Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/49uexr2QyTT_H2KNvK8r5SfAHWA.roa
File: 49uexr2QyTT_H2KNvK8r5SfAHWA.roa (raw, json)
Hash identifier: nUYYvwiqI3TMGrnHr+IZphZHhVmMTCU7dDRIQ+M8xFs=
Subject key identifier: E3:DB:9E:C6:BD:90:C9:34:FF:1F:62:8D:BC:AF:2B:E5:27:C0:1D:60
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 01856F0244B710523DF65575624CB8CF481B
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/49uexr2QyTT_H2KNvK8r5SfAHWA.roa
Signing time: Sun 01 Jan 2023 20:24:57 +0000
ROA not before: Sun 01 Jan 2023 20:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209271
IP address blocks: 89.111.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:44:b7:10:52:3d:f6:55:75:62:4c:b8:cf:48:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 20:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e3db9ec6bd90c934ff1f628dbcaf2be527c01d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:42:a1:ee:ab:a4:b9:ff:ca:c5:c1:35:fb:ed:
c5:2d:2b:28:12:6f:6a:bf:af:41:63:a5:b0:31:25:
69:58:7c:3f:65:a4:6e:84:3d:92:e4:0d:96:80:45:
72:93:9d:87:be:c6:09:81:16:23:37:2f:ce:d4:23:
43:0d:af:f2:d6:a5:d1:56:72:58:d8:78:a8:1b:08:
f4:79:7a:a2:52:66:86:13:a2:22:b1:8a:50:6e:2f:
89:65:88:fd:c8:21:04:21:6e:25:ff:67:62:1b:3b:
19:5a:e3:9f:e0:35:5e:c5:e0:83:04:c7:42:c8:9f:
70:82:7b:d6:b3:04:b5:90:95:1b:68:1d:c8:f7:0c:
bd:f0:85:86:6d:c4:b7:cb:b2:b4:d7:c3:92:9a:3d:
00:a6:64:f6:85:19:57:10:a9:0b:ca:d0:ac:04:6b:
00:c4:83:07:3d:7b:37:fe:0a:15:1f:af:39:a0:9c:
57:26:d4:d8:1e:37:be:8b:63:28:ce:0e:03:2b:1f:
1b:19:e4:4a:83:72:8b:77:5c:bb:52:db:a0:cd:ef:
e7:17:e9:8e:82:74:1a:57:d0:d3:06:4c:04:9b:e4:
f0:d5:43:cf:2b:75:b5:8c:60:50:e3:df:1f:70:cf:
79:83:40:b7:33:09:11:00:7d:93:5e:b5:3e:7c:7d:
23:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DB:9E:C6:BD:90:C9:34:FF:1F:62:8D:BC:AF:2B:E5:27:C0:1D:60
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/49uexr2QyTT_H2KNvK8r5SfAHWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.111.239.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:e7:69:19:53:fa:49:d9:41:ca:e3:1c:9d:20:44:2c:56:68:
17:12:97:dc:2f:9f:51:4b:b8:51:12:21:4d:1b:a7:37:91:21:
99:1c:5b:bd:c8:42:32:6f:63:db:cc:b9:f2:c8:3d:e4:13:89:
38:14:bd:ab:98:cb:a2:ee:7c:1b:99:c1:f6:43:4e:2a:97:49:
40:cc:32:eb:8a:79:06:b7:2a:66:51:2c:15:76:70:08:8a:7a:
c3:70:14:7a:a6:48:7a:8a:09:91:82:ba:f5:1c:e7:19:91:a3:
9d:09:10:38:5a:01:4d:b3:61:d7:1b:33:4e:e0:0d:ca:90:37:
78:af:ad:7b:21:2c:69:47:ab:dd:d0:b4:86:69:89:ab:b0:29:
97:c9:b5:46:87:d8:68:8f:01:91:53:c5:8a:77:2c:db:c5:d1:
cf:5c:fd:54:da:42:7e:e0:89:b4:9b:fc:16:08:d8:ad:a7:3a:
10:ee:c5:26:81:5a:ed:17:76:08:7b:87:e8:46:73:4e:e4:4a:
48:fc:0f:e0:32:29:58:7e:35:f0:4a:ab:8b:91:1b:a2:95:03:
0f:61:79:23:68:9b:b3:d0:ea:34:4f:9f:fd:c3:a9:82:b4:ab:
90:98:e6:ad:c9:f0:82:96:f4:9d:02:68:1d:49:cf:e9:cf:88:
fb:b4:e6:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkS3EFI99lV1Yky4z0gbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjMwMTAxMjAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2RiOWVjNmJkOTBjOTM0ZmYxZjYyOGRiY2FmMmJlNTI3YzAxZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUKh7qukuf/KxcE1++3FLSsoEm9q
v69BY6WwMSVpWHw/ZaRuhD2S5A2WgEVyk52HvsYJgRYjNy/O1CNDDa/y1qXRVnJY
2HioGwj0eXqiUmaGE6IisYpQbi+JZYj9yCEEIW4l/2diGzsZWuOf4DVexeCDBMdC
yJ9wgnvWswS1kJUbaB3I9wy98IWGbcS3y7K018OSmj0ApmT2hRlXEKkLytCsBGsA
xIMHPXs3/goVH685oJxXJtTYHje+i2Mozg4DKx8bGeRKg3KLd1y7Utugze/nF+mO
gnQaV9DTBkwEm+Tw1UPPK3W1jGBQ498fcM95g0C3MwkRAH2TXrU+fH0jUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOPbnsa9kMk0/x9ijbyvK+UnwB1gMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvNDl1ZXhyMlF5VFRfSDJLTnZLOHI1U2ZBSFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWW/vMA0G
CSqGSIb3DQEBCwUAA4IBAQB+52kZU/pJ2UHK4xydIEQsVmgXEpfcL59RS7hREiFN
G6c3kSGZHFu9yEIyb2PbzLnyyD3kE4k4FL2rmMui7nwbmcH2Q04ql0lAzDLrinkG
typmUSwVdnAIinrDcBR6pkh6igmRgrr1HOcZkaOdCRA4WgFNs2HXGzNO4A3KkDd4
r617ISxpR6vd0LSGaYmrsCmXybVGh9hojwGRU8WKdyzbxdHPXP1U2kJ+4Im0m/wW
CNitpzoQ7sUmgVrtF3YIe4foRnNO5EpI/A/gMilYfjXwSquLkRuilQMPYXkjaJuz
0Oo0T5/9w6mCtKuQmOatyfCClvSdAmgdSc/pz4j7tObX
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:40:58 2025 by rpki-client