Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/n_vK2fK4nDmIHNH2uovwZ_pxnhk.roa
File: n_vK2fK4nDmIHNH2uovwZ_pxnhk.roa (raw, json)
Hash identifier: XJCK0G5Ljw6y8ao99arYzRGxioSZA4AdtNVu6iAUmVY=
Subject key identifier: 9F:FB:CA:D9:F2:B8:9C:39:88:1C:D1:F6:BA:8B:F0:67:FA:71:9E:19
Certificate issuer: /CN=043a9c35d9e1a2f4d34a754fa26d203657847218
Certificate serial: 04AC3A81
Authority key identifier: 04:3A:9C:35:D9:E1:A2:F4:D3:4A:75:4F:A2:6D:20:36:57:84:72:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/n_vK2fK4nDmIHNH2uovwZ_pxnhk.roa
Signing time: Sat 01 Jan 2022 09:56:02 +0000
ROA not before: Sat 01 Jan 2022 09:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60134
IP address blocks: 152.89.240.0/24 maxlen: 24
152.89.240.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 78396033 (0x4ac3a81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=043a9c35d9e1a2f4d34a754fa26d203657847218
Validity
Not Before: Jan 1 09:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ffbcad9f2b89c39881cd1f6ba8bf067fa719e19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c0:04:a3:03:7e:ec:3b:57:98:56:64:ba:50:
bf:f4:27:26:06:41:f5:e3:56:6b:26:c0:a7:a3:8f:
66:de:fe:87:f0:29:95:88:5f:3b:f0:9a:a5:2f:e7:
8c:82:42:dd:6d:56:83:71:59:70:07:2f:9c:96:c3:
fc:b7:67:5a:37:69:29:bb:3f:67:dc:d4:a4:f4:51:
83:d7:d2:86:d1:df:ef:dd:a0:29:51:af:a5:40:34:
3c:33:3f:a4:5e:5c:d0:fb:d3:a5:36:87:67:c0:4b:
32:3d:4d:ea:4b:dc:0a:52:e4:89:05:bf:7a:e8:b9:
47:f4:87:c7:d1:ea:b1:5c:ee:71:c2:bc:eb:6e:ad:
a7:54:4a:48:17:84:de:a1:82:1e:9b:e2:e3:b9:a9:
c1:25:1b:af:05:2a:43:ab:b3:fe:48:f9:c9:1d:3f:
a2:02:75:51:4a:19:f3:d8:1b:c6:21:07:2e:55:0a:
10:ea:86:6d:cf:e9:a4:34:7d:3d:1a:ee:17:f5:21:
e0:b0:50:d2:9e:f4:85:34:aa:d7:4b:5e:9b:b8:fe:
24:30:66:f7:83:df:78:93:ee:6a:dd:98:3e:fe:b1:
b1:44:98:52:78:34:2e:d4:ba:36:df:83:bb:ea:df:
6c:5e:f4:9e:db:14:1b:9d:28:a6:fa:95:67:d8:0f:
af:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:FB:CA:D9:F2:B8:9C:39:88:1C:D1:F6:BA:8B:F0:67:FA:71:9E:19
X509v3 Authority Key Identifier:
keyid:04:3A:9C:35:D9:E1:A2:F4:D3:4A:75:4F:A2:6D:20:36:57:84:72:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BDqcNdnhovTTSnVPom0gNleEchg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/n_vK2fK4nDmIHNH2uovwZ_pxnhk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3b104a-c039-42c2-9ff1-85cbd2068e8f/1/BDqcNdnhovTTSnVPom0gNleEchg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.240.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:e9:6d:df:c4:d2:00:3c:1d:a6:a2:ec:5b:ed:49:2f:b9:28:
