Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/8gNXb-h82GGxDIY16ToeBe93HC8.roa
File: 8gNXb-h82GGxDIY16ToeBe93HC8.roa (raw, json)
Hash identifier: pDKcvhZcWCXN3zx5Cen7uwgdoECRiCrW0UxBJujAc2Y=
Subject key identifier: F2:03:57:6F:E8:7C:D8:61:B1:0C:86:35:E9:3A:1E:05:EF:77:1C:2F
Certificate issuer: /CN=89e4bf59877a3b2ef14f5f120a6750dc14939c6b
Certificate serial: 0188D91D0D97C9CF0F02650F1E5589728E86
Authority key identifier: 89:E4:BF:59:87:7A:3B:2E:F1:4F:5F:12:0A:67:50:DC:14:93:9C:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/8gNXb-h82GGxDIY16ToeBe93HC8.roa
Signing time: Tue 20 Jun 2023 14:02:19 +0000
ROA not before: Tue 20 Jun 2023 14:02:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59956
IP address blocks: 91.221.190.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d9:1d:0d:97:c9:cf:0f:02:65:0f:1e:55:89:72:8e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89e4bf59877a3b2ef14f5f120a6750dc14939c6b
Validity
Not Before: Jun 20 14:02:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f203576fe87cd861b10c8635e93a1e05ef771c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:84:ba:08:95:ff:24:f1:f3:2c:29:a9:f2:01:
40:b7:bd:c5:c2:32:cf:dc:ad:1f:2c:61:5d:ae:07:
13:26:66:b1:de:d0:f1:60:fa:3a:a7:5f:26:2c:0a:
2a:cf:cb:c2:8d:aa:2b:b4:00:73:d9:3c:69:dc:e7:
cb:0b:c8:da:36:2d:5c:f4:6b:91:b0:55:c3:56:ca:
dc:b4:b3:d2:1c:89:1c:63:ba:fb:c1:63:30:17:1e:
9c:fe:24:75:b4:7d:45:62:43:00:26:07:d3:d6:5d:
ab:04:7d:e1:9b:13:9a:6e:a8:55:a5:69:cc:d2:ab:
30:97:9d:df:de:4a:ca:20:32:68:7e:ba:23:b3:ab:
94:aa:8d:05:9d:af:e2:e5:cc:90:ce:9f:78:11:81:
41:82:65:6e:15:a1:f7:59:36:90:52:29:e7:9b:e0:
52:83:d2:0f:e8:b0:9c:cd:7a:c4:68:73:82:e4:ce:
1b:ed:b6:a8:9d:23:c0:91:18:6e:19:21:37:51:38:
10:f2:9f:f4:3c:26:2b:77:5a:af:89:f8:26:a1:b7:
85:30:1e:0b:5d:bc:94:e4:9e:6b:b1:0d:14:9f:b1:
e6:04:6b:52:18:d7:ba:9e:ac:e6:9e:72:bf:05:bb:
37:de:81:8b:1c:d3:b5:75:bd:d8:3e:a6:cd:b2:4d:
ac:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:03:57:6F:E8:7C:D8:61:B1:0C:86:35:E9:3A:1E:05:EF:77:1C:2F
X509v3 Authority Key Identifier:
keyid:89:E4:BF:59:87:7A:3B:2E:F1:4F:5F:12:0A:67:50:DC:14:93:9C:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/8gNXb-h82GGxDIY16ToeBe93HC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/075bc1-2b55-40b1-990e-23bb4203eb57/1/ieS_WYd6Oy7xT18SCmdQ3BSTnGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.190.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:f6:47:2d:9f:13:00:9b:61:64:c5:dc:17:0a:0a:47:53:19:
