Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/boiLFbJrDl0FcpFdycYjigBIRAg.roa
File: boiLFbJrDl0FcpFdycYjigBIRAg.roa (raw, json)
Hash identifier: qE0GSGp/FKTICGr5VH7vJfNVPwvx8hpBTwsUNbJscwU=
Subject key identifier: 6E:88:8B:15:B2:6B:0E:5D:05:72:91:5D:C9:C6:23:8A:00:48:44:08
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018572280DB673B7F94E2B763FD19C18D524
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/boiLFbJrDl0FcpFdycYjigBIRAg.roa
Signing time: Mon 02 Jan 2023 11:05:05 +0000
ROA not before: Mon 02 Jan 2023 11:05:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47860
IP address blocks: 89.188.160.0/24 maxlen: 24
89.188.180.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:28:0d:b6:73:b7:f9:4e:2b:76:3f:d1:9c:18:d5:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 2 11:05:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e888b15b26b0e5d0572915dc9c6238a00484408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:b8:c9:70:e3:ad:30:19:00:dd:bf:fd:1d:f7:
1b:ee:c1:e3:e3:93:4a:0d:69:ae:e2:71:ef:bc:48:
67:46:60:b7:7f:44:19:cd:43:86:ff:01:0a:f7:d7:
d4:4b:2e:3a:8d:1e:ed:9a:93:9c:5d:e6:35:dd:22:
cc:9d:d6:77:f9:22:50:ca:54:4e:a2:9d:73:58:94:
4b:96:68:78:75:fe:73:4f:ed:7c:4f:bc:86:5c:57:
af:48:eb:45:a0:49:5d:16:95:ee:ae:a0:d6:2b:f3:
df:e1:af:28:18:a7:4c:0f:55:e2:4d:85:54:be:2f:
eb:28:e0:a1:ae:9e:04:a3:4e:f8:4d:e1:8a:b5:d3:
52:6a:94:73:00:14:bd:0a:7f:b2:47:a2:95:63:20:
f8:46:d2:41:95:ef:c1:03:d2:2e:78:b0:b5:99:9e:
72:96:c9:f5:af:43:47:c7:2f:94:9a:0d:17:7b:ad:
2b:25:ea:11:6f:77:cb:a7:9f:f8:3e:e5:83:c2:27:
ef:c6:57:ac:e4:17:5b:f4:38:36:5e:ca:ea:e8:49:
d4:07:e5:f0:c5:cf:b1:60:45:16:6f:91:03:35:9d:
97:6f:14:3b:d6:a0:20:21:a9:67:1a:d0:dd:28:96:
a3:f2:3a:9d:21:85:2c:66:c9:73:f2:f6:57:80:95:
7d:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:88:8B:15:B2:6B:0E:5D:05:72:91:5D:C9:C6:23:8A:00:48:44:08
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/boiLFbJrDl0FcpFdycYjigBIRAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.188.160.0/24
89.188.180.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:6c:74:17:a3:2c:61:ce:82:97:bb:1e:51:c6:98:ea:b8:c9:
c4:ad:e5:70:b3:52:db:47:67:95:f3:0f:99:69:e6:3d:0e:6a:
ca:8e:16:4f:95:a4:bc:25:27:f5:0f:b9:35:c4:bd:17:e3:87:
1f:5a:e8:d3:c0:23:14:ae:0a:e9:73:80:f5:3b:5c:32:44:c8:
8b:46:8f:bc:a7:9e:d6:26:17:98:8b:6a:61:b7:3e:91:83:66:
25:51:82:4d:a8:26:77:9f:30:c5:82:81:7e:28:92:c9:d5:2e:
d1:33:72:cd:97:d4:0f:17:e1:4a:d4:14:6e:4e:37:77:49:41:
54:67:34:28:0d:1b:a5:b3:68:d8:76:12:ab:2a:ce:34:a6:a7:
e0:25:d5:95:a1:77:53:6a:ec:05:01:23:4b:22:4a:c0:f0:9c:
ea:7e:1a:80:32:35:ff:b1:c2:9c:1c:34:30:91:1e:76:7b:8d:
48:91:ce:49:2a:c1:89:b9:48:cb:8d:75:46:e7:b2:a0:a4:92:
ff:bb:bf:65:da:d7:93:56:61:01:a7:56:03:34:4b:84:62:1c:
ce:79:30:72:c7:0c:99:0d:9a:c2:68:86:00:10:75:3d:58:25:
b0:32:7d:a2:b5:64:cd:81:42:9e:85:c6:d3:e9:51:bb:7c:1f:
0b:b2:27:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVyKA22c7f5Tit2P9GcGNUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjMwMTAyMTEwNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTg4OGIxNWIyNmIwZTVkMDU3MjkxNWRjOWM2MjM4YTAwNDg0NDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57jJcOOtMBkA3b/9Hfcb7sHj45NK
DWmu4nHvvEhnRmC3f0QZzUOG/wEK99fUSy46jR7tmpOcXeY13SLMndZ3+SJQylRO
op1zWJRLlmh4df5zT+18T7yGXFevSOtFoEldFpXurqDWK/Pf4a8oGKdMD1XiTYVU
vi/rKOChrp4Eo074TeGKtdNSapRzABS9Cn+yR6KVYyD4RtJBle/BA9IueLC1mZ5y
lsn1r0NHxy+Umg0Xe60rJeoRb3fLp5/4PuWDwifvxles5Bdb9Dg2Xsrq6EnUB+Xw
xc+xYEUWb5EDNZ2XbxQ71qAgIalnGtDdKJaj8jqdIYUsZslz8vZXgJV9qQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG6IixWyaw5dBXKRXcnGI4oASEQIMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvYm9pTEZiSnJEbDBGY3BGZHljWWppZ0JJUkFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWbygAwQA
Wby0MA0GCSqGSIb3DQEBCwUAA4IBAQCLbHQXoyxhzoKXux5RxpjquMnEreVws1Lb
R2eV8w+ZaeY9DmrKjhZPlaS8JSf1D7k1xL0X44cfWujTwCMUrgrpc4D1O1wyRMiL
Ro+8p57WJheYi2phtz6Rg2YlUYJNqCZ3nzDFgoF+KJLJ1S7RM3LNl9QPF+FK1BRu
Tjd3SUFUZzQoDRuls2jYdhKrKs40pqfgJdWVoXdTauwFASNLIkrA8JzqfhqAMjX/
scKcHDQwkR52e41Ikc5JKsGJuUjLjXVG57KgpJL/u79l2teTVmEBp1YDNEuEYhzO
eTByxwyZDZrCaIYAEHU9WCWwMn2itWTNgUKehcbT6VG7fB8Lside
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:11 2025 by rpki-client