Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/9yvIs9biokgk1KryBQeYeraJwV0.roa
File: 9yvIs9biokgk1KryBQeYeraJwV0.roa (raw, json)
Hash identifier: LrmEl8azq7CqSf/kUiwDUYK+9F4/Ce706NmJKdIMpEE=
Subject key identifier: F7:2B:C8:B3:D6:E2:A2:48:24:D4:AA:F2:05:07:98:7A:B6:89:C1:5D
Certificate issuer: /CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Certificate serial: 018977E118143C2D2E588EDD0A7C456772FA
Authority key identifier: 58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/9yvIs9biokgk1KryBQeYeraJwV0.roa
Signing time: Fri 21 Jul 2023 09:56:27 +0000
ROA not before: Fri 21 Jul 2023 09:56:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31673
IP address blocks: 193.239.89.0/24 maxlen: 24
2a02:4640:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:e1:18:14:3c:2d:2e:58:8e:dd:0a:7c:45:67:72:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Validity
Not Before: Jul 21 09:56:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f72bc8b3d6e2a24824d4aaf20507987ab689c15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4a:b4:fc:e1:69:a3:db:d0:d9:a2:8e:bc:54:
53:17:90:d6:bf:64:11:db:f3:37:b2:6b:fd:9e:0c:
3a:39:96:b3:44:9f:9d:8b:f0:75:eb:83:d2:b0:08:
59:20:54:bc:27:56:a8:1f:f9:8d:5e:c2:f6:f2:61:
f6:aa:0d:a9:99:0b:54:d1:25:e6:b5:df:66:0f:7f:
74:4d:41:d4:4b:08:d8:3a:0a:da:42:18:36:88:ec:
2d:cd:49:2d:58:59:37:64:c4:24:e1:6a:15:f7:3e:
5f:2d:bc:ec:f2:fd:4d:45:03:e8:d4:94:6c:4a:29:
e9:ba:af:51:fc:4e:0c:e6:90:0c:64:ad:5c:64:62:
d4:7a:73:99:f4:79:49:21:45:4e:b1:1b:90:a3:80:
03:e1:86:62:99:60:6e:cb:42:bb:0e:5a:7b:1a:bb:
26:f9:85:d2:70:63:11:1d:0d:cd:97:87:6d:27:b0:
89:eb:78:42:cf:1f:85:09:62:50:a9:d2:39:33:9a:
b4:12:ba:ca:d1:27:8e:26:1c:81:76:24:80:e1:31:
0e:a2:98:d1:f4:73:8d:42:93:d7:c0:a2:05:08:39:
80:e3:8e:ef:f8:04:78:3c:70:fd:6b:dc:00:4b:61:
5d:02:ed:0b:c0:32:a8:7a:59:56:ab:91:49:82:4d:
fb:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2B:C8:B3:D6:E2:A2:48:24:D4:AA:F2:05:07:98:7A:B6:89:C1:5D
X509v3 Authority Key Identifier:
keyid:58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/9yvIs9biokgk1KryBQeYeraJwV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.239.89.0/24
IPv6:
2a02:4640:1::/48
Signature Algorithm: sha256WithRSAEncryption
80:f5:53:35:00:5e:c2:26:de:eb:79:4c:2a:ab:82:7c:2f:8a:
61:77:88:c4:17:bc:63:af:ef:81:ec:2d:42:b3:d1:17:7d:47:
9f:3c:bc:05:cd:dc:1c:4c:69:ea:65:37:d5:42:73:bd:9f:bf:
ad:ab:ae:78:09:c8:c7:dc:c8:a2:0f:44:66:55:a9:f6:86:d7:
b3:30:ab:66:2f:46:e0:1a:63:92:e3:08:f0:7c:ec:33:81:f1:
cd:38:f7:00:b6:3b:1b:8f:13:61:5c:ff:19:3a:56:2a:c4:68:
d5:72:c6:a2:bc:c1:3f:50:3b:4c:94:40:4c:4e:bd:ef:45:f9:
61:19:13:a0:f7:e2:2d:9a:dc:08:f2:e5:c9:74:d7:e4:59:42:
2a:00:a1:3a:de:3f:b5:81:60:01:60:4a:1f:19:4b:8b:a8:ca:
16:d2:58:05:d4:fa:52:32:6d:e9:86:ee:bc:df:6a:a2:37:cd:
df:c3:70:78:7c:f3:c3:1d:93:90:6a:18:30:b1:33:1c:a0:f3:
7a:02:4d:77:1f:dc:be:5e:da:08:a2:ce:4d:7e:0a:78:ff:c0:
64:b8:e7:a4:c0:e7:88:90:47:28:4c:58:24:8a:e7:6f:07:73:
f6:e2:06:92:5a:21:97:b2:a4:22:14:a1:df:2a:b6:69:49:82:
3f:38:b0:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYl34RgUPC0uWI7dCnxFZ3L6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjY3MTMxZDc2MGI1ZGIxZGU5OGVhMjBjMGY4MmZjMDFj
OWYxZDkwHhcNMjMwNzIxMDk1NjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzJiYzhiM2Q2ZTJhMjQ4MjRkNGFhZjIwNTA3OTg3YWI2ODljMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEq0/OFpo9vQ2aKOvFRTF5DWv2QR
2/M3smv9ngw6OZazRJ+di/B164PSsAhZIFS8J1aoH/mNXsL28mH2qg2pmQtU0SXm
td9mD390TUHUSwjYOgraQhg2iOwtzUktWFk3ZMQk4WoV9z5fLbzs8v1NRQPo1JRs
Sinpuq9R/E4M5pAMZK1cZGLUenOZ9HlJIUVOsRuQo4AD4YZimWBuy0K7Dlp7Grsm
+YXScGMRHQ3Nl4dtJ7CJ63hCzx+FCWJQqdI5M5q0ErrK0SeOJhyBdiSA4TEOopjR
9HONQpPXwKIFCDmA447v+AR4PHD9a9wAS2FdAu0LwDKoellWq5FJgk37KQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFPcryLPW4qJIJNSq8gUHmHq2icFdMB8GA1UdIwQY
MBaAFFhmcTHXYLXbHemOogwPgvwByfHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQt
MjQ4MTEwNmY4YjI1LzEvOXl2SXM5Ymlva2drMUtyeUJRZVllcmFKd1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQtMjQ4MTEwNmY4YjI1
LzEvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwe9ZMA8E
AgACMAkDBwAqAkZAAAEwDQYJKoZIhvcNAQELBQADggEBAID1UzUAXsIm3ut5TCqr
gnwvimF3iMQXvGOv74HsLUKz0Rd9R588vAXN3BxMaeplN9VCc72fv62rrngJyMfc
yKIPRGZVqfaG17Mwq2YvRuAaY5LjCPB87DOB8c049wC2OxuPE2Fc/xk6VirEaNVy
xqK8wT9QO0yUQExOve9F+WEZE6D34i2a3Ajy5cl01+RZQioAoTreP7WBYAFgSh8Z
S4uoyhbSWAXU+lIybemG7rzfaqI3zd/DcHh888Mdk5BqGDCxMxyg83oCTXcf3L5e
2giizk1+Cnj/wGS456TA54iQRyhMWCSK528Hc/biBpJaIZeypCIUod8qtmlJgj84
sEg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:41 2025 by rpki-client