Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xgn5H5apJhJ_VHAA5HHBBM90NME.roa
File: Xgn5H5apJhJ_VHAA5HHBBM90NME.roa (raw, json)
Hash identifier: 35j/mm+p5eH3JPICuWiVykjuc5AJPYbGnL0dXKfEggk=
Subject key identifier: 5E:09:F9:1F:96:A9:26:12:7F:54:70:00:E4:71:C1:04:CF:74:34:C1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018B41A531C6DCDC9EC25B429EF3A010A28F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xgn5H5apJhJ_VHAA5HHBBM90NME.roa
Signing time: Wed 18 Oct 2023 07:17:07 +0000
ROA not before: Wed 18 Oct 2023 07:17:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58955
IP address blocks: 89.213.177.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:41:a5:31:c6:dc:dc:9e:c2:5b:42:9e:f3:a0:10:a2:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 18 07:17:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e09f91f96a926127f547000e471c104cf7434c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2d:78:22:db:6a:d0:7d:4c:4b:e2:9e:38:15:
52:02:97:b4:d7:8c:b0:d0:25:d3:df:cd:69:1c:91:
58:8f:f4:7c:5c:99:ed:0f:6f:5e:ec:2b:61:db:51:
ae:62:81:9c:e6:84:3d:39:97:a8:ef:b7:51:cb:fe:
07:cf:ba:98:d7:22:f7:e1:bf:a7:20:3b:87:a9:20:
72:74:0d:91:d8:13:cc:62:95:e5:16:b7:51:56:82:
91:65:69:80:7d:b6:2c:9d:59:6a:e9:23:a9:1e:64:
c5:d7:0f:99:00:59:bb:82:b7:74:d2:95:a1:4d:f7:
a0:a2:eb:f8:34:19:a4:56:87:2a:47:c7:30:7b:59:
7d:a9:5b:25:0e:47:51:cc:4b:03:3e:02:9c:e0:37:
aa:cd:95:b2:3e:a0:e1:bf:d9:65:32:1c:ce:34:a4:
cb:04:25:94:67:ad:a4:71:e2:0f:1c:63:f1:c1:4e:
78:63:fe:19:30:42:31:eb:e2:4a:68:d3:d4:bb:37:
5f:81:87:5f:86:27:e0:63:83:d4:fd:cb:d3:05:0e:
cb:d9:7e:6e:df:bd:f2:f3:8c:fa:d5:a2:44:15:40:
13:a6:71:52:85:86:17:9d:95:8e:35:6c:39:5a:89:
83:18:a0:08:73:a3:dc:f1:d3:43:cc:93:4e:9a:b9:
50:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:09:F9:1F:96:A9:26:12:7F:54:70:00:E4:71:C1:04:CF:74:34:C1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xgn5H5apJhJ_VHAA5HHBBM90NME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.176.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:2b:ec:30:c2:a1:3c:f7:d3:0a:0f:4e:40:f4:af:c1:fb:9a:
10:fb:ee:c9:00:72:b2:2e:e1:09:34:2d:a5:05:b0:a5:2d:5e:
1f:90:d2:7e:93:f1:97:93:34:c2:59:2e:e1:7a:b0:f4:6a:23:
4b:a4:98:ec:f3:1d:2a:3f:a3:4c:31:c7:53:14:f0:a1:32:d8:
22:4c:fa:20:95:63:e9:84:37:39:b7:61:27:86:26:a8:bf:6e:
ce:83:89:ee:0a:df:a2:89:43:c9:b1:5a:0d:02:64:3f:e2:60:
6e:59:37:c5:5e:93:fb:5e:9e:47:5c:7c:a1:e7:18:a3:07:fb:
0f:9f:01:35:e6:2e:03:c9:97:22:2e:88:18:38:81:3f:6d:e8:
c4:9a:66:ea:e3:fb:91:bb:b6:4b:86:43:21:13:c9:64:c9:7e:
45:c7:73:b8:7a:ca:97:df:7c:43:4b:a1:2a:fc:e1:a1:c3:ea:
d7:dc:a1:c8:31:29:7c:f3:21:d4:c9:59:65:d9:a1:b0:79:09:
b4:9d:56:a3:b6:7c:ce:1f:a2:d0:0d:ae:e0:88:d6:2f:df:d2:
c7:a8:e2:80:f8:fd:05:06:b5:eb:b2:79:da:e0:ab:29:c8:0e:
d5:a2:b0:28:b9:53:e1:41:20:ee:f7:e4:3e:2a:ba:e2:e3:87:
4d:cb:08:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtBpTHG3NyewltCnvOgEKKPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE4MDcxNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA5ZjkxZjk2YTkyNjEyN2Y1NDcwMDBlNDcxYzEwNGNmNzQzNGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjS14Ittq0H1MS+KeOBVSApe014yw
0CXT381pHJFYj/R8XJntD29e7Cth21GuYoGc5oQ9OZeo77dRy/4Hz7qY1yL34b+n
IDuHqSBydA2R2BPMYpXlFrdRVoKRZWmAfbYsnVlq6SOpHmTF1w+ZAFm7grd00pWh
Tfegouv4NBmkVocqR8cwe1l9qVslDkdRzEsDPgKc4DeqzZWyPqDhv9llMhzONKTL
BCWUZ62kceIPHGPxwU54Y/4ZMEIx6+JKaNPUuzdfgYdfhifgY4PU/cvTBQ7L2X5u
373y84z61aJEFUATpnFShYYXnZWONWw5WomDGKAIc6Pc8dNDzJNOmrlQVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4J+R+WqSYSf1RwAORxwQTPdDTBMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWGduNUg1YXBKaEpfVkhBQTVISEJCTTkwTk1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWdWwMA0G
CSqGSIb3DQEBCwUAA4IBAQAfK+wwwqE899MKD05A9K/B+5oQ++7JAHKyLuEJNC2l
BbClLV4fkNJ+k/GXkzTCWS7herD0aiNLpJjs8x0qP6NMMcdTFPChMtgiTPoglWPp
hDc5t2Enhiaov27Og4nuCt+iiUPJsVoNAmQ/4mBuWTfFXpP7Xp5HXHyh5xijB/sP
nwE15i4DyZciLogYOIE/bejEmmbq4/uRu7ZLhkMhE8lkyX5Fx3O4esqX33xDS6Eq
/OGhw+rX3KHIMSl88yHUyVll2aGweQm0nVajtnzOH6LQDa7giNYv39LHqOKA+P0F
BrXrsnna4KspyA7VorAouVPhQSDu9+Q+Krri44dNywjJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:28 2025 by rpki-client