Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/4771c5-26f6-4c7d-9851-f5189eb13a17/1/nL5KYJc5i5MR2fFr4vaSyUJVqwU.roa
File: nL5KYJc5i5MR2fFr4vaSyUJVqwU.roa (raw, json)
Hash identifier: xbR0aVdDD5IozcWfRqV4y6s2TIhSK5wAXPpwJACUYDY=
Subject key identifier: 9C:BE:4A:60:97:39:8B:93:11:D9:F1:6B:E2:F6:92:C9:42:55:AB:05
Certificate issuer: /CN=76976e737039a698672fe9524add337d1ff52cfd
Certificate serial: 01856C0A3B6B898DE2F47358659FE159DFA6
Authority key identifier: 76:97:6E:73:70:39:A6:98:67:2F:E9:52:4A:DD:33:7D:1F:F5:2C:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dpduc3A5pphnL-lSSt0zfR_1LP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/4771c5-26f6-4c7d-9851-f5189eb13a17/1/nL5KYJc5i5MR2fFr4vaSyUJVqwU.roa
Signing time: Sun 01 Jan 2023 06:34:47 +0000
ROA not before: Sun 01 Jan 2023 06:34:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39766
IP address blocks: 89.185.192.0/19 maxlen: 19
185.14.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:3b:6b:89:8d:e2:f4:73:58:65:9f:e1:59:df:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76976e737039a698672fe9524add337d1ff52cfd
Validity
Not Before: Jan 1 06:34:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cbe4a6097398b9311d9f16be2f692c94255ab05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e9:0a:88:11:07:19:f3:f2:7d:a0:fa:9f:09:
eb:02:9f:fb:b2:8d:39:9d:ff:4e:78:84:2b:3c:57:
f6:7e:69:8e:3b:6c:47:64:e8:04:99:de:6a:ee:56:
62:83:f0:85:6c:87:6a:6e:7a:2c:7e:82:5c:37:72:
fb:32:63:61:57:2b:0e:b0:4d:ba:1b:cc:7d:a8:58:
10:68:08:64:5d:50:96:72:be:9c:75:eb:04:4a:17:
ce:35:02:4f:a8:7a:5e:29:fd:57:2c:ea:d4:6f:c4:
b7:e4:c2:0e:bf:45:03:93:dd:37:df:38:00:27:68:
31:59:06:53:cb:ae:d1:fb:8e:bc:18:4f:c0:48:4a:
6e:a2:ad:2d:40:c9:e0:1c:af:fa:08:a3:85:da:24:
87:20:26:2b:4b:9e:54:ea:9f:37:2f:35:f3:04:4b:
1b:a1:e3:7d:39:7f:61:88:ad:52:64:58:b6:6e:a9:
30:6b:24:9e:6d:bc:68:b3:a2:f7:d2:c3:4f:21:cb:
8f:06:10:8c:76:35:1b:d3:1e:28:13:b7:c7:80:af:
db:ed:85:68:0c:7f:84:1f:41:4a:76:eb:d5:ac:f0:
93:5c:84:f5:0d:6f:79:16:e9:b5:5e:73:35:f0:51:
fc:ae:1a:e6:39:ee:e4:d0:2f:ce:0a:a2:55:3f:7c:
0f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:BE:4A:60:97:39:8B:93:11:D9:F1:6B:E2:F6:92:C9:42:55:AB:05
X509v3 Authority Key Identifier:
keyid:76:97:6E:73:70:39:A6:98:67:2F:E9:52:4A:DD:33:7D:1F:F5:2C:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dpduc3A5pphnL-lSSt0zfR_1LP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/4771c5-26f6-4c7d-9851-f5189eb13a17/1/nL5KYJc5i5MR2fFr4vaSyUJVqwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/4771c5-26f6-4c7d-9851-f5189eb13a17/1/dpduc3A5pphnL-lSSt0zfR_1LP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.192.0/19
