Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/9YexX8dKze8xt6527H_3RQ-rkpQ.roa
File: 9YexX8dKze8xt6527H_3RQ-rkpQ.roa (raw, json)
Hash identifier: JB8j5bWJv7+P00vY5uwmt6acG7fJofUU8Cx2S4h+YHk=
Subject key identifier: F5:87:B1:5F:C7:4A:CD:EF:31:B7:AE:76:EC:7F:F7:45:0F:AB:92:94
Certificate issuer: /CN=c4cc02f8fa74cf0da81e8ce2943ea7f9ed2a85f4
Certificate serial: 018CBA72DA1A6F747414625840A118BB45D4
Authority key identifier: C4:CC:02:F8:FA:74:CF:0D:A8:1E:8C:E2:94:3E:A7:F9:ED:2A:85:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/9YexX8dKze8xt6527H_3RQ-rkpQ.roa
Signing time: Sat 30 Dec 2023 11:18:58 +0000
ROA not before: Sat 30 Dec 2023 11:18:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57069
IP address blocks: 89.22.64.0/19 maxlen: 19
89.22.64.0/24 maxlen: 24
89.22.66.0/23 maxlen: 23
89.22.68.0/22 maxlen: 22
89.22.72.0/21 maxlen: 21
89.22.84.0/22 maxlen: 22
89.22.83.0/24 maxlen: 24
89.22.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ba:72:da:1a:6f:74:74:14:62:58:40:a1:18:bb:45:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4cc02f8fa74cf0da81e8ce2943ea7f9ed2a85f4
Validity
Not Before: Dec 30 11:18:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f587b15fc74acdef31b7ae76ec7ff7450fab9294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:25:52:32:42:d9:82:b0:05:5b:d8:1c:9c:3d:
5a:f7:a2:b9:1f:08:a4:09:05:6a:58:54:94:39:78:
2f:47:56:1a:17:e0:64:d2:c8:2b:44:25:27:62:6e:
e4:5a:3c:e3:f3:53:45:58:d5:0f:eb:6d:e0:ca:43:
b4:2a:ea:ba:58:e9:0d:87:0a:4b:0d:2f:1a:2b:e4:
56:23:1b:80:08:0f:f1:d7:58:64:07:04:57:e9:e0:
76:56:18:ae:f3:15:b2:d5:36:01:3f:ac:66:69:3d:
1b:42:92:61:9e:4c:c1:a1:d7:2f:1b:43:15:da:1e:
56:13:93:77:32:ae:2a:84:d9:df:e4:c9:9c:89:78:
1e:08:f5:c6:5b:01:a6:66:23:b9:ae:70:b9:c3:72:
ab:49:67:2f:e3:35:90:15:75:36:cb:7b:41:de:0a:
a7:79:c8:8c:56:9d:73:62:9a:81:bb:70:39:f2:5f:
e3:19:df:e4:fd:b1:2e:ff:3f:f9:b8:ea:a3:7d:ee:
a6:f2:f4:c5:1c:e3:49:9d:05:bd:cb:93:89:17:8f:
c4:10:6b:59:af:f8:98:46:49:82:49:c2:8e:6f:fb:
f5:3d:11:f8:da:aa:37:9e:c7:1d:7e:69:17:63:f5:
33:76:03:10:6d:1d:c8:d8:81:6d:03:5a:7f:be:52:
33:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:87:B1:5F:C7:4A:CD:EF:31:B7:AE:76:EC:7F:F7:45:0F:AB:92:94
X509v3 Authority Key Identifier:
keyid:C4:CC:02:F8:FA:74:CF:0D:A8:1E:8C:E2:94:3E:A7:F9:ED:2A:85:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/9YexX8dKze8xt6527H_3RQ-rkpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/xMwC-Pp0zw2oHozilD6n-e0qhfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.64.0/19
