Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/NHvo8Fy3cFQfgyKTu8DNJIIILZg.roa
File: NHvo8Fy3cFQfgyKTu8DNJIIILZg.roa (raw, json)
Hash identifier: og0QNdGw5m+3uFnfcGY8+bSCiLaqSOeqHb6L+NtAdWI=
Subject key identifier: 34:7B:E8:F0:5C:B7:70:54:1F:83:22:93:BB:C0:CD:24:82:08:2D:98
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 01862363D2AF7177CBE748D6DFDB4D0F11EB
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/NHvo8Fy3cFQfgyKTu8DNJIIILZg.roa
Signing time: Sun 05 Feb 2023 21:03:09 +0000
ROA not before: Sun 05 Feb 2023 21:03:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40964
IP address blocks: 89.107.128.0/21 maxlen: 21
89.107.132.0/23 maxlen: 23
89.107.130.0/23 maxlen: 23
89.107.134.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:23:63:d2:af:71:77:cb:e7:48:d6:df:db:4d:0f:11:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Feb 5 21:03:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=347be8f05cb770541f832293bbc0cd2482082d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:75:48:96:b2:e8:e4:9d:3e:e5:3e:38:81:83:
c6:69:7a:81:cb:b8:95:89:a3:b0:7e:1f:14:08:1b:
41:05:76:2e:ee:ff:48:be:ca:1e:98:de:8f:09:09:
86:25:95:e4:f1:60:60:76:a3:b1:e0:19:47:48:3d:
7d:9a:df:c9:a7:6d:6b:5b:9a:43:8c:53:0b:68:b1:
fd:e2:e7:1a:cd:12:78:4b:48:10:52:0a:94:5d:93:
47:da:13:bf:e7:0b:97:ac:b1:61:07:39:fe:cc:97:
9f:5c:4b:ac:7b:84:6b:7c:b7:ad:e6:5e:58:11:1d:
f3:9a:40:f4:63:3a:76:0b:8b:5f:e6:d9:a8:24:b9:
20:ec:48:7a:90:76:53:21:dc:99:aa:4e:47:3a:dd:
00:d7:1a:c5:35:0d:6c:67:f0:f5:b2:0a:df:5d:ae:
5d:78:de:dc:fb:2c:5b:be:8c:9e:cd:34:db:da:84:
c3:7e:8e:a7:f6:0d:0b:69:60:52:58:77:be:0b:49:
83:ea:29:d6:76:6c:9a:e8:75:28:cd:02:81:43:68:
04:f9:86:6f:c5:f2:28:76:dc:36:6f:86:9e:0b:e6:
81:da:cd:d7:d2:99:22:1e:fa:6f:a8:90:f4:ab:6c:
88:7a:23:f0:0e:f7:c7:a7:75:fc:a8:26:39:14:28:
7e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7B:E8:F0:5C:B7:70:54:1F:83:22:93:BB:C0:CD:24:82:08:2D:98
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/NHvo8Fy3cFQfgyKTu8DNJIIILZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.128.0/21
Signature Algorithm: sha256WithRSAEncryption
63:c4:c1:1e:0c:86:57:2e:c2:c1:8e:2d:67:ea:c5:a4:9c:15:
3e:1b:38:9b:2c:29:2a:04:6a:e3:2b:76:a0:38:10:69:7f:2c:
6b:ba:6e:de:89:87:f1:81:1e:74:96:69:bc:0a:20:5f:38:6e:
6d:87:2b:67:9c:77:6c:6a:dd:60:2a:e9:68:91:69:fc:c4:84:
16:35:ac:f6:5c:83:9e:24:eb:e9:20:ba:a1:07:33:ec:74:bf:
24:42:e1:6b:24:37:58:8d:e1:65:93:e3:3a:39:34:cb:2c:58:
31:3e:4c:ff:f7:77:cd:a3:3d:f9:0b:43:ea:fd:8a:ac:2d:99:
eb:53:cd:01:be:b6:e6:c5:0d:7f:78:eb:18:a0:b0:db:6c:3b:
49:06:df:92:86:ce:d1:9b:8e:12:37:31:b7:3d:26:01:ac:ee:
30:21:52:32:0b:48:c5:77:e3:60:3f:b5:12:23:83:42:bd:4f:
f7:8a:de:08:49:09:e5:b5:34:26:85:b5:33:78:13:79:1e:94:
9c:0e:a1:7d:53:cb:a3:ce:23:1c:c2:75:e5:5e:a8:77:bd:35:
a0:12:e2:ad:93:28:c5:c7:8e:f1:08:a3:ba:02:a6:2e:fb:57:
e4:f8:69:04:ff:91:45:95:c6:3c:70:16:84:b4:29:9c:31:2f:
5f:82:d8:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYjY9KvcXfL50jW39tNDxHrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjMwMjA1MjEwMzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDdiZThmMDVjYjc3MDU0MWY4MzIyOTNiYmMwY2QyNDgyMDgyZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXVIlrLo5J0+5T44gYPGaXqBy7iV
iaOwfh8UCBtBBXYu7v9IvsoemN6PCQmGJZXk8WBgdqOx4BlHSD19mt/Jp21rW5pD
jFMLaLH94ucazRJ4S0gQUgqUXZNH2hO/5wuXrLFhBzn+zJefXEuse4RrfLet5l5Y
ER3zmkD0Yzp2C4tf5tmoJLkg7Eh6kHZTIdyZqk5HOt0A1xrFNQ1sZ/D1sgrfXa5d
eN7c+yxbvoyezTTb2oTDfo6n9g0LaWBSWHe+C0mD6inWdmya6HUozQKBQ2gE+YZv
xfIodtw2b4aeC+aB2s3X0pkiHvpvqJD0q2yIeiPwDvfHp3X8qCY5FCh+fwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDR76PBct3BUH4Mik7vAzSSCCC2YMB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvTkh2bzhGeTNjRlFmZ3lLVHU4RE5KSUlJTFpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWWuAMA0G
CSqGSIb3DQEBCwUAA4IBAQBjxMEeDIZXLsLBji1n6sWknBU+GzibLCkqBGrjK3ag
OBBpfyxrum7eiYfxgR50lmm8CiBfOG5thytnnHdsat1gKulokWn8xIQWNaz2XIOe
JOvpILqhBzPsdL8kQuFrJDdYjeFlk+M6OTTLLFgxPkz/93fNoz35C0Pq/YqsLZnr
U80BvrbmxQ1/eOsYoLDbbDtJBt+Shs7Rm44SNzG3PSYBrO4wIVIyC0jFd+NgP7US
I4NCvU/3it4ISQnltTQmhbUzeBN5HpScDqF9U8ujziMcwnXlXqh3vTWgEuKtkyjF
x47xCKO6AqYu+1fk+GkE/5FFlcY8cBaEtCmcMS9fgtiA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:05 2025 by rpki-client