Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A_GVo97L_bDb49awsj3eVXo5UQ8.roa
File: A_GVo97L_bDb49awsj3eVXo5UQ8.roa (raw, json)
Hash identifier: /kNbb8uwFmavhVRKhBgSWNwCD+mqLxIaGsaAVpGTsvc=
Subject key identifier: 03:F1:95:A3:DE:CB:FD:B0:DB:E3:D6:B0:B2:3D:DE:55:7A:39:51:0F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189D4E1189B8B8C34BCF4BEE9A38584E02D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A_GVo97L_bDb49awsj3eVXo5UQ8.roa
Signing time: Tue 08 Aug 2023 11:21:08 +0000
ROA not before: Tue 08 Aug 2023 11:21:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147291
IP address blocks: 89.213.135.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.138.0/24 maxlen: 24
89.213.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d4:e1:18:9b:8b:8c:34:bc:f4:be:e9:a3:85:84:e0:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 8 11:21:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=03f195a3decbfdb0dbe3d6b0b23dde557a39510f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:de:33:0b:78:b5:56:24:f3:08:81:55:e2:90:
40:5f:73:87:c3:80:6a:c1:31:34:30:06:8c:79:be:
ba:37:46:32:5c:2a:18:f2:0a:da:da:9d:cb:ad:64:
f5:c2:07:a0:b1:ce:eb:a8:84:a4:54:07:38:fd:31:
2b:35:8f:1e:76:18:ad:de:96:9a:1f:c6:e4:4b:db:
17:08:e8:eb:9f:34:70:92:ca:f9:a0:82:e5:9e:d6:
61:7a:e7:1e:35:10:16:c3:e5:99:c4:ac:9d:5c:77:
59:ce:d5:53:c0:1c:f9:67:11:78:35:c9:2c:dd:ee:
96:8a:4f:d9:0f:9a:1c:6c:4f:97:90:54:fe:1e:ed:
17:5e:72:db:82:94:04:21:32:67:7d:ee:fb:97:4e:
19:91:14:96:a6:2a:9d:5e:d4:c0:d4:fd:e8:1c:8f:
2b:a1:21:ee:2e:bd:92:c4:cb:3d:6f:89:35:2d:23:
1c:a7:89:98:ca:fa:6a:22:bb:12:e9:06:33:3a:65:
09:68:4c:a4:65:04:f7:4d:08:65:c1:fb:1f:1d:55:
2f:49:fe:23:d8:c6:3f:c3:6d:1d:91:51:26:d5:36:
3f:46:c9:aa:2d:4b:2e:b6:b5:76:b7:79:b4:73:4c:
ca:de:78:4c:de:8f:74:50:62:cc:6a:7a:b2:57:a4:
3d:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F1:95:A3:DE:CB:FD:B0:DB:E3:D6:B0:B2:3D:DE:55:7A:39:51:0F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A_GVo97L_bDb49awsj3eVXo5UQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.133.0-89.213.135.255
89.213.137.0-89.213.138.255
Signature Algorithm: sha256WithRSAEncryption
2c:51:71:b3:3b:27:7f:ce:56:27:41:bc:ed:9c:6a:1c:6e:ed:
45:d1:db:c9:79:51:39:29:cb:a0:e0:4d:e4:20:b6:2f:7f:7c:
7c:5b:53:b0:3b:4a:6a:3c:19:eb:9e:5a:91:81:b5:9a:a1:e1:
df:03:d9:dd:a3:63:f2:c1:14:cf:13:3e:34:45:a3:17:5b:63:
4b:a7:8b:b9:60:e9:56:2f:bd:e4:93:a9:6a:0e:e2:57:c0:95:
dc:74:0b:8a:4b:ea:25:ed:cc:42:b6:59:87:60:0b:37:bf:45:
96:83:c5:ef:09:46:f7:dc:38:cc:af:10:b5:b9:17:25:9d:b6:
a7:3a:4b:7c:8a:88:50:dd:a6:2e:8e:08:c2:05:71:39:89:75:
1c:00:bc:26:5e:2c:64:f1:4d:c5:01:4b:6d:3c:72:87:20:65:
8d:55:57:ea:5f:d1:79:a1:f7:d6:0f:0d:90:49:bd:f7:83:75:
4c:e8:9d:5f:ea:22:9d:90:45:5e:cf:47:27:22:86:de:f9:c9:
5c:6c:c8:9e:5a:07:da:34:3c:84:cc:5c:12:ab:37:e1:0e:0c:
98:b3:68:97:af:48:a2:c9:0c:c6:61:4d:87:47:fc:4d:08:f0:
52:39:8e:6e:5a:57:27:22:ec:2a:e9:90:de:98:99:7d:49:49:
91:c3:e8:c5
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYnU4Ribi4w0vPS+6aOFhOAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA4MTEyMTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2YxOTVhM2RlY2JmZGIwZGJlM2Q2YjBiMjNkZGU1NTdhMzk1MTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt4zC3i1ViTzCIFV4pBAX3OHw4Bq
wTE0MAaMeb66N0YyXCoY8gra2p3LrWT1wgegsc7rqISkVAc4/TErNY8edhit3paa
H8bkS9sXCOjrnzRwksr5oILlntZheuceNRAWw+WZxKydXHdZztVTwBz5ZxF4Ncks
3e6Wik/ZD5ocbE+XkFT+Hu0XXnLbgpQEITJnfe77l04ZkRSWpiqdXtTA1P3oHI8r
oSHuLr2SxMs9b4k1LSMcp4mYyvpqIrsS6QYzOmUJaEykZQT3TQhlwfsfHVUvSf4j
2MY/w20dkVEm1TY/RsmqLUsutrV2t3m0c0zK3nhM3o90UGLManqyV6Q9PwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAPxlaPey/2w2+PWsLI93lV6OVEPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQV9HVm85N0xfYkRiNDlhd3NqM2VWWG81VVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABZ1YUD
BANZ1YAwDAMEAFnViQMEAFnVijANBgkqhkiG9w0BAQsFAAOCAQEALFFxszsnf85W
J0G87ZxqHG7tRdHbyXlROSnLoOBN5CC2L398fFtTsDtKajwZ655akYG1mqHh3wPZ
3aNj8sEUzxM+NEWjF1tjS6eLuWDpVi+95JOpag7iV8CV3HQLikvqJe3MQrZZh2AL
N79FloPF7wlG99w4zK8QtbkXJZ22pzpLfIqIUN2mLo4IwgVxOYl1HAC8Jl4sZPFN
xQFLbTxyhyBljVVX6l/ReaH31g8NkEm994N1TOidX+oinZBFXs9HJyKG3vnJXGzI
nloH2jQ8hMxcEqs34Q4MmLNol69IoskMxmFNh0f8TQjwUjmOblpXJyLsKumQ3piZ
fUlJkcPoxQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:34:56 2025 by rpki-client