Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/f1480f-76e9-4c8e-ac32-3577b1efdc78/1/JDr7ZG-PcEHkfQCCBm_pKtCj51Q.roa
File: JDr7ZG-PcEHkfQCCBm_pKtCj51Q.roa (raw, json)
Hash identifier: dIYvVvvzqwX5OpeGp3FUtL0e7e6Geiy9jF3cco3UEDo=
Subject key identifier: 24:3A:FB:64:6F:8F:70:41:E4:7D:00:82:06:6F:E9:2A:D0:A3:E7:54
Certificate issuer: /CN=978f41e290285473c2a1e2be7f66f63452ed4644
Certificate serial: 05572082
Authority key identifier: 97:8F:41:E2:90:28:54:73:C2:A1:E2:BE:7F:66:F6:34:52:ED:46:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l49B4pAoVHPCoeK-f2b2NFLtRkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/f1480f-76e9-4c8e-ac32-3577b1efdc78/1/JDr7ZG-PcEHkfQCCBm_pKtCj51Q.roa
Signing time: Sat 01 Jan 2022 14:05:37 +0000
ROA not before: Sat 01 Jan 2022 14:05:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39452
IP address blocks: 89.150.0.0/23 maxlen: 23
89.150.0.0/24 maxlen: 24
89.150.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89596034 (0x5572082)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=978f41e290285473c2a1e2be7f66f63452ed4644
Validity
Not Before: Jan 1 14:05:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=243afb646f8f7041e47d0082066fe92ad0a3e754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f7:f6:45:26:3c:c9:ef:17:8f:cb:fe:82:42:
09:1f:00:d4:fc:18:28:9a:eb:dc:93:74:f1:3b:42:
fa:32:0b:81:00:fe:e2:a7:49:ef:58:5b:62:9e:07:
d4:16:d8:79:dd:c1:a5:8f:f4:3e:39:95:fb:a8:d6:
92:81:c6:ae:d3:f9:0a:0d:ee:fb:4c:07:b8:81:9c:
3f:78:0f:c9:94:1e:0a:c9:24:91:af:84:f9:d5:ec:
06:4e:79:da:b5:ac:1e:96:4b:97:b8:60:51:9f:7e:
fc:c3:f0:62:af:f5:24:3b:d9:d0:a6:1d:11:c4:96:
ed:2d:70:ff:50:a0:bb:65:e1:92:42:41:0a:1c:0f:
d5:c1:e0:90:fb:c1:24:e7:0b:9f:86:ca:46:93:de:
25:bb:3d:4c:3e:f2:65:b8:52:23:d6:3f:ef:22:fd:
03:a5:a5:0d:b9:b2:62:05:81:0b:e0:e5:f8:c0:32:
3c:27:43:61:64:39:15:0b:5e:18:a2:53:52:6c:42:
e3:6a:b4:0a:e3:4c:91:53:39:fa:9a:50:6b:34:b3:
cd:7a:0f:87:a1:49:46:5b:03:47:b2:8f:ea:32:d6:
42:f7:99:62:bf:9d:24:3f:d1:17:7e:42:62:0d:f9:
ce:68:1d:a8:53:74:13:69:5d:52:2b:67:6a:f1:96:
65:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3A:FB:64:6F:8F:70:41:E4:7D:00:82:06:6F:E9:2A:D0:A3:E7:54
X509v3 Authority Key Identifier:
keyid:97:8F:41:E2:90:28:54:73:C2:A1:E2:BE:7F:66:F6:34:52:ED:46:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l49B4pAoVHPCoeK-f2b2NFLtRkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f1480f-76e9-4c8e-ac32-3577b1efdc78/1/JDr7ZG-PcEHkfQCCBm_pKtCj51Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f1480f-76e9-4c8e-ac32-3577b1efdc78/1/l49B4pAoVHPCoeK-f2b2NFLtRkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.0.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:09:6a:ed:ca:b3:5b:77:44:ab:93:98:1c:d4:13:ed:77:0d:
