Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/f3iJh8kB-HxZ5LGQy8p2pOY7eQw.roa
File: f3iJh8kB-HxZ5LGQy8p2pOY7eQw.roa (raw, json)
Hash identifier: 2oTGCCGj1MIA0Xzb7GA3HY/LC0lnL32x89XPDsU3RfQ=
Subject key identifier: 7F:78:89:87:C9:01:F8:7C:59:E4:B1:90:CB:CA:76:A4:E6:3B:79:0C
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 018637A3848BC24730862C4A3F173BA26F32
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/f3iJh8kB-HxZ5LGQy8p2pOY7eQw.roa
Signing time: Thu 09 Feb 2023 19:25:08 +0000
ROA not before: Thu 09 Feb 2023 19:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40964
IP address blocks: 89.107.132.0/23 maxlen: 23
89.107.130.0/23 maxlen: 23
89.107.128.0/23 maxlen: 23
89.107.134.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:37:a3:84:8b:c2:47:30:86:2c:4a:3f:17:3b:a2:6f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Feb 9 19:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f788987c901f87c59e4b190cbca76a4e63b790c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c9:90:d2:86:70:f7:c0:a5:1b:7f:3f:4e:fe:
95:19:d3:5c:3c:43:f5:00:b8:7f:01:de:53:6f:33:
04:d1:67:0b:b9:1f:76:b5:e6:d3:4e:2a:79:b5:13:
90:44:b6:78:c6:66:90:3e:f8:0e:74:3c:51:f9:2e:
44:07:53:77:da:a7:aa:9c:20:c2:64:1b:df:13:ec:
a9:ab:37:5c:73:d9:58:2c:1e:f7:df:49:7e:9b:c5:
53:85:9f:6d:48:a3:8a:06:ab:a0:2e:29:52:db:d6:
fc:e7:9c:0d:0d:39:46:e8:8e:bb:65:0f:fa:d1:23:
31:35:b8:0a:dd:82:c1:db:b1:cb:4b:a7:29:bd:00:
78:0f:57:cc:63:a8:34:9b:03:35:03:c5:ae:24:7d:
ae:98:93:6d:6d:00:d5:b4:5a:a2:89:66:12:16:11:
6b:30:e0:f4:01:1d:2a:40:3e:ca:74:e9:e1:29:d1:
77:47:70:6e:63:31:6e:84:aa:83:d5:f3:d9:d8:1f:
ab:2f:79:8f:26:3a:e7:8b:be:17:18:b1:12:b4:3a:
30:da:84:df:d9:25:f9:03:4f:06:d6:fe:68:8a:fb:
15:88:6f:03:0c:df:bc:e5:f2:17:dd:bf:92:70:ed:
a5:cf:1f:7c:4c:79:b8:d3:3c:e4:94:11:a3:fe:5d:
c3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:78:89:87:C9:01:F8:7C:59:E4:B1:90:CB:CA:76:A4:E6:3B:79:0C
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/f3iJh8kB-HxZ5LGQy8p2pOY7eQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.128.0/21
Signature Algorithm: sha256WithRSAEncryption
10:a2:8d:2f:6c:ff:f0:c0:0d:bc:be:56:65:e0:a3:7c:5b:dc:
76:7c:30:88:35:da:f1:7c:5d:b9:14:95:a7:3e:38:42:76:75:
41:5b:b1:df:53:f4:a2:78:e0:56:9d:39:04:96:7d:8c:17:ac:
c3:2d:15:11:a5:c9:03:f0:fb:21:15:df:e2:c9:c8:3c:2a:73:
19:37:85:e3:b5:3e:54:6b:72:90:9b:46:aa:2d:f3:79:b0:09:
73:96:00:cc:33:f7:07:9a:38:c8:95:c1:b5:60:b0:c5:ea:c0:
98:5d:76:b3:40:1a:4c:f4:cb:db:92:67:28:be:22:51:20:d5:
f5:0c:6d:16:86:2a:44:13:22:8a:92:fb:6f:dd:e3:42:af:b8:
7d:18:26:20:d6:ac:8d:c8:d1:45:53:c6:6d:0f:4d:7e:2a:7e:
28:1d:b7:b8:ea:c2:f4:1b:61:df:3d:39:cd:2f:c9:36:d4:94:
d6:13:ec:85:12:7a:20:68:c9:d7:5d:32:11:e2:0e:4b:4e:aa:
eb:72:b6:e6:d9:20:13:66:f7:69:2b:96:6e:eb:27:ed:25:4a:
33:47:ea:70:0f:00:30:9e:81:e4:61:4b:fa:07:0d:ca:92:e5:
60:7b:fd:25:4b:66:24:9c:42:9a:87:e2:49:cb:7f:88:cd:01:
31:95:90:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYY3o4SLwkcwhixKPxc7om8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjMwMjA5MTkyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjc4ODk4N2M5MDFmODdjNTllNGIxOTBjYmNhNzZhNGU2M2I3OTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MmQ0oZw98ClG38/Tv6VGdNcPEP1
ALh/Ad5TbzME0WcLuR92tebTTip5tROQRLZ4xmaQPvgOdDxR+S5EB1N32qeqnCDC
ZBvfE+ypqzdcc9lYLB7330l+m8VThZ9tSKOKBqugLilS29b855wNDTlG6I67ZQ/6
0SMxNbgK3YLB27HLS6cpvQB4D1fMY6g0mwM1A8WuJH2umJNtbQDVtFqiiWYSFhFr
MOD0AR0qQD7KdOnhKdF3R3BuYzFuhKqD1fPZ2B+rL3mPJjrni74XGLEStDow2oTf
2SX5A08G1v5oivsViG8DDN+85fIX3b+ScO2lzx98THm40zzklBGj/l3DhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH94iYfJAfh8WeSxkMvKdqTmO3kMMB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvZjNpSmg4a0ItSHhaNUxHUXk4cDJwT1k3ZVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWWuAMA0G
CSqGSIb3DQEBCwUAA4IBAQAQoo0vbP/wwA28vlZl4KN8W9x2fDCINdrxfF25FJWn
PjhCdnVBW7HfU/SieOBWnTkEln2MF6zDLRURpckD8PshFd/iycg8KnMZN4XjtT5U
a3KQm0aqLfN5sAlzlgDMM/cHmjjIlcG1YLDF6sCYXXazQBpM9MvbkmcoviJRINX1
DG0WhipEEyKKkvtv3eNCr7h9GCYg1qyNyNFFU8ZtD01+Kn4oHbe46sL0G2HfPTnN
L8k21JTWE+yFEnogaMnXXTIR4g5LTqrrcrbm2SATZvdpK5Zu6yftJUozR+pwDwAw
noHkYUv6Bw3KkuVge/0lS2YknEKah+JJy3+IzQExlZCN
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:35:55 2025 by rpki-client