Signature Algorithm: sha256WithRSAEncryption
66:65:0e:4b:83:07:75:da:de:80:58:f4:fd:55:f5:87:0d:5a:
e0:7a:fc:45:0d:8e:79:8f:ac:5d:c1:63:6b:65:f2:19:51:77:
2e:99:f2:eb:0a:2e:5f:d6:d3:76:f5:34:80:df:67:cd:de:7c:
1b:1a:71:36:c0:06:16:eb:fb:cd:64:2d:a2:d8:12:95:98:8b:
4b:6b:b7:09:ac:37:b9:35:dc:4d:05:2b:cc:cc:ed:c6:8a:01:
19:7d:75:4b:b1:e0:44:3c:b0:e2:e1:ea:e3:e0:5a:d9:2f:ad:
bc:da:e6:a3:ff:ac:33:c6:4f:6e:7b:9c:18:64:25:3a:78:91:
40:a6:ef:6a:06:54:67:b6:43:57:9e:4a:fa:18:a6:87:8f:d4:
4f:71:11:f8:ec:d9:d3:f6:cf:b6:9f:09:dc:10:e8:9f:b2:75:
b1:0e:36:79:56:fa:ab:0a:f6:f7:96:f9:f7:2c:7e:a1:1d:cf:
8e:62:c8:fd:3f:93:30:c4:70:10:65:31:e1:e6:66:6e:c1:44:
bc:48:af:8a:7b:e4:86:82:65:eb:0a:b6:a8:e6:d8:28:f8:98:
33:a0:7b:0c:3a:26:a8:3c:06:a6:5c:77:d9:7c:d2:3e:46:28:
27:e3:4f:41:c4:75:84:89:df:ca:17:0b:a4:8b:bb:17:b8:1c:
0a:6d:1e:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy6ctoab3R0FGJYQKEYu0XUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Y2MwMmY4ZmE3NGNmMGRhODFlOGNlMjk0M2VhN2Y5ZWQy
YTg1ZjQwHhcNMjMxMjMwMTExODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTg3YjE1ZmM3NGFjZGVmMzFiN2FlNzZlYzdmZjc0NTBmYWI5Mjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSVSMkLZgrAFW9gcnD1a96K5Hwik
CQVqWFSUOXgvR1YaF+Bk0sgrRCUnYm7kWjzj81NFWNUP623gykO0Kuq6WOkNhwpL
DS8aK+RWIxuACA/x11hkBwRX6eB2Vhiu8xWy1TYBP6xmaT0bQpJhnkzBodcvG0MV
2h5WE5N3Mq4qhNnf5MmciXgeCPXGWwGmZiO5rnC5w3KrSWcv4zWQFXU2y3tB3gqn
eciMVp1zYpqBu3A58l/jGd/k/bEu/z/5uOqjfe6m8vTFHONJnQW9y5OJF4/EEGtZ
r/iYRkmCScKOb/v1PRH42qo3nscdfmkXY/UzdgMQbR3I2IFtA1p/vlIzzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPWHsV/HSs3vMbeudux/90UPq5KUMB8GA1UdIwQY
MBaAFMTMAvj6dM8NqB6M4pQ+p/ntKoX0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE13Qy1QcDB6dzJvSG96aWxENm4tZTBxaGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMzQ4ZjEtYmI3MC00YjM0LWJlMTIt
MjE5ZTc5ZDg0ZTQzLzEvOVlleFg4ZEt6ZTh4dDY1MjdIXzNSUS1ya3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMzQ4ZjEtYmI3MC00YjM0LWJlMTItMjE5ZTc5ZDg0ZTQz
LzEveE13Qy1QcDB6dzJvSG96aWxENm4tZTBxaGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFWRZAMA0G
CSqGSIb3DQEBCwUAA4IBAQBmZQ5Lgwd12t6AWPT9VfWHDVrgevxFDY55j6xdwWNr
ZfIZUXcumfLrCi5f1tN29TSA32fN3nwbGnE2wAYW6/vNZC2i2BKVmItLa7cJrDe5
NdxNBSvMzO3GigEZfXVLseBEPLDi4erj4FrZL6282uaj/6wzxk9ue5wYZCU6eJFA
pu9qBlRntkNXnkr6GKaHj9RPcRH47NnT9s+2nwncEOifsnWxDjZ5VvqrCvb3lvn3
LH6hHc+OYsj9P5MwxHAQZTHh5mZuwUS8SK+Ke+SGgmXrCrao5tgo+JgzoHsMOiao
PAamXHfZfNI+Rign409BxHWEid/KFwuki7sXuBwKbR7X
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:43 2025 by rpki-client