Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0vT18IJIHhYBJLaGn0s-qnADjUM.roa
File: 0vT18IJIHhYBJLaGn0s-qnADjUM.roa (raw, json)
Hash identifier: wSD9sB5/NvXz0HA51ebE9K7mysBEuZz7E8jvugjDQSQ=
Subject key identifier: D2:F4:F5:F0:82:48:1E:16:01:24:B6:86:9F:4B:3E:AA:70:03:8D:43
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018921B9C8E0A3764089E0D7F1D963AF436C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0vT18IJIHhYBJLaGn0s-qnADjUM.roa
Signing time: Tue 04 Jul 2023 16:26:10 +0000
ROA not before: Tue 04 Jul 2023 16:26:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 89.213.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:21:b9:c8:e0:a3:76:40:89:e0:d7:f1:d9:63:af:43:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 4 16:26:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2f4f5f082481e160124b6869f4b3eaa70038d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8d:ae:c9:62:0f:62:cf:ee:1b:bd:26:cf:12:
9c:3d:33:30:0d:f6:2c:c5:0f:84:c2:63:1e:d2:a5:
20:ac:74:b2:b9:88:bf:ad:dd:0b:f8:2a:4a:4a:f0:
c8:04:e5:78:ce:db:d5:40:0d:1e:d5:a2:91:9e:83:
58:5c:7d:ca:ab:79:64:51:08:db:49:b0:ad:17:cd:
57:2a:5d:7b:e9:83:54:33:9d:d8:2d:31:16:da:f6:
cf:69:a5:1e:7f:79:3d:fd:b4:b3:9f:fe:05:db:d6:
32:f1:7c:90:c4:8a:5a:de:3d:9b:a2:06:c8:35:22:
43:76:9c:f5:ec:47:eb:0c:32:94:3b:be:46:b6:f4:
e1:af:9e:40:f2:e6:c2:91:25:b4:6a:98:a3:53:5c:
d6:29:5e:33:1c:16:89:bc:a2:b2:20:cf:e6:6d:ca:
ba:83:32:ab:5f:18:86:fe:09:c0:23:f6:ab:e8:43:
e8:bb:18:fc:3b:4a:3d:a8:65:03:f5:a4:76:2e:01:
e5:79:cc:a9:b8:79:88:5b:9d:cb:5c:6a:7c:de:1e:
91:60:6c:3f:d5:f0:f6:49:e1:f7:42:ff:6e:6b:d8:
b6:bd:c3:0f:a1:38:a9:31:93:74:0b:53:63:75:c3:
af:86:79:21:cd:75:1b:c1:de:4f:ee:a8:06:59:26:
3c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F4:F5:F0:82:48:1E:16:01:24:B6:86:9F:4B:3E:AA:70:03:8D:43
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0vT18IJIHhYBJLaGn0s-qnADjUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.4.0/24
Signature Algorithm: sha256WithRSAEncryption
78:41:fa:d8:ff:f8:12:2b:cb:51:c8:fb:f3:f8:54:e8:6e:77:
b9:ee:92:c6:60:23:65:c5:87:62:be:59:8a:55:2c:a0:81:fd:
17:8c:de:dd:0c:7b:82:fc:de:2c:9f:00:e6:21:53:ae:5f:8f:
3d:eb:81:85:62:aa:1f:20:1e:22:9b:7d:30:c5:4d:9e:d3:d2:
70:2b:4e:bc:77:a5:f0:25:7a:f8:e7:f3:a4:04:94:a3:a3:95:
e3:20:f5:4c:dc:65:70:50:d8:62:25:ae:28:36:85:b9:a4:64:
ec:a5:f2:21:6d:d6:67:97:f6:59:8d:55:fa:b9:b1:59:35:b7:
79:3b:05:6c:15:63:03:3b:67:e0:c0:7f:01:6d:a6:06:cf:e0:
c9:f8:51:22:0c:09:76:ad:23:d1:04:f6:dd:6b:44:43:15:a7:
d1:bd:eb:1a:9a:af:a5:78:e2:6f:be:15:f5:9d:fc:18:00:58:
55:6f:04:1b:7c:2c:ec:8d:93:7c:89:fe:b6:44:78:69:04:5c:
04:fe:70:b5:b6:55:ba:af:6f:c0:2d:73:da:16:b2:93:95:81:
b4:01:af:d4:b2:fa:81:bc:71:7d:f8:89:d9:c0:6a:c3:02:aa:
79:f3:f7:01:90:34:fe:b2:0d:e7:54:c0:1f:d6:1a:4e:b0:40:
04:55:d6:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkhucjgo3ZAieDX8dljr0NsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA0MTYyNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmY0ZjVmMDgyNDgxZTE2MDEyNGI2ODY5ZjRiM2VhYTcwMDM4ZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAro2uyWIPYs/uG70mzxKcPTMwDfYs
xQ+EwmMe0qUgrHSyuYi/rd0L+CpKSvDIBOV4ztvVQA0e1aKRnoNYXH3Kq3lkUQjb
SbCtF81XKl176YNUM53YLTEW2vbPaaUef3k9/bSzn/4F29Yy8XyQxIpa3j2bogbI
NSJDdpz17EfrDDKUO75GtvThr55A8ubCkSW0apijU1zWKV4zHBaJvKKyIM/mbcq6
gzKrXxiG/gnAI/ar6EPouxj8O0o9qGUD9aR2LgHlecypuHmIW53LXGp83h6RYGw/
1fD2SeH3Qv9ua9i2vcMPoTipMZN0C1NjdcOvhnkhzXUbwd5P7qgGWSY8SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNL09fCCSB4WASS2hp9LPqpwA41DMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMHZUMThJSklIaFlCSkxhR24wcy1xbkFEalVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdUEMA0G
CSqGSIb3DQEBCwUAA4IBAQB4QfrY//gSK8tRyPvz+FTobne57pLGYCNlxYdivlmK
VSyggf0XjN7dDHuC/N4snwDmIVOuX48964GFYqofIB4im30wxU2e09JwK068d6Xw
JXr45/OkBJSjo5XjIPVM3GVwUNhiJa4oNoW5pGTspfIhbdZnl/ZZjVX6ubFZNbd5
OwVsFWMDO2fgwH8BbaYGz+DJ+FEiDAl2rSPRBPbda0RDFafRvesamq+leOJvvhX1
nfwYAFhVbwQbfCzsjZN8if62RHhpBFwE/nC1tlW6r2/ALXPaFrKTlYG0Aa/UsvqB
vHF9+InZwGrDAqp58/cBkDT+sg3nVMAf1hpOsEAEVdbQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:27 2025 by rpki-client