70:10:a8:2b:6f:d6:fd:88:e3:cf:a3:27:93:3e:52:f6:22:ae:
5d:01:e7:b2:f8:c3:42:b8:1e:fb:c8:ce:d7:85:83:a5:48:bd:
2e:94:b3:ee:9a:12:cc:75:a2:02:ba:6a:55:75:8c:52:1c:e2:
4c:91:e3:fb:ec:de:15:ce:43:fe:ee:5b:7b:57:74:17:21:85:
3d:fe:86:17:da:26:bb:a2:08:1f:42:14:af:8a:a9:d0:b0:14:
e7:2f:27:10:57:d2:7e:8f:c5:9b:36:79:18:0e:ef:8d:28:64:
e8:e7:fd:af:32:63:d9:2c:1b:d6:90:63:15:13:39:6b:cf:d1:
02:fb:72:cb:01:1d:fa:b9:49:7d:43:36:b0:4a:eb:4f:d2:49:
32:47:10:5e:99:c9:b7:19:39:19:b5:04:7b:29:00:96:d3:d3:
70:46:65:28:df:98:a5:62:9a:ac:89:33:60:e1:b3:fc:cc:7e:
10:f1:66:50:aa:ae:dd:93:95:69:59:a6:3f:a6:a2:a2:a2:7b:
63:2a:dd:80:4f:d5:f4:a0:84:f7:b4:e8:78:19:07:cd:01:a5:
e2:5b:92:e7:03:16:4e:a0:17:7f:b2:af:d9:00:68:91:4a:6a:
c1:f0:0e:8f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBVcggjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NzhmNDFlMjkwMjg1NDczYzJhMWUyYmU3ZjY2ZjYzNDUyZWQ0NjQ0MB4XDTIyMDEw
MTE0MDUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjQzYWZiNjQ2Zjhm
NzA0MWU0N2QwMDgyMDY2ZmU5MmFkMGEzZTc1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJn39kUmPMnvF4/L/oJCCR8A1PwYKJrr3JN08TtC+jILgQD+
4qdJ71hbYp4H1BbYed3BpY/0PjmV+6jWkoHGrtP5Cg3u+0wHuIGcP3gPyZQeCskk
ka+E+dXsBk552rWsHpZLl7hgUZ9+/MPwYq/1JDvZ0KYdEcSW7S1w/1Cgu2XhkkJB
ChwP1cHgkPvBJOcLn4bKRpPeJbs9TD7yZbhSI9Y/7yL9A6WlDbmyYgWBC+Dl+MAy
PCdDYWQ5FQteGKJTUmxC42q0CuNMkVM5+ppQazSzzXoPh6FJRlsDR7KP6jLWQveZ
Yr+dJD/RF35CYg35zmgdqFN0E2ldUitnavGWZecCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQkOvtkb49wQeR9AIIGb+kq0KPnVDAfBgNVHSMEGDAWgBSXj0HikChUc8Kh
4r5/ZvY0Uu1GRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2w0OUI0cEFvVkhQQ29lSy1mMmIyTkZMdFJrUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvZjE0ODBmLTc2ZTktNGM4ZS1hYzMyLTM1NzdiMWVmZGM3OC8x
L0pEcjdaRy1QY0VIa2ZRQ0NCbV9wS3RDajUxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
ZjE0ODBmLTc2ZTktNGM4ZS1hYzMyLTM1NzdiMWVmZGM3OC8xL2w0OUI0cEFvVkhQ
Q29lSy1mMmIyTkZMdFJrUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVmWADANBgkqhkiG9w0BAQsFAAOC
AQEAjglq7cqzW3dEq5OYHNQT7XcNcBCoK2/W/Yjjz6Mnkz5S9iKuXQHnsvjDQrge
+8jO14WDpUi9LpSz7poSzHWiArpqVXWMUhziTJHj++zeFc5D/u5be1d0FyGFPf6G
F9omu6IIH0IUr4qp0LAU5y8nEFfSfo/FmzZ5GA7vjShk6Of9rzJj2Swb1pBjFRM5
a8/RAvtyywEd+rlJfUM2sErrT9JJMkcQXpnJtxk5GbUEeykAltPTcEZlKN+YpWKa
rIkzYOGz/Mx+EPFmUKqu3ZOVaVmmP6aioqJ7YyrdgE/V9KCE97ToeBkHzQGl4luS
5wMWTqAXf7Kv2QBokUpqwfAOjw==
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:21:23 2025 by rpki-client