Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BR0ILZVWwmFmVi6ezCKYCpKEuAs.roa
File: BR0ILZVWwmFmVi6ezCKYCpKEuAs.roa (raw, json)
Hash identifier: Jpxm+Wx3JzKfhcsWvLFWu6w/JbkFFzVMjcnL0EYe1cc=
Subject key identifier: 05:1D:08:2D:95:56:C2:61:66:56:2E:9E:CC:22:98:0A:92:84:B8:0B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01892C10C3EEE241BDCD8064BC63B875FB39
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BR0ILZVWwmFmVi6ezCKYCpKEuAs.roa
Signing time: Thu 06 Jul 2023 16:37:23 +0000
ROA not before: Thu 06 Jul 2023 16:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147291
IP address blocks: 89.213.5.0/24 maxlen: 24
89.213.135.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.138.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2c:10:c3:ee:e2:41:bd:cd:80:64:bc:63:b8:75:fb:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 6 16:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=051d082d9556c26166562e9ecc22980a9284b80b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e9:80:70:38:c1:d0:c3:de:63:6d:de:da:0b:
13:b6:f1:77:08:be:90:15:1d:af:fb:15:46:88:9e:
af:d8:4d:46:30:d2:b9:0e:06:ca:b6:63:ac:29:c0:
bd:8a:86:78:a6:c4:0b:a6:2a:14:9c:9c:f5:50:fb:
e8:14:6b:b4:78:84:78:8c:34:ea:3e:f6:da:03:6a:
f8:1c:ec:1f:ba:6e:df:0b:55:80:e5:8b:a0:f9:20:
01:17:f5:dc:8f:57:60:73:bc:64:8f:69:5f:9d:cf:
8b:7c:84:1e:62:5f:be:fd:08:78:1c:e5:9e:15:1a:
d5:b8:d6:47:42:b9:0a:b8:88:57:f8:34:51:45:5b:
b6:64:2b:ea:8a:5e:96:a4:b2:20:6e:56:1f:06:46:
d5:d2:c6:ac:53:78:2e:0f:18:76:29:6f:52:78:ca:
55:23:89:9b:b9:02:13:49:5c:66:7e:fc:ed:3e:28:
cd:d0:aa:fc:f8:a1:51:35:d8:37:0d:14:2c:01:10:
78:86:1d:1c:70:31:39:07:a5:be:5d:cd:54:b9:6c:
8b:e8:55:22:b9:5a:92:1e:56:b5:db:4f:51:63:6b:
c4:7d:e8:b6:1f:03:7c:8e:a1:eb:37:a2:c3:11:9b:
c4:c0:af:59:0c:df:7a:66:82:38:e4:a6:31:48:e6:
bc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:1D:08:2D:95:56:C2:61:66:56:2E:9E:CC:22:98:0A:92:84:B8:0B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BR0ILZVWwmFmVi6ezCKYCpKEuAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.5.0/24
89.213.133.0-89.213.139.255
Signature Algorithm: sha256WithRSAEncryption
ad:c2:d8:cf:be:62:39:0c:5c:96:ac:ce:a0:ae:4f:c6:ba:4c:
3d:d5:6f:cf:b4:b0:98:b2:4a:b0:0b:41:c4:77:7e:20:13:bb:
57:64:09:e5:5f:39:5e:79:d3:c2:8f:52:1c:1e:cf:eb:9a:ff:
86:83:e9:22:47:aa:22:55:05:b4:93:ea:f6:d7:53:d7:ce:eb:
39:49:e1:50:a6:40:47:c7:29:7b:47:06:63:0c:ee:57:41:f5:
af:92:02:e6:5c:f0:9b:db:e6:46:b5:3f:60:d5:99:bf:10:ae:
27:ca:20:f1:3b:2a:6c:4b:4c:fc:76:e9:a0:38:c8:cf:b7:ed:
f7:4a:e8:e9:bf:b8:b2:e9:f0:18:9c:74:7c:60:2b:b0:9d:a7:
92:a9:7c:91:0d:b7:a5:be:ad:03:f9:d2:29:7e:9b:2b:aa:2b:
92:ed:c8:b9:b7:6b:40:a1:7a:20:29:4d:b3:59:05:5c:37:0b:
18:69:e8:02:86:7a:64:a3:b8:dd:07:c5:4a:49:eb:fd:0a:0a:
8c:03:f3:b4:65:5e:51:4f:b2:15:31:d7:0c:d0:6e:9d:28:c7:
63:ec:bc:76:6e:35:09:cb:66:cd:87:47:9b:40:0c:58:46:0f:
f4:a4:ec:62:72:4b:4f:c0:5d:ec:dc:24:af:a2:3e:b2:68:5c:
8c:bc:23:90
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYksEMPu4kG9zYBkvGO4dfs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzA2MTYzNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTFkMDgyZDk1NTZjMjYxNjY1NjJlOWVjYzIyOTgwYTkyODRiODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOmAcDjB0MPeY23e2gsTtvF3CL6Q
FR2v+xVGiJ6v2E1GMNK5DgbKtmOsKcC9ioZ4psQLpioUnJz1UPvoFGu0eIR4jDTq
PvbaA2r4HOwfum7fC1WA5Yug+SABF/Xcj1dgc7xkj2lfnc+LfIQeYl++/Qh4HOWe
FRrVuNZHQrkKuIhX+DRRRVu2ZCvqil6WpLIgblYfBkbV0sasU3guDxh2KW9SeMpV
I4mbuQITSVxmfvztPijN0Kr8+KFRNdg3DRQsARB4hh0ccDE5B6W+Xc1UuWyL6FUi
uVqSHla1209RY2vEfei2HwN8jqHrN6LDEZvEwK9ZDN96ZoI45KYxSOa8QQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAUdCC2VVsJhZlYunswimAqShLgLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQlIwSUxaVld3bUZtVmk2ZXpDS1lDcEtFdUFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWdUFMAwD
BABZ1YUDBAJZ1YgwDQYJKoZIhvcNAQELBQADggEBAK3C2M++YjkMXJaszqCuT8a6
TD3Vb8+0sJiySrALQcR3fiATu1dkCeVfOV5508KPUhwez+ua/4aD6SJHqiJVBbST
6vbXU9fO6zlJ4VCmQEfHKXtHBmMM7ldB9a+SAuZc8Jvb5ka1P2DVmb8QrifKIPE7
KmxLTPx26aA4yM+37fdK6Om/uLLp8BicdHxgK7Cdp5KpfJENt6W+rQP50il+myuq
K5LtyLm3a0CheiApTbNZBVw3Cxhp6AKGemSjuN0HxUpJ6/0KCowD87RlXlFPshUx
1wzQbp0ox2PsvHZuNQnLZs2HR5tADFhGD/Sk7GJyS0/AXezcJK+iPrJoXIy8I5A=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:12 2025 by rpki-client