42:d1:ea:20:59:50:f2:50:36:10:fc:8e:62:f0:d7:86:ac:
0b:83:d4:d7:98:10:dc:fc:79:66:39:ab:e1:9e:75:cb:ff:5a:
a9:f9:19:90:93:e9:82:5b:10:6e:b5:c1:3b:57:7e:8b:09:36:
63:26:99:87:89:16:40:19:a9:b6:4d:93:cd:70:ad:ec:43:71:
99:83:21:16:5f:0f:d0:dd:c4:16:77:29:db:54:71:37:ad:3b:
87:83:ee:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpyDbleF3pUEQoAKt1+DCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMjAwZDBlN2FkM2NlZjcyMjM4YjUxNjRjNGIyY2RkZTIz
YTZhMWUwHhcNMjMwMTAxMjMyNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjFiNmExNzc2NDRkODViMTY0MDU3Y2VjZThiYTE0MzdjM2UxNTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZzoKjLKLhVD9hSng+Rn12JQvN8U
Tj6hce5/Y7N1TvmFYphufkkOzR5Edqfn5uvgqr0wc5rvE1jJWkU6TQ8x/DxASGkG
7bLmCoPXx4SXvl4lDLTZqUhnfGkFeFLNfk4FSm249nrMP0e+uNLBwXwyd6Camqw9
lvLZKAyk1Q49lq5qyH6r/udjs/Yxy6a7CWs7ZchUFFuAeA9B78bliwEbhzimLWYY
h379OwbcF3Ef8r6YqT+RTcVqXZrS92AJfJj4RMnkcHgT5nDqCoUsSsTkMBrTwfzf
kKbFF2kegWbo5+71r+yekCwy0RLy4agrukvNUBpKcuGZ+qeDMVi9c8442wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMYbahd2RNhbFkBXzs6LoUN8PhU3MB8GA1UdIwQY
MBaAFJsgDQ560873Iji1FkxLLN3iOmoeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2Mt
YTRmMDhkYmI4NWE1LzEveGh0cUYzWkUyRnNXUUZmT3pvdWhRM3ctRlRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mY2JjYzYtNzM5Yi00ZjVjLWFlM2MtYTRmMDhkYmI4NWE1
LzEvbXlBTkRuclR6dmNpT0xVV1RFc3MzZUk2YWg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWS3YMA0G
CSqGSIb3DQEBCwUAA4IBAQARHm8avwdUJUnCwVlnIwCwOGC4t2tESuYH9sHIukjn
QxYE0dEzLelnPTgt6S+mLfXBRn73XcTK2ep0nUSjilIOqz7ypzl9BuDkXFutZsoB
PKlXSgS7IzYUDBByOfI/2hV2zOgDeoCgVM2a7IFok5/G5QxILZ60AjlcZ5O4A1VE
TTq9jwu6+UN15IhWmg2A/5QofpwQWaWuHZjBG5xlHUxm0FHEQtHqIFlQ8lA2EPyO
YvDXhqwLg9TXmBDc/HlmOavhnnXL/1qp+RmQk+mCWxButcE7V36LCTZjJpmHiRZA
Gam2TZPNcK3sQ3GZgyEWXw/Q3cQWdynbVHE3rTuHg+7/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:17 2025 by rpki-client