Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/OA_j5sG9riteoCcnE_gWMNwwEgY.roa
File: OA_j5sG9riteoCcnE_gWMNwwEgY.roa (raw, json)
Hash identifier: vr6i9NwY2QROoL5HhewYvRaBuGodkBxOikRfHOdGJWQ=
Subject key identifier: 38:0F:E3:E6:C1:BD:AE:2B:5E:A0:27:27:13:F8:16:30:DC:30:12:06
Certificate issuer: /CN=1ae9db29aa9308e1751b03d0d6999bb868805886
Certificate serial: 01857368607532D333C320C5BDDCEF4EFEAF
Authority key identifier: 1A:E9:DB:29:AA:93:08:E1:75:1B:03:D0:D6:99:9B:B8:68:80:58:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GunbKaqTCOF1GwPQ1pmbuGiAWIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/OA_j5sG9riteoCcnE_gWMNwwEgY.roa
Signing time: Mon 02 Jan 2023 16:54:58 +0000
ROA not before: Mon 02 Jan 2023 16:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210091
IP address blocks: 89.19.60.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:68:60:75:32:d3:33:c3:20:c5:bd:dc:ef:4e:fe:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ae9db29aa9308e1751b03d0d6999bb868805886
Validity
Not Before: Jan 2 16:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=380fe3e6c1bdae2b5ea0272713f81630dc301206
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c5:59:1f:38:e5:a6:da:d6:69:4d:eb:97:e7:
24:28:98:4d:19:18:37:1d:e3:27:58:be:64:a1:37:
ff:fd:a6:05:e9:c8:5c:f9:b8:9f:97:c3:24:ea:7f:
26:25:9b:64:e1:f5:37:0a:c7:62:d0:44:7a:a2:3b:
88:81:4a:dc:ff:58:b5:85:16:7d:59:07:cb:4d:51:
24:a9:12:d1:60:9b:2a:40:71:4a:0a:6c:b0:5f:8f:
09:85:0e:e7:ed:fc:6c:45:65:87:73:c7:84:ce:4f:
25:9e:3a:c8:3c:05:7d:f0:6f:df:a5:98:4c:89:ab:
8d:12:e9:ef:f9:e5:45:0d:55:6f:d5:69:36:52:23:
86:6b:f1:7e:c2:07:ef:66:05:c2:7f:28:33:08:7a:
3d:94:d1:5c:9a:d4:eb:c1:b0:eb:8c:eb:00:a0:a1:
5f:c9:2d:35:6b:a8:cf:c8:f6:8a:18:e6:23:52:27:
7c:60:0b:15:b3:2a:71:69:11:e0:2c:aa:a0:8e:e5:
04:9a:86:7a:69:6e:48:62:0e:d5:ba:67:9a:e0:56:
2b:fd:61:3e:71:6d:3b:c1:f5:01:b0:be:25:c3:00:
c8:01:e6:32:7d:11:66:5e:59:e5:c8:56:92:63:28:
d3:15:cd:fc:be:cd:4c:20:bb:8f:1d:9e:59:e2:28:
ba:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0F:E3:E6:C1:BD:AE:2B:5E:A0:27:27:13:F8:16:30:DC:30:12:06
X509v3 Authority Key Identifier:
keyid:1A:E9:DB:29:AA:93:08:E1:75:1B:03:D0:D6:99:9B:B8:68:80:58:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GunbKaqTCOF1GwPQ1pmbuGiAWIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/OA_j5sG9riteoCcnE_gWMNwwEgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/GunbKaqTCOF1GwPQ1pmbuGiAWIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.60.0/22