e1:99:5e:6a:41:3c:e0:27:2c:d2:a6:57:87:3e:03:94:ba:2e:
7a:87:ce:c1:61:48:d3:9d:ce:bc:9e:f1:3d:46:24:46:ed:09:
f8:fb:36:4f:fc:8f:e9:ad:4f:85:18:7f:a1:da:ce:03:04:d3:
4c:54:4c:ba:5b:84:f7:49:42:8b:a1:46:7a:10:40:cd:f7:d3:
3a:a3:62:6a:e3:0d:88:c8:f2:c4:03:f7:60:8a:55:94:8e:51:
74:5e:4c:3e:04:8c:12:3f:f5:aa:b8:46:33:02:6a:a2:b5:73:
1e:3c:ef:d0:3d:dc:88:40:2f:03:1d:6b:9c:2e:1c:6d:11:34:
ab:f3:36:5c:d4:91:a1:4d:b3:87:87:8b:18:77:e2:8b:7e:62:
00:2e:38:ee:d5:46:d0:37:61:9e:9d:cf:a2:8c:0d:c8:77:4a:
c0:e6:ca:a9:5c:32:f6:04:f9:cb:04:94:2d:c5:c2:ad:d2:c5:
e6:c6:80:0d:47:24:1d:51:84:d8:a7:cd:25:0c:c8:8a:97:4d:
0f:ea:13:19:f4:d0:c8:ee:75:a0:15:12:ff:b2:ad:6f:3c:c1:
50:50:cd:f0:57:57:4f:4f:26:70:2b:91:05:7f:3c:4f:df:e3:
ac:0a:33:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjZHQ2Xyc8PAmUPHlWJco6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZTRiZjU5ODc3YTNiMmVmMTRmNWYxMjBhNjc1MGRjMTQ5
MzljNmIwHhcNMjMwNjIwMTQwMjE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjAzNTc2ZmU4N2NkODYxYjEwYzg2MzVlOTNhMWUwNWVmNzcxYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIS6CJX/JPHzLCmp8gFAt73FwjLP
3K0fLGFdrgcTJmax3tDxYPo6p18mLAoqz8vCjaortABz2Txp3OfLC8jaNi1c9GuR
sFXDVsrctLPSHIkcY7r7wWMwFx6c/iR1tH1FYkMAJgfT1l2rBH3hmxOabqhVpWnM
0qswl53f3krKIDJofrojs6uUqo0Fna/i5cyQzp94EYFBgmVuFaH3WTaQUinnm+BS
g9IP6LCczXrEaHOC5M4b7baonSPAkRhuGSE3UTgQ8p/0PCYrd1qvifgmobeFMB4L
XbyU5J5rsQ0Un7HmBGtSGNe6nqzmnnK/Bbs33oGLHNO1db3YPqbNsk2sNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPIDV2/ofNhhsQyGNek6HgXvdxwvMB8GA1UdIwQY
MBaAFInkv1mHejsu8U9fEgpnUNwUk5xrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWVTX1dZZDZPeTd4VDE4U0NtZFEzQlNUbkdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8wNzViYzEtMmI1NS00MGIxLTk5MGUt
MjNiYjQyMDNlYjU3LzEvOGdOWGItaDgyR0d4RElZMTZUb2VCZTkzSEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8wNzViYzEtMmI1NS00MGIxLTk5MGUtMjNiYjQyMDNlYjU3
LzEvaWVTX1dZZDZPeTd4VDE4U0NtZFEzQlNUbkdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW92+MA0G
CSqGSIb3DQEBCwUAA4IBAQBc9kctnxMAm2FkxdwXCgpHUxnhmV5qQTzgJyzSpleH
PgOUui56h87BYUjTnc68nvE9RiRG7Qn4+zZP/I/prU+FGH+h2s4DBNNMVEy6W4T3
SUKLoUZ6EEDN99M6o2Jq4w2IyPLEA/dgilWUjlF0Xkw+BIwSP/WquEYzAmqitXMe
PO/QPdyIQC8DHWucLhxtETSr8zZc1JGhTbOHh4sYd+KLfmIALjju1UbQN2Genc+i
jA3Id0rA5sqpXDL2BPnLBJQtxcKt0sXmxoANRyQdUYTYp80lDMiKl00P6hMZ9NDI
7nWgFRL/sq1vPMFQUM3wV1dPTyZwK5EFfzxP3+OsCjNu
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:27:47 2025 by rpki-client