Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7aQ-uEKJR2hOVD6Y05HCfD5dLbM.roa
File: 7aQ-uEKJR2hOVD6Y05HCfD5dLbM.roa (raw, json)
Hash identifier: cJ5INA2apmMQt22uXVtD/dDbB1DDTKtzO7SFLGBPQw4=
Subject key identifier: ED:A4:3E:B8:42:89:47:68:4E:54:3E:98:D3:91:C2:7C:3E:5D:2D:B3
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018930FFAE632320D6997E2F1D941A07243F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7aQ-uEKJR2hOVD6Y05HCfD5dLbM.roa
Signing time: Fri 07 Jul 2023 15:36:49 +0000
ROA not before: Fri 07 Jul 2023 15:36:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147291
IP address blocks: 89.213.5.0/24 maxlen: 24
89.213.135.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.138.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.137.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:30:ff:ae:63:23:20:d6:99:7e:2f:1d:94:1a:07:24:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 7 15:36:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eda43eb8428947684e543e98d391c27c3e5d2db3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ae:5f:39:f7:86:84:66:cc:b9:d7:06:62:40:
a5:53:67:20:df:3f:4b:c5:92:70:95:ee:47:49:3c:
e1:08:b4:1f:0a:ac:13:ba:56:cf:8f:c3:7e:a7:85:
cb:5e:79:25:ff:52:14:e4:df:26:b8:55:e1:42:aa:
e0:92:fe:d4:85:66:ff:aa:98:f2:36:25:3a:95:ec:
14:0a:86:ef:c7:d2:5e:ea:eb:b4:4b:59:4f:de:4b:
bb:30:c7:fe:92:a2:2b:37:d5:06:68:1d:79:6a:4f:
f7:f1:35:6d:aa:18:f7:4e:8b:57:8a:b2:8a:58:6c:
b4:fc:71:da:72:4c:fd:a0:6b:3a:db:d7:3f:74:95:
2f:ce:77:a3:cc:20:4c:4f:f3:13:b3:b5:f3:5a:ff:
0b:63:db:fb:12:3c:0d:c1:e6:b0:13:05:ad:b0:d2:
7e:ab:79:6e:24:60:10:cd:9a:a3:a4:c1:97:ed:26:
44:91:c5:04:e3:ee:7d:5e:ae:64:c2:7e:bb:a3:6e:
d3:b9:37:93:7f:ad:82:53:f2:32:b0:1f:65:95:f1:
ac:8a:b6:14:f7:37:fa:74:27:ab:8d:a7:ff:49:c1:
85:dc:e6:fd:ae:0a:70:06:03:1b:01:90:a2:21:fd:
2e:5e:da:10:c7:5d:40:bb:46:7a:02:30:15:55:2c:
6c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:A4:3E:B8:42:89:47:68:4E:54:3E:98:D3:91:C2:7C:3E:5D:2D:B3
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7aQ-uEKJR2hOVD6Y05HCfD5dLbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.5.0/24
89.213.133.0-89.213.139.255
89.213.153.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:8f:d1:cf:17:72:74:63:84:0d:ec:3d:02:1e:65:1e:7d:f8:
f1:a3:a2:fe:4a:9c:51:5a:c2:e1:ca:9d:83:9b:f3:3a:8e:c6:
4b:f1:1f:2e:b9:3e:25:4f:80:5f:14:3a:7c:7c:2c:48:61:b0:
71:39:40:b0:f2:e9:38:dd:2b:a5:31:dd:bb:b4:49:c2:91:af:
4c:43:a4:45:43:ef:97:87:ff:cb:bf:a4:9b:18:89:f1:f5:86:
8f:b8:6e:71:41:9b:fc:f3:ed:c1:31:e2:a1:62:a3:78:05:20:
fc:16:4a:8b:bc:3b:9a:fe:56:f3:54:ae:3a:c3:65:11:7a:89:
7e:87:49:26:b4:e3:17:3d:05:87:b4:92:cc:63:82:aa:10:d0:
e0:9e:7d:53:b3:b8:8b:dc:6f:7c:82:fd:b4:0b:e9:a4:a7:70:
56:e8:e3:70:eb:64:2a:88:89:77:ba:c6:b7:41:00:6e:2a:b2:
fe:6f:cc:0c:8a:2b:0f:f8:f5:de:aa:00:24:80:ff:c1:d4:3c:
f5:a8:df:35:a6:2c:35:99:c1:4a:b7:38:dc:20:7f:77:00:9b:
e1:f1:86:06:f1:e6:e6:99:ba:5c:97:a1:65:86:fa:7b:3c:90:
a7:93:d7:ab:aa:39:76:20:65:89:39:fe:4b:17:2d:da:d7:6d:
fa:8f:97:43
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYkw/65jIyDWmX4vHZQaByQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA3MTUzNjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZGE0M2ViODQyODk0NzY4NGU1NDNlOThkMzkxYzI3YzNlNWQyZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnK5fOfeGhGbMudcGYkClU2cg3z9L
xZJwle5HSTzhCLQfCqwTulbPj8N+p4XLXnkl/1IU5N8muFXhQqrgkv7UhWb/qpjy
NiU6lewUCobvx9Je6uu0S1lP3ku7MMf+kqIrN9UGaB15ak/38TVtqhj3TotXirKK
WGy0/HHackz9oGs629c/dJUvznejzCBMT/MTs7XzWv8LY9v7EjwNweawEwWtsNJ+
q3luJGAQzZqjpMGX7SZEkcUE4+59Xq5kwn67o27TuTeTf62CU/IysB9llfGsirYU
9zf6dCerjaf/ScGF3Ob9rgpwBgMbAZCiIf0uXtoQx11Au0Z6AjAVVSxstQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFO2kPrhCiUdoTlQ+mNORwnw+XS2zMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN2FRLXVFS0pSMmhPVkQ2WTA1SENmRDVkTGJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWdUFMAwD
BABZ1YUDBAJZ1YgDBABZ1ZkwDQYJKoZIhvcNAQELBQADggEBAF+P0c8XcnRjhA3s
PQIeZR59+PGjov5KnFFawuHKnYOb8zqOxkvxHy65PiVPgF8UOnx8LEhhsHE5QLDy
6TjdK6Ux3bu0ScKRr0xDpEVD75eH/8u/pJsYifH1ho+4bnFBm/zz7cEx4qFio3gF
IPwWSou8O5r+VvNUrjrDZRF6iX6HSSa04xc9BYe0ksxjgqoQ0OCefVOzuIvcb3yC
/bQL6aSncFbo43DrZCqIiXe6xrdBAG4qsv5vzAyKKw/49d6qACSA/8HUPPWo3zWm
LDWZwUq3ONwgf3cAm+Hxhgbx5uaZulyXoWWG+ns8kKeT16uqOXYgZYk5/ksXLdrX
bfqPl0M=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:23:25 2025 by rpki-client