Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UrqtOgJuJgElCC5LAzWpkvV-RVE.roa
File: UrqtOgJuJgElCC5LAzWpkvV-RVE.roa (raw, json)
Hash identifier: wAFDD7e7LSDIcS0FdHo6vcKRLsvRN95Zh84mpJqiVPU=
Subject key identifier: 52:BA:AD:3A:02:6E:26:01:25:08:2E:4B:03:35:A9:92:F5:7E:45:51
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189B03BF583B2A1CF909CBF455958865FAA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UrqtOgJuJgElCC5LAzWpkvV-RVE.roa
Signing time: Tue 01 Aug 2023 08:34:26 +0000
ROA not before: Tue 01 Aug 2023 08:34:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 89.213.158.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b0:3b:f5:83:b2:a1:cf:90:9c:bf:45:59:58:86:5f:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 1 08:34:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52baad3a026e260125082e4b0335a992f57e4551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:a0:c5:c3:31:60:c1:0f:5e:92:3d:ef:b0:c5:
55:24:63:ea:bc:4f:c9:47:02:9e:6a:94:39:11:8f:
2f:10:ea:89:b4:d9:ab:ea:2d:61:2e:b9:39:27:6c:
86:e1:22:49:96:74:2a:31:14:01:5d:18:f7:a1:ae:
22:14:bf:28:2c:0a:ce:39:2c:89:cc:fb:4f:df:9b:
77:15:5b:a5:f4:8a:9a:43:fb:dc:70:5e:ba:51:97:
af:a2:23:ec:1a:83:33:da:f0:48:39:c3:5e:d0:75:
ff:0d:c7:aa:36:e7:d2:61:95:41:35:73:07:ed:5f:
98:25:ee:01:a1:41:fe:95:88:a0:aa:88:b2:43:ed:
c7:77:75:7b:ef:67:e2:c9:29:09:11:c5:3e:c6:d0:
a6:68:8f:29:9c:32:6d:e4:0d:d8:87:48:4b:63:59:
65:c1:5b:dc:ce:b5:91:33:5d:76:7f:8b:8b:92:11:
a5:10:4d:dd:fd:5a:8d:20:2e:33:88:0a:6a:c8:21:
a2:41:9c:be:7b:c5:2c:3c:db:16:7d:8f:6e:b6:bc:
f6:91:5a:28:c0:a2:5a:db:d7:d2:c9:31:6f:33:ba:
e8:fa:5c:71:97:f5:16:79:7a:52:0a:45:08:01:2e:
d7:fb:c8:9c:22:14:56:fd:c3:60:69:be:bd:91:05:
05:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:BA:AD:3A:02:6E:26:01:25:08:2E:4B:03:35:A9:92:F5:7E:45:51
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/UrqtOgJuJgElCC5LAzWpkvV-RVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.156.0-89.213.158.255
Signature Algorithm: sha256WithRSAEncryption
04:a2:76:fb:f0:40:34:e0:09:ba:94:86:35:c2:65:9d:55:8f:
46:1b:37:99:8c:b3:21:a5:65:fa:fb:8b:c8:0d:10:6d:88:1f:
39:ec:b5:44:70:50:94:b7:c5:20:9e:30:a6:83:0e:ce:af:fa:
1b:65:13:7e:6c:51:9c:10:c5:9b:90:76:f8:c6:07:40:16:af:
1e:32:1d:da:9e:a7:b5:54:81:83:a9:f4:33:41:f5:11:37:55:
7a:cf:b4:ad:59:b1:2f:c3:f1:a9:c1:05:48:8c:6f:31:8f:d2:
3b:96:7f:81:fe:6f:b5:e7:ee:cd:91:b7:4b:0a:e2:61:1a:61:
6f:c3:ad:39:4a:dc:d7:29:e0:68:53:ea:cc:20:e1:ae:5c:2a:
90:65:19:58:ce:8a:07:f8:ff:ce:2f:c4:14:1c:8c:ad:52:d6:
5f:1c:a7:ca:2b:1c:3a:f2:e1:07:e7:a2:df:34:49:fc:ab:4a:
5f:b3:fd:90:af:97:36:c0:51:d0:cc:6d:0e:03:57:c8:48:c0:
8d:d1:a8:4f:68:0d:7e:21:b6:2f:db:e7:3a:78:89:8c:c2:93:
0b:77:97:69:83:f8:16:c0:d9:6c:ea:4c:29:ac:10:d0:77:ac:
6e:8a:2c:93:3d:b9:c9:cd:ae:b4:38:c2:62:0d:75:05:c8:08:
5c:66:18:4e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYmwO/WDsqHPkJy/RVlYhl+qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwODAxMDgzNDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmJhYWQzYTAyNmUyNjAxMjUwODJlNGIwMzM1YTk5MmY1N2U0NTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6DFwzFgwQ9ekj3vsMVVJGPqvE/J
RwKeapQ5EY8vEOqJtNmr6i1hLrk5J2yG4SJJlnQqMRQBXRj3oa4iFL8oLArOOSyJ
zPtP35t3FVul9IqaQ/vccF66UZevoiPsGoMz2vBIOcNe0HX/DceqNufSYZVBNXMH
7V+YJe4BoUH+lYigqoiyQ+3Hd3V772fiySkJEcU+xtCmaI8pnDJt5A3Yh0hLY1ll
wVvczrWRM112f4uLkhGlEE3d/VqNIC4ziApqyCGiQZy+e8UsPNsWfY9utrz2kVoo
wKJa29fSyTFvM7ro+lxxl/UWeXpSCkUIAS7X+8icIhRW/cNgab69kQUFuQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFK6rToCbiYBJQguSwM1qZL1fkVRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVXJxdE9nSnVKZ0VsQ0M1TEF6V3BrdlYtUlZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZ1ZwD
BABZ1Z4wDQYJKoZIhvcNAQELBQADggEBAASidvvwQDTgCbqUhjXCZZ1Vj0YbN5mM
syGlZfr7i8gNEG2IHznstURwUJS3xSCeMKaDDs6v+htlE35sUZwQxZuQdvjGB0AW
rx4yHdqep7VUgYOp9DNB9RE3VXrPtK1ZsS/D8anBBUiMbzGP0juWf4H+b7Xn7s2R
t0sK4mEaYW/DrTlK3Ncp4GhT6swg4a5cKpBlGVjOigf4/84vxBQcjK1S1l8cp8or
HDry4Qfnot80SfyrSl+z/ZCvlzbAUdDMbQ4DV8hIwI3RqE9oDX4hti/b5zp4iYzC
kwt3l2mD+BbA2WzqTCmsENB3rG6KLJM9ucnNrrQ4wmINdQXICFxmGE4=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:12 2025 by rpki-client