61:c5:1a:0c:3e:90:98:7e:cc:55:09:74:c0:2e:64:e2:40:54:
01:bb:5e:4e:9b:ad:bf:94:db:f1:2a:df:1a:df:28:07:c2:a2:
7d:eb:33:f2:a6:2f:f4:4a:b3:a4:c5:1a:ad:9e:cd:2d:2b:81:
43:39:56:7d:8c:03:a6:c0:68:55:07:74:53:c3:c0:45:f0:4e:
82:27:73:99:db:c6:2f:75:e0:c8:3e:76:b2:20:6b:0a:72:88:
89:f7:89:d3:2b:b0:dc:5a:11:68:54:c6:72:d3:56:f1:cf:9a:
0b:59:b4:68:c2:28:84:62:c0:36:24:32:76:dd:27:92:c2:44:
76:05:1e:56:b2:b7:c7:2c:18:54:4a:46:d8:fd:c9:71:92:13:
49:7a:3d:54:4f:27:82:12:8e:1a:22:77:f2:6c:79:ec:3b:dc:
6e:ca:17:e7:44:02:c7:71:16:88:33:47:9b:72:e0:40:e7:01:
db:98:49:79:f1:21:e9:af:54:05:92:0c:96:dc:3b:aa:6e:bb:
69:37:55:25:a2:d9:a3:4b:41:27:7d:bd:36:37:06:6b:2a:1a:
df:3d:10:df:0e:5c:c2:36:79:0b:ab:cd:78:f1:d0:f1:70:52:
d1:df:6b:af
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBKw6gTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDNhOWMzNWQ5ZTFhMmY0ZDM0YTc1NGZhMjZkMjAzNjU3ODQ3MjE4MB4XDTIyMDEw
MTA5NTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWZmYmNhZDlmMmI4
OWMzOTg4MWNkMWY2YmE4YmYwNjdmYTcxOWUxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOjABKMDfuw7V5hWZLpQv/QnJgZB9eNWaybAp6OPZt7+h/Ap
lYhfO/CapS/njIJC3W1Wg3FZcAcvnJbD/LdnWjdpKbs/Z9zUpPRRg9fShtHf792g
KVGvpUA0PDM/pF5c0PvTpTaHZ8BLMj1N6kvcClLkiQW/eui5R/SHx9HqsVzuccK8
626tp1RKSBeE3qGCHpvi47mpwSUbrwUqQ6uz/kj5yR0/ogJ1UUoZ89gbxiEHLlUK
EOqGbc/ppDR9PRruF/Uh4LBQ0p70hTSq10tem7j+JDBm94PfeJPuat2YPv6xsUSY
Ung0LtS6Nt+Du+rfbF70ntsUG50opvqVZ9gPrysCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSf+8rZ8ricOYgc0fa6i/Bn+nGeGTAfBgNVHSMEGDAWgBQEOpw12eGi9NNK
dU+ibSA2V4RyGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JEcWNOZG5ob3ZUVFNuVlBvbTBnTmxlRWNoZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvM2IxMDRhLWMwMzktNDJjMi05ZmYxLTg1Y2JkMjA2OGU4Zi8x
L25fdksyZks0bkRtSUhOSDJ1b3Z3Wl9weG5oay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
M2IxMDRhLWMwMzktNDJjMi05ZmYxLTg1Y2JkMjA2OGU4Zi8xL0JEcWNOZG5ob3ZU
VFNuVlBvbTBnTmxlRWNoZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAphZ8DANBgkqhkiG9w0BAQsFAAOC
AQEAvelt38TSADwdpqLsW+1JL7koYcUaDD6QmH7MVQl0wC5k4kBUAbteTputv5Tb
8SrfGt8oB8Kifesz8qYv9EqzpMUarZ7NLSuBQzlWfYwDpsBoVQd0U8PARfBOgidz
mdvGL3XgyD52siBrCnKIifeJ0yuw3FoRaFTGctNW8c+aC1m0aMIohGLANiQydt0n
ksJEdgUeVrK3xywYVEpG2P3JcZITSXo9VE8nghKOGiJ38mx57DvcbsoX50QCx3EW
iDNHm3LgQOcB25hJefEh6a9UBZIMltw7qm67aTdVJaLZo0tBJ329NjcGayoa3z0Q
3w5cwjZ5C6vNePHQ8XBS0d9rrw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:20 2025 by rpki-client