Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M9FNTSUyJ-N3PJnhThQv4qEBF1g.roa
File: M9FNTSUyJ-N3PJnhThQv4qEBF1g.roa (raw, json)
Hash identifier: Gu1Hwlbh57XR39yd4nllfVCEfqnPyZT+9/mzOPpTfhM=
Subject key identifier: 33:D1:4D:4D:25:32:27:E3:77:3C:99:E1:4E:14:2F:E2:A1:01:17:58
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018B60D5CB0D6D03D0A0E545089EAD5539A7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M9FNTSUyJ-N3PJnhThQv4qEBF1g.roa
Signing time: Tue 24 Oct 2023 08:38:25 +0000
ROA not before: Tue 24 Oct 2023 08:38:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396982
IP address blocks: 89.213.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:60:d5:cb:0d:6d:03:d0:a0:e5:45:08:9e:ad:55:39:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 24 08:38:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=33d14d4d253227e3773c99e14e142fe2a1011758
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:89:c5:17:82:53:89:3c:63:49:46:f2:3f:f4:
1d:3c:cb:80:3a:e6:87:4d:4b:c8:ad:50:4f:0a:63:
99:b4:ac:ea:f2:95:df:37:fe:c8:71:9e:e1:74:15:
b2:84:a1:47:b8:b4:d5:2e:0d:de:8e:57:4a:c7:66:
f6:28:49:8b:44:f3:27:99:3a:60:d8:83:b1:94:29:
4f:59:40:fe:ed:a5:d8:d2:98:a2:a2:86:2d:90:20:
57:9b:83:fc:d2:b0:8d:36:81:0f:70:2a:ea:cd:63:
04:c3:f5:8a:23:63:83:fc:40:54:81:99:4e:dc:fa:
26:56:c3:41:fe:61:75:94:3b:d3:94:d9:29:3f:07:
97:54:ba:20:f2:4a:e0:7b:d3:67:e8:bf:0f:c4:86:
4a:74:0a:1c:75:cc:25:20:4d:8e:f6:49:b2:eb:ef:
e6:f1:15:79:e4:c1:5f:d0:d2:69:ed:7c:0d:c6:93:
ac:3b:05:98:37:f2:3d:d6:dc:09:38:8f:4d:1e:5b:
dc:49:bf:cc:07:f1:29:48:3c:c3:e7:e2:30:c7:f5:
c4:13:39:d7:ed:cf:41:b6:77:73:c1:8a:b5:97:f6:
39:9e:3d:88:65:52:53:1b:20:2a:7e:c3:f3:1f:75:
fb:37:98:ee:11:31:49:e3:90:21:68:c2:24:89:be:
0e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D1:4D:4D:25:32:27:E3:77:3C:99:E1:4E:14:2F:E2:A1:01:17:58
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/M9FNTSUyJ-N3PJnhThQv4qEBF1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.152.0/24
Signature Algorithm: sha256WithRSAEncryption
76:69:0a:6d:d4:16:23:57:aa:9e:65:5e:fd:39:b8:7c:1b:13:
cb:61:1b:62:98:cd:b6:e6:11:f8:db:b0:95:40:1d:0d:d0:eb:
1f:17:1a:17:5a:7d:5d:21:78:82:5d:f0:86:2e:29:48:29:2c:
67:6e:85:86:5c:6c:b9:ba:01:c3:0c:d0:54:58:f5:73:4e:85:
59:0b:4a:b8:95:bd:b7:17:7f:cb:1e:6e:ad:05:99:f2:22:71:
44:1a:2c:9a:b4:08:dd:41:9e:61:0f:3f:d4:a4:60:dd:3f:16:
54:84:fe:f6:d6:c7:d4:3d:13:00:bd:ce:2a:43:62:45:c4:b3:
3c:10:ba:a0:2f:8c:75:9e:fd:03:05:19:03:5e:83:7d:88:8a:
5c:3d:94:51:5f:16:be:9f:55:fa:86:95:37:de:05:53:35:b0:
5d:b9:1d:a2:34:39:04:b9:bd:0a:02:cd:99:d8:da:bc:6d:6c:
9a:6c:9f:37:d2:77:13:39:d3:69:0e:fb:11:66:4a:39:3b:04:
8b:79:58:15:24:21:f2:bf:23:8f:d9:b7:b0:dc:63:c0:96:58:
11:35:21:15:d0:74:83:62:a5:42:c5:7e:f5:d5:20:a9:f2:56:
ba:41:99:ba:77:66:b0:d8:2e:bc:94:c1:80:40:e7:b9:34:1c:
d8:af:c2:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtg1csNbQPQoOVFCJ6tVTmnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDI0MDgzODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QxNGQ0ZDI1MzIyN2UzNzczYzk5ZTE0ZTE0MmZlMmExMDExNzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhInFF4JTiTxjSUbyP/QdPMuAOuaH
TUvIrVBPCmOZtKzq8pXfN/7IcZ7hdBWyhKFHuLTVLg3ejldKx2b2KEmLRPMnmTpg
2IOxlClPWUD+7aXY0piiooYtkCBXm4P80rCNNoEPcCrqzWMEw/WKI2OD/EBUgZlO
3PomVsNB/mF1lDvTlNkpPweXVLog8krge9Nn6L8PxIZKdAocdcwlIE2O9kmy6+/m
8RV55MFf0NJp7XwNxpOsOwWYN/I91twJOI9NHlvcSb/MB/EpSDzD5+Iwx/XEEznX
7c9BtndzwYq1l/Y5nj2IZVJTGyAqfsPzH3X7N5juETFJ45AhaMIkib4ODQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDPRTU0lMifjdzyZ4U4UL+KhARdYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTTlGTlRTVXlKLU4zUEpuaFRoUXY0cUVCRjFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWYMA0G
CSqGSIb3DQEBCwUAA4IBAQB2aQpt1BYjV6qeZV79Obh8GxPLYRtimM225hH427CV
QB0N0OsfFxoXWn1dIXiCXfCGLilIKSxnboWGXGy5ugHDDNBUWPVzToVZC0q4lb23
F3/LHm6tBZnyInFEGiyatAjdQZ5hDz/UpGDdPxZUhP721sfUPRMAvc4qQ2JFxLM8
ELqgL4x1nv0DBRkDXoN9iIpcPZRRXxa+n1X6hpU33gVTNbBduR2iNDkEub0KAs2Z
2Nq8bWyabJ830ncTOdNpDvsRZko5OwSLeVgVJCHyvyOP2bew3GPAllgRNSEV0HSD
YqVCxX711SCp8la6QZm6d2aw2C68lMGAQOe5NBzYr8Kq
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:59 2025 by rpki-client