Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/Ajf5STJIfM_QImGDFDYbvwWqtnM.roa
File: Ajf5STJIfM_QImGDFDYbvwWqtnM.roa (raw, json)
Hash identifier: graDMIyy6T+0xKK7OcTf9CKM9XQNiLitum1atwnqLII=
Subject key identifier: 02:37:F9:49:32:48:7C:CF:D0:22:61:83:14:36:1B:BF:05:AA:B6:73
Certificate issuer: /CN=c4cc02f8fa74cf0da81e8ce2943ea7f9ed2a85f4
Certificate serial: 018CBA6F301A67C07E5088406C54FBE503E2
Authority key identifier: C4:CC:02:F8:FA:74:CF:0D:A8:1E:8C:E2:94:3E:A7:F9:ED:2A:85:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/Ajf5STJIfM_QImGDFDYbvwWqtnM.roa
Signing time: Sat 30 Dec 2023 11:14:58 +0000
ROA not before: Sat 30 Dec 2023 11:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212325
IP address blocks: 89.22.64.0/19 maxlen: 19
89.22.65.0/24 maxlen: 24
89.22.80.0/23 maxlen: 23
89.22.82.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ba:6f:30:1a:67:c0:7e:50:88:40:6c:54:fb:e5:03:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4cc02f8fa74cf0da81e8ce2943ea7f9ed2a85f4
Validity
Not Before: Dec 30 11:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0237f94932487ccfd022618314361bbf05aab673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a4:a3:f8:4b:29:4c:f9:bd:17:e1:d5:23:e6:
e7:02:b8:bd:81:68:57:06:c4:01:b6:53:bc:3f:2f:
c4:37:3a:22:1a:97:5d:aa:7d:ae:6a:00:9a:95:02:
cf:a7:44:85:d7:99:47:2a:76:c6:12:d3:51:6a:63:
a4:8b:dc:65:22:1f:a3:29:36:e5:2e:f4:ca:27:af:
e3:b6:2f:8b:89:ee:84:e7:b7:82:7d:4d:a8:69:53:
a7:06:16:dc:4e:39:56:9b:12:ca:61:d6:31:a9:35:
08:c9:bb:41:9c:f5:22:40:47:c1:d1:71:ef:a2:bb:
e8:75:f2:c9:cb:31:e1:10:6c:73:dd:59:d1:69:d6:
44:d0:ea:73:e2:ae:a9:fd:29:ef:46:18:8a:65:2a:
1f:1f:65:d4:34:ef:36:ca:16:83:82:c8:d2:d7:40:
ec:f1:9b:d8:ae:f4:9b:8c:d8:05:35:70:ac:fd:bc:
2c:e7:5f:e1:d8:84:1c:a3:72:b7:58:f7:68:42:d2:
de:cf:38:10:bb:6d:87:7e:fb:83:ba:85:81:1a:97:
cd:59:2c:70:c4:5c:5f:5f:6a:d9:a5:f1:f1:c7:da:
6e:72:bf:66:00:53:b8:1c:b6:31:d3:73:e4:56:2c:
8b:0c:1d:6f:e4:62:c4:f3:76:cc:3e:dd:23:af:81:
f9:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:37:F9:49:32:48:7C:CF:D0:22:61:83:14:36:1B:BF:05:AA:B6:73
X509v3 Authority Key Identifier:
keyid:C4:CC:02:F8:FA:74:CF:0D:A8:1E:8C:E2:94:3E:A7:F9:ED:2A:85:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xMwC-Pp0zw2oHozilD6n-e0qhfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/Ajf5STJIfM_QImGDFDYbvwWqtnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e348f1-bb70-4b34-be12-219e79d84e43/1/xMwC-Pp0zw2oHozilD6n-e0qhfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.64.0/19
