Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/lX4o3eBi078MEn0rTzqZUBA9iig.roa
File: lX4o3eBi078MEn0rTzqZUBA9iig.roa (raw, json)
Hash identifier: MwRFl/2OzvsPgH48TEZ6UFcOJjxkHAi0ITma94gAh1A=
Subject key identifier: 95:7E:28:DD:E0:62:D3:BF:0C:12:7D:2B:4F:3A:99:50:10:3D:8A:28
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 01843C88338AD3ACEC715FE2E75B0DE99FBF
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/lX4o3eBi078MEn0rTzqZUBA9iig.roa
Signing time: Thu 03 Nov 2022 08:07:49 +0000
ROA not before: Thu 03 Nov 2022 08:07:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203744
IP address blocks: 89.111.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:88:33:8a:d3:ac:ec:71:5f:e2:e7:5b:0d:e9:9f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Nov 3 08:07:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=957e28dde062d3bf0c127d2b4f3a9950103d8a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:86:07:82:32:88:fb:d3:2a:99:a7:1f:34:69:
3b:e6:3b:ec:81:cc:da:d2:1d:a4:8b:60:bc:5e:c1:
6d:3e:61:47:89:3a:a8:14:15:c5:88:6c:8a:0b:44:
3b:4f:6c:bd:48:d6:4d:6f:6e:28:06:8d:a1:18:86:
a8:e4:36:7c:9f:1e:f3:5e:77:e6:52:07:a0:4b:55:
f8:ba:d7:31:15:19:a0:9d:ab:9f:44:49:53:da:f0:
81:af:ac:54:11:71:80:5b:9c:44:1c:a6:a9:e1:d0:
a9:ff:fd:8c:3e:4e:80:81:82:cf:23:59:0f:be:70:
e6:b1:f4:1e:26:6c:b6:1f:8d:4f:a8:db:6b:98:20:
3a:b2:a1:43:aa:0f:5f:ce:a6:54:e4:be:34:9c:a9:
3e:93:be:23:f0:5e:86:45:4c:0e:50:8c:ee:6c:73:
ac:18:60:1f:4c:69:6d:64:80:92:1a:f6:ba:bd:1d:
50:31:45:02:e8:de:30:58:9c:21:2b:33:94:b3:c5:
0d:8f:f9:e4:c4:e2:b5:93:fc:0d:f7:c3:e7:77:a6:
15:2d:71:db:d6:10:0a:a0:77:1b:27:1f:c7:d2:78:
9c:44:a4:ff:7a:e6:06:81:76:bb:8b:9d:37:3e:00:
cc:8c:54:d4:e2:6b:a5:51:f3:bd:3e:6b:3c:20:0b:
29:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:7E:28:DD:E0:62:D3:BF:0C:12:7D:2B:4F:3A:99:50:10:3D:8A:28
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/lX4o3eBi078MEn0rTzqZUBA9iig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.111.240.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:a2:ac:27:76:20:99:f9:a5:b7:83:65:59:c4:5d:9c:44:b0:
9c:e4:b5:df:8d:f8:7e:e1:ae:cf:fe:7c:2f:5f:bc:2d:dc:74:
d6:a0:57:07:f8:74:d5:8a:a1:da:25:23:a5:26:7a:0e:b4:86:
7b:50:b7:a6:3a:e9:12:8b:cb:e8:59:79:57:07:c3:8f:a0:ca:
95:bc:e5:62:d0:a0:52:c1:9d:44:20:8f:59:1f:43:f6:63:e8:
18:f0:11:3e:ee:12:c3:71:84:72:bc:2b:0d:c1:cc:0c:a9:51:
97:8c:3a:1c:5f:74:27:62:d3:a6:59:53:a6:60:ad:9c:f0:ca:
55:7f:21:f2:3b:90:d7:5f:4f:56:7a:28:2f:fa:2a:85:0c:4c:
76:28:0b:66:a5:0d:d7:d7:a3:d7:06:b1:f1:9b:9a:bf:54:19:
83:9d:0b:24:4c:5a:15:51:15:8f:93:ea:47:69:91:94:19:19:
30:c8:7a:30:5c:8f:68:96:44:5e:64:a3:c8:59:dc:22:e9:32:
97:85:7c:b2:17:0e:57:34:af:a5:48:62:4d:7d:2f:c7:aa:55:
2a:bd:c7:5d:82:6c:4d:c2:11:38:de:70:79:78:1d:7e:26:ab:
0f:dc:01:4c:ce:96:b3:df:59:f6:d7:85:3c:77:60:63:43:86:
68:f7:c2:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ8iDOK06zscV/i51sN6Z+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjIxMTAzMDgwNzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTdlMjhkZGUwNjJkM2JmMGMxMjdkMmI0ZjNhOTk1MDEwM2Q4YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqYYHgjKI+9MqmacfNGk75jvsgcza
0h2ki2C8XsFtPmFHiTqoFBXFiGyKC0Q7T2y9SNZNb24oBo2hGIao5DZ8nx7zXnfm
UgegS1X4utcxFRmgnaufRElT2vCBr6xUEXGAW5xEHKap4dCp//2MPk6AgYLPI1kP
vnDmsfQeJmy2H41PqNtrmCA6sqFDqg9fzqZU5L40nKk+k74j8F6GRUwOUIzubHOs
GGAfTGltZICSGva6vR1QMUUC6N4wWJwhKzOUs8UNj/nkxOK1k/wN98Pnd6YVLXHb
1hAKoHcbJx/H0nicRKT/euYGgXa7i503PgDMjFTU4mulUfO9Pms8IAspjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJV+KN3gYtO/DBJ9K086mVAQPYooMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvbFg0bzNlQmkwNzhNRW4wclR6cVpVQkE5aWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWW/wMA0G
CSqGSIb3DQEBCwUAA4IBAQBroqwndiCZ+aW3g2VZxF2cRLCc5LXfjfh+4a7P/nwv
X7wt3HTWoFcH+HTViqHaJSOlJnoOtIZ7ULemOukSi8voWXlXB8OPoMqVvOVi0KBS
wZ1EII9ZH0P2Y+gY8BE+7hLDcYRyvCsNwcwMqVGXjDocX3QnYtOmWVOmYK2c8MpV
fyHyO5DXX09Weigv+iqFDEx2KAtmpQ3X16PXBrHxm5q/VBmDnQskTFoVURWPk+pH
aZGUGRkwyHowXI9olkReZKPIWdwi6TKXhXyyFw5XNK+lSGJNfS/HqlUqvcddgmxN
whE43nB5eB1+JqsP3AFMzpaz31n214U8d2BjQ4Zo98Ju
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:37 2025 by rpki-client