Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/IS4pbUR_BzOJ2pKGBdTlePFl3t4.roa
File: IS4pbUR_BzOJ2pKGBdTlePFl3t4.roa (raw, json)
Hash identifier: +8xuYqHjMkXv2ZLBglOspzYr7AH9mYhhAHY11WOYSbM=
Subject key identifier: 21:2E:29:6D:44:7F:07:33:89:DA:92:86:05:D4:E5:78:F1:65:DE:DE
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 01856B8116C7232B3B5D7A02191F1CF98483
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/IS4pbUR_BzOJ2pKGBdTlePFl3t4.roa
Signing time: Sun 01 Jan 2023 04:05:00 +0000
ROA not before: Sun 01 Jan 2023 04:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41313
IP address blocks: 89.25.20.0/22 maxlen: 22
89.25.21.0/24 maxlen: 24
89.25.22.0/24 maxlen: 24
89.25.23.0/24 maxlen: 24
89.25.20.0/24 maxlen: 24
94.155.175.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:16:c7:23:2b:3b:5d:7a:02:19:1f:1c:f9:84:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 04:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=212e296d447f073389da928605d4e578f165dede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:45:07:52:23:06:fe:31:e1:f8:ad:fc:bd:2f:
30:fb:68:f0:94:1e:54:f3:3f:15:9a:fb:1f:3c:f9:
b9:e7:3b:21:25:e4:39:c2:be:9f:0f:44:59:ef:40:
39:5b:1e:c1:73:50:ed:99:3c:3a:95:98:06:51:8b:
18:7c:fe:db:3d:13:72:f6:13:9e:27:ee:ea:c7:ad:
ce:37:ee:af:5a:92:52:69:17:ad:96:f9:13:83:30:
3d:9a:8c:95:ee:63:fc:59:1b:fb:8f:85:ed:fb:63:
68:1c:41:1a:90:df:67:86:d1:b5:65:01:ab:f0:f9:
00:bb:43:d8:46:4a:ae:9d:2b:77:74:77:97:7c:4d:
7c:8f:d9:54:ff:7a:e4:4b:20:c0:06:42:f8:34:cf:
eb:51:55:04:aa:07:50:2c:75:f5:e5:66:1a:08:ff:
4c:9f:3f:66:00:d0:24:18:9c:da:93:a4:ff:4d:56:
6e:ac:5a:6e:14:65:7c:86:e0:38:53:3c:ed:5f:36:
66:3f:20:9b:8d:77:76:9d:32:7c:53:82:63:b7:4b:
41:ee:10:81:91:c4:6a:78:99:ce:70:7d:e8:1c:b1:
56:73:b6:9d:26:da:54:bf:ac:12:5e:0c:84:2a:a2:
59:c7:19:2b:85:03:44:62:b9:ad:1a:34:85:39:0c:
42:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2E:29:6D:44:7F:07:33:89:DA:92:86:05:D4:E5:78:F1:65:DE:DE
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/IS4pbUR_BzOJ2pKGBdTlePFl3t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.25.20.0/22
94.155.175.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:aa:12:4a:26:47:16:bb:94:94:85:70:18:09:98:fc:b1:42:
a1:b5:4b:08:4c:79:65:1c:ec:72:00:f8:0a:ad:97:07:b3:f7:
89:5a:44:3f:c8:d4:2d:ed:1f:fe:65:35:3d:64:74:2b:e0:71:
2e:fd:87:b8:a0:4c:f7:4b:a0:94:7c:9a:28:f7:6b:6f:ab:25:
59:d3:9b:42:6b:07:9d:76:af:e6:4d:e6:00:b7:1a:37:76:5f:
5d:5b:0d:eb:f8:c4:41:09:53:e6:a3:aa:b1:94:c7:10:9b:47:
e2:97:59:a1:b7:b0:c1:a7:f9:db:cc:4a:86:5d:12:36:ed:c6:
8e:68:08:47:3c:93:65:67:89:b8:8f:fc:96:23:92:11:2f:41:
51:56:32:bd:e5:ba:92:0f:bc:77:b7:3a:6f:c4:9a:82:29:d9:
41:14:77:9a:87:d7:eb:c3:56:c9:d9:70:c6:de:99:c3:68:75:
2f:be:78:61:c6:29:00:8d:a4:0b:c3:10:6a:b7:ee:2c:bf:5b:
94:23:52:a6:b6:f0:d6:95:d1:98:38:92:cd:e7:8f:20:db:06:
44:77:97:e8:58:cd:46:96:2a:f1:4b:10:87:f0:70:bf:f3:b0:
14:92:6b:91:e1:d1:68:3b:c8:a0:28:a7:43:06:f3:e7:e3:8a:
5b:94:61:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrgRbHIys7XXoCGR8c+YSDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjMwMTAxMDQwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTJlMjk2ZDQ0N2YwNzMzODlkYTkyODYwNWQ0ZTU3OGYxNjVkZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0UHUiMG/jHh+K38vS8w+2jwlB5U
8z8VmvsfPPm55zshJeQ5wr6fD0RZ70A5Wx7Bc1DtmTw6lZgGUYsYfP7bPRNy9hOe
J+7qx63ON+6vWpJSaRetlvkTgzA9moyV7mP8WRv7j4Xt+2NoHEEakN9nhtG1ZQGr
8PkAu0PYRkqunSt3dHeXfE18j9lU/3rkSyDABkL4NM/rUVUEqgdQLHX15WYaCP9M
nz9mANAkGJzak6T/TVZurFpuFGV8huA4UzztXzZmPyCbjXd2nTJ8U4Jjt0tB7hCB
kcRqeJnOcH3oHLFWc7adJtpUv6wSXgyEKqJZxxkrhQNEYrmtGjSFOQxCPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCEuKW1EfwczidqShgXU5XjxZd7eMB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvSVM0cGJVUl9Cek9KMnBLR0JkVGxlUEZsM3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWRkUAwQA
XpuvMA0GCSqGSIb3DQEBCwUAA4IBAQBcqhJKJkcWu5SUhXAYCZj8sUKhtUsITHll
HOxyAPgKrZcHs/eJWkQ/yNQt7R/+ZTU9ZHQr4HEu/Ye4oEz3S6CUfJoo92tvqyVZ
05tCaweddq/mTeYAtxo3dl9dWw3r+MRBCVPmo6qxlMcQm0fil1mht7DBp/nbzEqG
XRI27caOaAhHPJNlZ4m4j/yWI5IRL0FRVjK95bqSD7x3tzpvxJqCKdlBFHeah9fr
w1bJ2XDG3pnDaHUvvnhhxikAjaQLwxBqt+4sv1uUI1KmtvDWldGYOJLN548g2wZE
d5foWM1GlirxSxCH8HC/87AUkmuR4dFoO8igKKdDBvPn44pblGHU
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:31 2025 by rpki-client