Signature Algorithm: sha256WithRSAEncryption
5c:d6:1e:d9:cc:94:75:09:dd:42:76:9e:23:26:db:d7:a5:dd:
cc:74:6f:d2:eb:56:45:e2:bd:ee:a1:85:42:b2:29:8c:86:94:
7b:c4:19:36:91:7e:c5:e8:ca:2c:53:56:72:d7:c6:89:ff:1b:
94:6c:c5:53:06:5f:12:74:10:33:65:06:be:39:7f:07:65:78:
cd:36:cd:92:5d:4e:d0:7b:9d:13:ac:c3:12:22:52:41:12:e5:
f9:3b:6e:6c:89:65:45:19:2f:e0:90:cf:32:22:75:91:6d:26:
4c:9d:94:a7:d2:17:21:5f:7c:74:f4:60:23:e6:28:09:4a:d5:
06:3f:11:eb:90:e5:41:e9:85:6e:cd:11:eb:3f:20:dd:0f:83:
16:be:51:65:fb:93:e3:54:60:77:4d:4c:c9:d2:74:c7:9d:9f:
01:03:9c:2b:a5:0d:e8:8e:18:3c:9b:07:71:58:e2:a3:83:d1:
c4:00:73:f4:4a:02:31:19:8f:dc:9a:98:35:63:69:eb:c3:a4:
77:b0:48:fe:77:1f:63:cc:4a:b4:82:da:6a:e0:68:e3:59:18:
6f:28:fa:f4:3e:0e:35:29:b9:9e:bc:0d:8b:f8:f3:11:05:c9:
83:0b:90:58:b8:8e:74:b4:8c:fa:d9:a7:03:22:8a:0d:8e:ed:
55:eb:00:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy6bzAaZ8B+UIhAbFT75QPiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0Y2MwMmY4ZmE3NGNmMGRhODFlOGNlMjk0M2VhN2Y5ZWQy
YTg1ZjQwHhcNMjMxMjMwMTExNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjM3Zjk0OTMyNDg3Y2NmZDAyMjYxODMxNDM2MWJiZjA1YWFiNjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqSj+EspTPm9F+HVI+bnAri9gWhX
BsQBtlO8Py/ENzoiGpddqn2uagCalQLPp0SF15lHKnbGEtNRamOki9xlIh+jKTbl
LvTKJ6/jti+Lie6E57eCfU2oaVOnBhbcTjlWmxLKYdYxqTUIybtBnPUiQEfB0XHv
orvodfLJyzHhEGxz3VnRadZE0Opz4q6p/SnvRhiKZSofH2XUNO82yhaDgsjS10Ds
8ZvYrvSbjNgFNXCs/bws51/h2IQco3K3WPdoQtLezzgQu22HfvuDuoWBGpfNWSxw
xFxfX2rZpfHxx9pucr9mAFO4HLYx03PkViyLDB1v5GLE83bMPt0jr4H5JQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAI3+UkySHzP0CJhgxQ2G78FqrZzMB8GA1UdIwQY
MBaAFMTMAvj6dM8NqB6M4pQ+p/ntKoX0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveE13Qy1QcDB6dzJvSG96aWxENm4tZTBxaGZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lMzQ4ZjEtYmI3MC00YjM0LWJlMTIt
MjE5ZTc5ZDg0ZTQzLzEvQWpmNVNUSklmTV9RSW1HREZEWWJ2d1dxdG5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lMzQ4ZjEtYmI3MC00YjM0LWJlMTItMjE5ZTc5ZDg0ZTQz
LzEveE13Qy1QcDB6dzJvSG96aWxENm4tZTBxaGZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFWRZAMA0G
CSqGSIb3DQEBCwUAA4IBAQBc1h7ZzJR1Cd1Cdp4jJtvXpd3MdG/S61ZF4r3uoYVC
simMhpR7xBk2kX7F6MosU1Zy18aJ/xuUbMVTBl8SdBAzZQa+OX8HZXjNNs2SXU7Q
e50TrMMSIlJBEuX5O25siWVFGS/gkM8yInWRbSZMnZSn0hchX3x09GAj5igJStUG
PxHrkOVB6YVuzRHrPyDdD4MWvlFl+5PjVGB3TUzJ0nTHnZ8BA5wrpQ3ojhg8mwdx
WOKjg9HEAHP0SgIxGY/cmpg1Y2nrw6R3sEj+dx9jzEq0gtpq4GjjWRhvKPr0Pg41
KbmevA2L+PMRBcmDC5BYuI50tIz62acDIooNju1V6wAF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:48 2025 by rpki-client