Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ETcfEYxA6TWuCGnGFZ-9GNevmnE.roa
File: ETcfEYxA6TWuCGnGFZ-9GNevmnE.roa (raw, json)
Hash identifier: mglffNjHiI45Ysvb/RBY24FLxiA1I2XpZ6hPozMCHxo=
Subject key identifier: 11:37:1F:11:8C:40:E9:35:AE:08:69:C6:15:9F:BD:18:D7:AF:9A:71
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189D09E8B871FC925414777BA49223199E0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ETcfEYxA6TWuCGnGFZ-9GNevmnE.roa
Signing time: Mon 07 Aug 2023 15:29:58 +0000
ROA not before: Mon 07 Aug 2023 15:29:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147291
IP address blocks: 89.213.135.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.138.0/24 maxlen: 24
89.213.137.0/24 maxlen: 24
89.213.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:d0:9e:8b:87:1f:c9:25:41:47:77:ba:49:22:31:99:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 7 15:29:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11371f118c40e935ae0869c6159fbd18d7af9a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ff:3b:77:23:62:5c:a4:f7:50:2c:6a:98:c9:
8b:7b:ef:5f:48:3b:59:c4:fe:c4:b1:20:46:68:a1:
ad:ca:eb:26:55:40:8e:a7:b9:f6:03:6b:42:9c:10:
c3:6b:45:03:5f:c2:63:8d:a7:1d:3e:27:f0:95:44:
c3:a7:0d:f1:de:47:80:a6:80:26:03:a0:2e:02:95:
05:9d:55:d2:db:96:79:4f:c0:7f:b1:93:bf:41:35:
cd:27:db:56:c3:3d:ac:f4:52:f5:1d:b2:c0:d2:ab:
48:27:46:01:10:fb:ad:56:a4:9e:a4:c1:e3:b6:69:
e7:7d:89:60:2e:9e:65:fb:75:98:a6:a6:d3:3b:80:
0d:b6:d7:d4:6d:33:ad:29:e6:38:6c:c7:cf:31:dc:
6b:53:a2:e0:1e:ee:74:42:f1:dc:a9:c7:f1:71:01:
0d:99:fe:c1:9d:86:c5:40:86:2f:50:ce:41:07:42:
0d:75:2b:25:3b:60:9d:da:dc:77:e2:22:5f:92:81:
16:31:1a:02:e6:90:78:ca:ac:e3:29:03:68:b7:6c:
39:9c:f5:d2:4b:71:44:6a:3d:c4:65:d9:17:45:11:
6e:eb:ea:b4:54:0c:cc:2c:44:2d:04:cd:6e:ea:04:
82:f8:a3:94:fd:b2:72:49:a3:d7:b6:83:9c:8f:53:
1e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:37:1F:11:8C:40:E9:35:AE:08:69:C6:15:9F:BD:18:D7:AF:9A:71
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ETcfEYxA6TWuCGnGFZ-9GNevmnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.133.0-89.213.135.255
89.213.137.0-89.213.138.255
89.213.153.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:b8:59:02:0c:31:62:d0:85:19:ca:e4:62:5f:fd:10:5c:15:
3b:3a:a3:b1:06:81:f0:68:03:21:88:b9:da:53:03:63:b1:2f:
f8:18:7e:7d:de:83:c2:6b:e3:0a:c7:7c:7a:e1:90:07:c0:da:
66:8e:b3:1f:74:28:01:77:40:14:f1:e0:66:e0:5b:4c:b3:90:
d7:c5:f8:2b:d5:21:68:1b:f7:1e:87:e1:0e:af:dd:b1:4d:61:
bb:29:a8:87:fb:92:59:3e:7d:67:b5:39:f6:c7:7e:aa:bc:34:
b5:6d:93:76:00:27:ea:78:cb:fc:01:5d:fe:12:b8:05:05:01:
5c:36:9e:9c:0b:5d:1e:3c:a4:3c:bc:ad:15:96:8b:49:da:c3:
6e:15:0b:4f:fa:14:ff:21:f8:be:f5:fc:66:fc:30:2b:5a:63:
1d:84:3d:63:ef:d5:10:b4:bb:ec:d2:68:80:93:c5:10:80:7f:
b0:46:90:3d:b7:20:97:4d:26:25:91:a4:b9:20:c0:9f:e0:03:
71:a9:61:9f:ec:3a:d9:e4:be:29:25:1c:12:ca:77:4d:dd:91:
7d:71:bb:45:3a:25:fd:04:d6:ed:16:ec:7b:bb:62:18:08:5e:
71:f5:ce:5f:45:36:d3:9b:66:fc:27:05:d7:29:ee:68:a8:8b:
0f:92:6c:46
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYnQnouHH8klQUd3ukkiMZngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODA3MTUyOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTM3MWYxMThjNDBlOTM1YWUwODY5YzYxNTlmYmQxOGQ3YWY5YTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP87dyNiXKT3UCxqmMmLe+9fSDtZ
xP7EsSBGaKGtyusmVUCOp7n2A2tCnBDDa0UDX8JjjacdPifwlUTDpw3x3keApoAm
A6AuApUFnVXS25Z5T8B/sZO/QTXNJ9tWwz2s9FL1HbLA0qtIJ0YBEPutVqSepMHj
tmnnfYlgLp5l+3WYpqbTO4ANttfUbTOtKeY4bMfPMdxrU6LgHu50QvHcqcfxcQEN
mf7BnYbFQIYvUM5BB0INdSslO2Cd2tx34iJfkoEWMRoC5pB4yqzjKQNot2w5nPXS
S3FEaj3EZdkXRRFu6+q0VAzMLEQtBM1u6gSC+KOU/bJySaPXtoOcj1MerQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBE3HxGMQOk1rghpxhWfvRjXr5pxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRVRjZkVZeEE2VFd1Q0duR0ZaLTlHTmV2bW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBABZ1YUD
BANZ1YAwDAMEAFnViQMEAFnVigMEAFnVmTANBgkqhkiG9w0BAQsFAAOCAQEAbrhZ
AgwxYtCFGcrkYl/9EFwVOzqjsQaB8GgDIYi52lMDY7Ev+Bh+fd6DwmvjCsd8euGQ
B8DaZo6zH3QoAXdAFPHgZuBbTLOQ18X4K9UhaBv3HofhDq/dsU1huymoh/uSWT59
Z7U59sd+qrw0tW2TdgAn6njL/AFd/hK4BQUBXDaenAtdHjykPLytFZaLSdrDbhUL
T/oU/yH4vvX8ZvwwK1pjHYQ9Y+/VELS77NJogJPFEIB/sEaQPbcgl00mJZGkuSDA
n+ADcalhn+w62eS+KSUcEsp3Td2RfXG7RTol/QTW7Rbse7tiGAhecfXOX0U205tm
/CcF1ynuaKiLD5JsRg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:06 2025 by rpki-client