Signature Algorithm: sha256WithRSAEncryption
08:2f:5f:df:62:97:93:a8:54:19:e5:99:bf:cd:49:df:fc:bf:
97:bb:14:02:7d:3f:43:05:74:b7:f0:b8:b9:60:51:be:5e:80:
72:cc:e6:88:48:12:54:0c:9d:48:12:42:a6:a0:d4:68:13:35:
c8:76:18:01:54:6a:e0:25:06:f8:30:94:79:cf:c5:d2:24:31:
c0:82:25:d0:af:da:70:b4:b7:f1:65:27:04:a1:eb:a8:e3:07:
be:02:be:fe:31:fd:1b:15:39:d1:5d:49:a1:7d:f7:80:2f:da:
2f:33:d6:81:a8:f9:de:d2:a2:65:70:76:c9:30:33:88:25:44:
b7:29:1c:84:46:34:58:f5:76:8c:02:93:8a:c7:e5:85:2f:c7:
89:7d:b1:47:83:8b:30:e4:f1:f5:5a:5c:fb:46:83:a9:97:2c:
58:1f:96:8b:67:8a:cd:15:b5:d0:f8:10:24:1b:26:ff:db:6c:
57:24:6a:47:ec:f3:00:60:4e:c7:ca:55:49:3d:22:ab:9b:e0:
ef:44:25:0b:95:3f:68:70:a0:f0:c1:22:04:eb:ff:eb:a5:63:
55:f0:74:e3:8b:16:31:08:33:99:63:4e:30:58:96:d5:fe:b1:
e2:6d:97:5e:22:31:87:45:a1:9b:d9:0b:5b:1d:5e:98:74:21:
82:01:2e:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzaGB1MtMzwyDFvdzvTv6vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZTlkYjI5YWE5MzA4ZTE3NTFiMDNkMGQ2OTk5YmI4Njg4
MDU4ODYwHhcNMjMwMTAyMTY1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODBmZTNlNmMxYmRhZTJiNWVhMDI3MjcxM2Y4MTYzMGRjMzAxMjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucVZHzjlptrWaU3rl+ckKJhNGRg3
HeMnWL5koTf//aYF6chc+bifl8Mk6n8mJZtk4fU3Csdi0ER6ojuIgUrc/1i1hRZ9
WQfLTVEkqRLRYJsqQHFKCmywX48JhQ7n7fxsRWWHc8eEzk8lnjrIPAV98G/fpZhM
iauNEunv+eVFDVVv1Wk2UiOGa/F+wgfvZgXCfygzCHo9lNFcmtTrwbDrjOsAoKFf
yS01a6jPyPaKGOYjUid8YAsVsypxaRHgLKqgjuUEmoZ6aW5IYg7Vumea4FYr/WE+
cW07wfUBsL4lwwDIAeYyfRFmXlnlyFaSYyjTFc38vs1MILuPHZ5Z4ii6uwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgP4+bBva4rXqAnJxP4FjDcMBIGMB8GA1UdIwQY
MBaAFBrp2ymqkwjhdRsD0NaZm7hogFiGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3VuYkthcVRDT0YxR3dQUTFwbWJ1R2lBV0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lYjc4MzUtZDM2NC00ZTI4LTlhODIt
ZWQ5MjMxZmJhZWQxLzEvT0FfajVzRzlyaXRlb0NjbkVfZ1dNTnd3RWdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lYjc4MzUtZDM2NC00ZTI4LTlhODItZWQ5MjMxZmJhZWQx
LzEvR3VuYkthcVRDT0YxR3dQUTFwbWJ1R2lBV0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWRM8MA0G
CSqGSIb3DQEBCwUAA4IBAQAIL1/fYpeTqFQZ5Zm/zUnf/L+XuxQCfT9DBXS38Li5
YFG+XoByzOaISBJUDJ1IEkKmoNRoEzXIdhgBVGrgJQb4MJR5z8XSJDHAgiXQr9pw
tLfxZScEoeuo4we+Ar7+Mf0bFTnRXUmhffeAL9ovM9aBqPne0qJlcHbJMDOIJUS3
KRyERjRY9XaMApOKx+WFL8eJfbFHg4sw5PH1Wlz7RoOplyxYH5aLZ4rNFbXQ+BAk
Gyb/22xXJGpH7PMAYE7HylVJPSKrm+DvRCULlT9ocKDwwSIE6//rpWNV8HTjixYx
CDOZY04wWJbV/rHibZdeIjGHRaGb2QtbHV6YdCGCAS53
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:48 2025 by rpki-client