Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/R1q0Qf63ml-3YXKN4TK-nZPVWNs.roa
File: R1q0Qf63ml-3YXKN4TK-nZPVWNs.roa (raw, json)
Hash identifier: 4WgVYEeWgLeS5oOu9DKS6PUbE64n+mA2F0HU3KAG0OM=
Subject key identifier: 47:5A:B4:41:FE:B7:9A:5F:B7:61:72:8D:E1:32:BE:9D:93:D5:58:DB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018C91B8D524654FD71342E3FE50B7C049D5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/R1q0Qf63ml-3YXKN4TK-nZPVWNs.roa
Signing time: Fri 22 Dec 2023 13:30:58 +0000
ROA not before: Fri 22 Dec 2023 13:30:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 23470
IP address blocks: 89.213.173.0/24 maxlen: 24
89.213.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:b8:d5:24:65:4f:d7:13:42:e3:fe:50:b7:c0:49:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 22 13:30:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=475ab441feb79a5fb761728de132be9d93d558db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:77:2f:59:c6:d2:68:d5:02:52:b8:5f:44:66:
cb:4d:81:9d:bb:a1:47:45:7e:00:0a:c5:e9:6e:4f:
3e:40:f7:dd:2a:4a:bd:ed:a2:ee:6d:5c:7f:54:5f:
a5:d3:a8:02:28:24:80:96:dd:69:f7:75:a6:1b:26:
b7:c1:3a:78:8a:f5:72:de:15:ad:81:e0:18:5d:2b:
73:a7:fd:f7:ae:f2:67:ae:75:f3:d5:77:e8:51:26:
23:9f:ea:ea:ac:a4:c7:40:d0:56:a0:42:cc:db:67:
83:61:e2:3e:0d:a9:a9:ee:30:15:a6:0d:e2:3d:aa:
01:64:2c:e1:98:c9:12:c0:ce:03:29:13:48:fb:c9:
7e:bc:07:e2:e9:bc:6d:79:de:78:97:0a:c4:09:49:
28:54:bc:af:3a:93:06:15:58:2c:7f:a4:1f:0c:cd:
af:e5:50:a4:2a:84:7f:4e:95:f5:dd:5b:5a:66:aa:
4b:eb:b8:43:e4:db:3b:56:39:2d:14:80:e6:b7:0a:
5c:31:53:aa:91:d0:1d:9a:35:4d:0e:a4:b1:e7:c1:
af:87:1a:1d:67:65:2b:ca:6c:ff:0c:68:9b:72:e6:
83:99:bc:6b:d6:81:2f:5b:60:18:ac:bf:16:84:87:
d8:f3:37:71:e3:60:0a:c6:3c:b4:86:7b:54:e5:19:
19:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:5A:B4:41:FE:B7:9A:5F:B7:61:72:8D:E1:32:BE:9D:93:D5:58:DB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/R1q0Qf63ml-3YXKN4TK-nZPVWNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.172.0/23
Signature Algorithm: sha256WithRSAEncryption
29:12:d3:54:5e:e1:e2:9e:bb:df:dc:8f:ec:dc:06:00:a4:c8:
ec:83:86:ee:67:cc:82:68:18:02:9d:c3:39:33:72:b4:5f:0d:
75:1b:07:d5:6a:bf:37:6a:bd:e0:5f:ae:70:a7:d1:56:2b:57:
f5:61:98:fa:fd:d8:f7:c7:30:69:2a:d5:12:d1:9f:a9:1a:20:
23:71:da:e1:be:36:09:05:2a:1f:dc:a2:57:b3:78:51:84:d3:
fb:de:ad:22:63:82:d1:54:80:38:e9:4a:23:17:77:b3:9e:94:
7a:77:ca:72:f7:20:c3:a5:aa:92:a2:13:4b:49:8a:54:56:f3:
04:e4:eb:48:94:61:af:e6:66:d2:b4:51:c6:b6:c4:90:5d:d7:
d8:bb:8b:9e:f3:bc:43:3c:d5:b2:2c:4a:8c:c3:b7:da:71:35:
f8:d2:d3:88:b9:b5:6a:39:f1:0b:2e:d6:db:fc:25:0b:c8:f3:
1c:82:ce:e5:ee:9b:21:a1:db:67:b0:28:2f:bc:01:7c:1c:53:
8d:a8:74:47:c6:1f:ad:58:97:37:af:54:4b:df:11:b4:ab:12:
ec:f9:29:d5:87:f4:6c:d5:84:13:eb:d5:dd:ca:92:60:eb:22:
ea:ec:75:44:e1:a0:f3:eb:60:09:a6:0b:79:51:f4:80:9c:67:
2e:ca:4c:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyRuNUkZU/XE0Lj/lC3wEnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjIyMTMzMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzVhYjQ0MWZlYjc5YTVmYjc2MTcyOGRlMTMyYmU5ZDkzZDU1OGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXcvWcbSaNUCUrhfRGbLTYGdu6FH
RX4ACsXpbk8+QPfdKkq97aLubVx/VF+l06gCKCSAlt1p93WmGya3wTp4ivVy3hWt
geAYXStzp/33rvJnrnXz1XfoUSYjn+rqrKTHQNBWoELM22eDYeI+Damp7jAVpg3i
PaoBZCzhmMkSwM4DKRNI+8l+vAfi6bxted54lwrECUkoVLyvOpMGFVgsf6QfDM2v
5VCkKoR/TpX13VtaZqpL67hD5Ns7VjktFIDmtwpcMVOqkdAdmjVNDqSx58Gvhxod
Z2Urymz/DGibcuaDmbxr1oEvW2AYrL8WhIfY8zdx42AKxjy0hntU5RkZOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdatEH+t5pft2FyjeEyvp2T1VjbMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUjFxMFFmNjNtbC0zWVhLTjRUSy1uWlBWV05zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWdWsMA0G
CSqGSIb3DQEBCwUAA4IBAQApEtNUXuHinrvf3I/s3AYApMjsg4buZ8yCaBgCncM5
M3K0Xw11GwfVar83ar3gX65wp9FWK1f1YZj6/dj3xzBpKtUS0Z+pGiAjcdrhvjYJ
BSof3KJXs3hRhNP73q0iY4LRVIA46UojF3eznpR6d8py9yDDpaqSohNLSYpUVvME
5OtIlGGv5mbStFHGtsSQXdfYu4ue87xDPNWyLEqMw7facTX40tOIubVqOfELLtbb
/CULyPMcgs7l7pshodtnsCgvvAF8HFONqHRHxh+tWJc3r1RL3xG0qxLs+SnVh/Rs
1YQT69XdypJg6yLq7HVE4aDz62AJpgt5UfSAnGcuykzR
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:19:48 2025 by rpki-client