Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Gz9YjkKxZB5YKxWGK9uq8jBdyR4.roa
File: Gz9YjkKxZB5YKxWGK9uq8jBdyR4.roa (raw, json)
Hash identifier: chI7SEeJYCF2ykRYX1b4xZnd/56PWbJgY1+OiTiJW3M=
Subject key identifier: 1B:3F:58:8E:42:B1:64:1E:58:2B:15:86:2B:DB:AA:F2:30:5D:C9:1E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01890CE89A5F3DDAE70DADAC0495815B88BA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Gz9YjkKxZB5YKxWGK9uq8jBdyR4.roa
Signing time: Fri 30 Jun 2023 15:25:17 +0000
ROA not before: Fri 30 Jun 2023 15:25:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35409
IP address blocks: 89.213.140.0/24 maxlen: 24
109.176.240.0/24 maxlen: 24
109.176.241.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0c:e8:9a:5f:3d:da:e7:0d:ad:ac:04:95:81:5b:88:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 15:25:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1b3f588e42b1641e582b15862bdbaaf2305dc91e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:01:38:ba:6d:e3:4f:32:73:97:25:b1:d9:2b:
0f:78:d4:7e:9a:ef:bd:de:ac:f3:f2:79:b6:29:93:
f3:d9:c9:f6:f8:1a:2f:69:36:17:58:6b:c4:0b:01:
82:3a:78:a8:de:40:fa:2c:04:9a:84:b6:dd:3f:9d:
c4:a5:20:9f:a5:a5:08:d1:c7:67:20:f7:19:e6:dc:
0c:d0:c5:e7:af:68:21:d2:fd:6a:0d:b9:9d:2e:b3:
84:0d:7c:58:fa:ac:cf:84:d5:96:55:c8:95:bd:dc:
d0:e6:03:e2:f2:a6:98:7e:0f:27:d0:f7:11:cf:64:
e7:39:bb:3d:ad:22:52:03:43:c2:65:07:75:dd:e0:
7e:d2:2e:86:2f:d2:f2:ba:ab:b1:d8:e7:6a:24:86:
df:da:57:6a:19:fb:28:12:6d:d6:92:a8:e1:05:2e:
52:dc:13:e3:2d:6f:cb:6d:ee:20:cc:2b:c5:13:7e:
d3:2b:97:5b:0f:40:82:f3:8e:29:a8:b3:b8:a5:89:
54:c4:f4:42:ba:75:17:62:4a:29:34:a5:d2:01:89:
0d:11:83:53:3e:8e:ca:d6:39:4a:b4:f8:47:f0:28:
aa:06:68:02:15:ab:14:6f:51:9d:6b:c4:46:22:81:
1e:be:23:ad:36:bc:59:c2:8a:a6:c4:c9:95:30:1d:
69:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:3F:58:8E:42:B1:64:1E:58:2B:15:86:2B:DB:AA:F2:30:5D:C9:1E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Gz9YjkKxZB5YKxWGK9uq8jBdyR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.140.0/24
109.176.240.0-109.176.242.255
Signature Algorithm: sha256WithRSAEncryption
16:e5:4f:40:9e:ce:a5:60:bd:81:cd:84:92:bd:bf:ac:48:35:
cf:de:f2:71:7b:63:ad:4b:58:78:a7:e9:58:2f:ab:35:32:ee:
f8:4e:ee:4c:ff:70:50:95:01:98:3f:74:e9:48:0c:c3:96:84:
cb:e7:35:bb:70:ad:2b:e6:50:ad:17:60:e6:4f:6a:e2:7b:18:
32:49:7b:b0:d2:ea:7a:6b:83:98:72:75:cc:d2:bd:6c:5b:8f:
f2:7c:b6:a5:c1:f8:93:4b:d4:1a:c0:d1:8f:dc:2a:17:81:ed:
d2:89:b2:64:15:e4:a4:cc:b9:96:dc:b9:52:59:66:36:87:1e:
ea:5b:64:b1:44:60:0f:8e:3c:39:c7:ee:85:4a:74:e3:27:9a:
ba:c9:16:e8:0b:ab:63:b2:bc:88:19:7e:10:10:33:59:f0:b9:
a7:99:37:e2:4a:fe:4b:85:46:ed:0a:2f:2c:33:60:22:85:80:
e3:f1:96:be:8d:ba:db:78:ef:41:d2:51:43:fa:aa:99:72:20:
02:e0:1e:42:73:a5:c7:e9:19:7d:15:11:a3:12:7d:cc:ef:ac:
e6:27:ad:ec:c7:d7:cf:d0:39:8b:78:22:8f:3c:53:b1:a7:cd:
cd:a1:c1:b8:94:81:82:d3:41:90:41:9b:90:48:2f:3f:00:9c:
00:49:f8:c9
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYkM6JpfPdrnDa2sBJWBW4i6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjMwMTUyNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjNmNTg4ZTQyYjE2NDFlNTgyYjE1ODYyYmRiYWFmMjMwNWRjOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwE4um3jTzJzlyWx2SsPeNR+mu+9
3qzz8nm2KZPz2cn2+BovaTYXWGvECwGCOnio3kD6LASahLbdP53EpSCfpaUI0cdn
IPcZ5twM0MXnr2gh0v1qDbmdLrOEDXxY+qzPhNWWVciVvdzQ5gPi8qaYfg8n0PcR
z2TnObs9rSJSA0PCZQd13eB+0i6GL9Lyuqux2OdqJIbf2ldqGfsoEm3WkqjhBS5S
3BPjLW/Lbe4gzCvFE37TK5dbD0CC844pqLO4pYlUxPRCunUXYkopNKXSAYkNEYNT
Po7K1jlKtPhH8CiqBmgCFasUb1Gda8RGIoEeviOtNrxZwoqmxMmVMB1pRwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBs/WI5CsWQeWCsVhivbqvIwXckeMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvR3o5WWprS3haQjVZS3hXR0s5dXE4akJkeVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWdWMMAwD
BARtsPADBABtsPIwDQYJKoZIhvcNAQELBQADggEBABblT0CezqVgvYHNhJK9v6xI
Nc/e8nF7Y61LWHin6VgvqzUy7vhO7kz/cFCVAZg/dOlIDMOWhMvnNbtwrSvmUK0X
YOZPauJ7GDJJe7DS6nprg5hydczSvWxbj/J8tqXB+JNL1BrA0Y/cKheB7dKJsmQV
5KTMuZbcuVJZZjaHHupbZLFEYA+OPDnH7oVKdOMnmrrJFugLq2OyvIgZfhAQM1nw
uaeZN+JK/kuFRu0KLywzYCKFgOPxlr6Nutt470HSUUP6qplyIALgHkJzpcfpGX0V
EaMSfczvrOYnrezH18/QOYt4Io88U7Gnzc2hwbiUgYLTQZBBm5BILz8AnABJ+Mk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:26:09 2025 by rpki-client