185.14.204.0/22
Signature Algorithm: sha256WithRSAEncryption
49:92:39:b4:3c:3b:4e:72:59:5b:d9:10:ce:e0:39:c4:29:ab:
1e:10:99:9c:a6:4d:8c:1d:5f:49:27:16:6b:75:c5:2e:b5:8c:
6d:ba:dd:83:c9:8a:82:ea:d2:05:99:8f:27:47:8f:cb:88:7f:
5c:76:a8:e6:75:77:1e:d6:c0:12:a9:be:85:0a:4b:67:86:16:
05:20:a9:33:58:b7:39:f8:73:05:32:c8:25:46:b3:cc:0a:de:
b6:8b:51:73:02:3b:c0:6d:a5:a7:8f:6c:65:c3:f8:46:95:cc:
00:ba:6b:3f:aa:99:bd:7a:92:1e:14:b3:02:ba:88:78:02:cb:
0e:11:f3:36:ec:4c:fa:cc:aa:1d:25:41:f7:aa:27:57:34:6a:
d5:92:60:20:e9:b8:78:67:00:78:f9:c8:2d:d7:9f:de:bf:97:
87:53:21:80:03:ec:c9:aa:45:99:54:24:9b:b7:69:51:15:e3:
ca:fa:1e:bd:19:fe:19:ce:b0:1b:f4:9d:ea:36:00:e1:90:77:
85:f6:18:d5:14:31:41:d6:5c:8e:ae:93:d2:b5:3a:a1:e2:b9:
4e:e7:9a:d1:25:36:cf:5a:1e:8d:0e:cd:99:1e:fc:fa:fa:d0:
9f:68:c9:d6:13:c2:dd:19:4b:5c:c2:2b:36:69:fc:cf:ac:97:
1f:f6:76:8f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsCjtriY3i9HNYZZ/hWd+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OTc2ZTczNzAzOWE2OTg2NzJmZTk1MjRhZGQzMzdkMWZm
NTJjZmQwHhcNMjMwMTAxMDYzNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2JlNGE2MDk3Mzk4YjkzMTFkOWYxNmJlMmY2OTJjOTQyNTVhYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+kKiBEHGfPyfaD6nwnrAp/7so05
nf9OeIQrPFf2fmmOO2xHZOgEmd5q7lZig/CFbIdqbnosfoJcN3L7MmNhVysOsE26
G8x9qFgQaAhkXVCWcr6cdesEShfONQJPqHpeKf1XLOrUb8S35MIOv0UDk9033zgA
J2gxWQZTy67R+468GE/ASEpuoq0tQMngHK/6CKOF2iSHICYrS55U6p83LzXzBEsb
oeN9OX9hiK1SZFi2bqkwaySebbxos6L30sNPIcuPBhCMdjUb0x4oE7fHgK/b7YVo
DH+EH0FKduvVrPCTXIT1DW95Fum1XnM18FH8rhrmOe7k0C/OCqJVP3wPOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJy+SmCXOYuTEdnxa+L2kslCVasFMB8GA1UdIwQY
MBaAFHaXbnNwOaaYZy/pUkrdM30f9Sz9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHBkdWMzQTVwcGhuTC1sU1N0MHpmUl8xTFAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80NzcxYzUtMjZmNi00YzdkLTk4NTEt
ZjUxODllYjEzYTE3LzEvbkw1S1lKYzVpNU1SMmZGcjR2YVN5VUpWcXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80NzcxYzUtMjZmNi00YzdkLTk4NTEtZjUxODllYjEzYTE3
LzEvZHBkdWMzQTVwcGhuTC1sU1N0MHpmUl8xTFAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFWbnAAwQC
uQ7MMA0GCSqGSIb3DQEBCwUAA4IBAQBJkjm0PDtOcllb2RDO4DnEKaseEJmcpk2M
HV9JJxZrdcUutYxtut2DyYqC6tIFmY8nR4/LiH9cdqjmdXce1sASqb6FCktnhhYF
IKkzWLc5+HMFMsglRrPMCt62i1FzAjvAbaWnj2xlw/hGlcwAums/qpm9epIeFLMC
uoh4AssOEfM27Ez6zKodJUH3qidXNGrVkmAg6bh4ZwB4+cgt15/ev5eHUyGAA+zJ
qkWZVCSbt2lRFePK+h69Gf4ZzrAb9J3qNgDhkHeF9hjVFDFB1lyOrpPStTqh4rlO
55rRJTbPWh6NDs2ZHvz6+tCfaMnWE8LdGUtcwis2afzPrJcf9naP
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:29 2025 by rpki-client