Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/RK3KMxteiUlns58aRXxhxkMlHQs.roa
File: RK3KMxteiUlns58aRXxhxkMlHQs.roa (raw, json)
Hash identifier: gPXYCL45fslTcbXHQi2Wq1J45mS5j6H1tzLew11thUA=
Subject key identifier: 44:AD:CA:33:1B:5E:89:49:67:B3:9F:1A:45:7C:61:C6:43:25:1D:0B
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0187C7CFDE1C8F927880AB79B5CDA43CB8E2
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/RK3KMxteiUlns58aRXxhxkMlHQs.roa
Signing time: Fri 28 Apr 2023 12:21:41 +0000
ROA not before: Fri 28 Apr 2023 12:21:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12735
IP address blocks: 89.40.70.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:cf:de:1c:8f:92:78:80:ab:79:b5:cd:a4:3c:b8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Apr 28 12:21:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=44adca331b5e894967b39f1a457c61c643251d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0a:da:ac:d2:b3:6c:17:06:08:dc:de:8c:10:
2e:a2:71:dd:80:99:2a:12:aa:6b:e9:e2:fe:3d:22:
49:18:8e:2f:1d:a0:df:45:cd:ce:62:d5:19:08:4f:
1c:25:42:56:bb:f3:d0:23:59:7c:26:9f:4a:c5:60:
cc:a7:ce:c1:b7:09:f0:c9:cb:83:e6:b8:cd:8d:6e:
c6:a0:0a:b5:8e:b2:79:e2:43:09:c8:59:17:af:fb:
8c:ec:63:5e:d0:ae:af:00:28:93:77:94:94:c4:16:
e3:79:07:65:ad:89:61:4d:dc:b9:e3:e8:2c:e3:70:
4a:d1:da:7b:9d:e9:69:79:0b:4e:56:ba:cb:8f:2e:
ab:3b:52:05:09:c3:30:60:6b:9b:93:cf:4a:4d:cd:
16:37:28:79:05:2f:2c:4f:9c:4b:9d:7b:3c:87:df:
7a:6b:ec:3c:03:22:56:d6:84:d0:93:f3:bb:99:0f:
14:34:fc:77:22:43:7d:c2:ee:ed:e4:9e:b2:d1:80:
30:71:b6:6b:20:dd:c3:76:87:88:4f:2d:36:0c:e5:
22:02:76:df:cc:25:d2:6a:51:14:7c:41:3b:bd:3c:
8c:36:17:0b:32:82:1d:0f:e9:5e:6c:e8:de:0a:a0:
f1:20:8b:ab:15:87:f9:4a:ca:84:23:0c:9a:46:1c:
55:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:AD:CA:33:1B:5E:89:49:67:B3:9F:1A:45:7C:61:C6:43:25:1D:0B
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/RK3KMxteiUlns58aRXxhxkMlHQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.70.0/24
Signature Algorithm: sha256WithRSAEncryption
03:5e:44:82:66:b3:6f:65:cd:ee:42:1e:8c:21:d1:6b:48:a9:
ac:2c:e6:87:12:c2:ca:2d:bc:e7:b0:8f:3a:68:47:e7:c0:79:
88:c9:b3:9e:40:c3:51:2a:57:3e:b8:bd:50:cb:68:71:28:ab:
4d:5f:00:79:b9:00:51:50:ad:ac:38:22:03:dc:46:1d:14:b4:
ff:7b:f7:27:a7:2b:ce:b8:93:ba:02:01:de:20:37:5b:9c:d2:
bd:9c:19:8f:25:a5:fa:03:fc:03:07:1e:59:85:54:01:88:3a:
79:a5:4e:44:82:a2:c0:cd:8c:5c:11:81:c9:a0:76:65:fe:1c:
92:c6:e0:ff:eb:02:59:b2:66:b4:a4:c2:5e:db:87:72:19:c1:
5f:d5:b0:04:e0:09:ac:7a:b4:2c:ff:9a:a5:f4:1a:cb:79:88:
47:82:99:4d:f7:0c:c9:13:38:57:89:0d:be:c2:ca:ca:bf:63:
01:69:a4:c4:ab:30:d0:ce:17:f6:33:11:73:d7:67:ea:e8:e3:
f2:3b:c2:a8:fd:30:99:bd:41:6e:ee:4c:67:0e:67:58:95:21:
1e:1a:ff:e3:9a:46:a9:15:5d:5d:f5:3b:8b:67:f5:e5:c4:75:
3d:ae:ef:7a:7c:5b:48:af:00:d7:28:34:d8:16:1b:51:c7:a0:
60:a5:d7:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfHz94cj5J4gKt5tc2kPLjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNDI4MTIyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGFkY2EzMzFiNWU4OTQ5NjdiMzlmMWE0NTdjNjFjNjQzMjUxZDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzArarNKzbBcGCNzejBAuonHdgJkq
Eqpr6eL+PSJJGI4vHaDfRc3OYtUZCE8cJUJWu/PQI1l8Jp9KxWDMp87BtwnwycuD
5rjNjW7GoAq1jrJ54kMJyFkXr/uM7GNe0K6vACiTd5SUxBbjeQdlrYlhTdy54+gs
43BK0dp7nelpeQtOVrrLjy6rO1IFCcMwYGubk89KTc0WNyh5BS8sT5xLnXs8h996
a+w8AyJW1oTQk/O7mQ8UNPx3IkN9wu7t5J6y0YAwcbZrIN3DdoeITy02DOUiAnbf
zCXSalEUfEE7vTyMNhcLMoIdD+lebOjeCqDxIIurFYf5SsqEIwyaRhxV9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEStyjMbXolJZ7OfGkV8YcZDJR0LMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvUkszS014dGVpVWxuczU4YVJYeGh4a01sSFFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWShGMA0G
CSqGSIb3DQEBCwUAA4IBAQADXkSCZrNvZc3uQh6MIdFrSKmsLOaHEsLKLbznsI86
aEfnwHmIybOeQMNRKlc+uL1Qy2hxKKtNXwB5uQBRUK2sOCID3EYdFLT/e/cnpyvO
uJO6AgHeIDdbnNK9nBmPJaX6A/wDBx5ZhVQBiDp5pU5EgqLAzYxcEYHJoHZl/hyS
xuD/6wJZsma0pMJe24dyGcFf1bAE4AmserQs/5ql9BrLeYhHgplN9wzJEzhXiQ2+
wsrKv2MBaaTEqzDQzhf2MxFz12fq6OPyO8Ko/TCZvUFu7kxnDmdYlSEeGv/jmkap
FV1d9TuLZ/XlxHU9ru96fFtIrwDXKDTYFhtRx6Bgpdcs
-----END CERTIFICATE-----
Generated at Sun Jun 8 23:29:35 2025 by rpki-client