Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aoUmUAchEd8p8_XmHcxVKvFTs1w.roa
File: aoUmUAchEd8p8_XmHcxVKvFTs1w.roa (raw, json)
Hash identifier: 5MMsv/ZPIFCqNBp4Y6lza+h3Ai3DVksUFK3Vy58xq5s=
Subject key identifier: 6A:85:26:50:07:21:11:DF:29:F3:F5:E6:1D:CC:55:2A:F1:53:B3:5C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CB6A5A8379956411049F0B3971E9F0B70
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aoUmUAchEd8p8_XmHcxVKvFTs1w.roa
Signing time: Fri 29 Dec 2023 17:35:58 +0000
ROA not before: Fri 29 Dec 2023 17:35:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47679
IP address blocks: 89.213.191.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b6:a5:a8:37:99:56:41:10:49:f0:b3:97:1e:9f:0b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 29 17:35:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6a852650072111df29f3f5e61dcc552af153b35c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c9:6e:ad:77:e2:39:25:66:49:98:0e:2f:03:
94:19:fc:d4:dd:78:88:02:c4:7c:5d:7f:59:7a:d7:
7f:54:06:3e:8b:8c:ad:4c:16:6e:eb:5b:1d:c8:b7:
17:76:41:00:c4:96:de:44:f8:41:c7:8d:3d:d2:d4:
a9:10:9a:b2:8b:af:50:13:85:bd:79:5e:0a:4c:e9:
38:0b:2b:43:1e:11:8c:e4:eb:14:55:ee:0a:79:6b:
2b:18:77:4c:b1:aa:28:c0:2b:87:3d:fc:e9:b7:d6:
86:70:23:7d:e3:37:76:c5:6f:d8:18:bb:ab:ef:0a:
08:a6:5f:f8:89:2c:09:cb:ea:09:e4:50:95:39:9d:
cb:59:7c:7b:c0:b9:65:88:91:aa:57:99:ba:18:d1:
7a:38:13:f5:7d:3d:2f:79:40:b2:97:5a:68:ac:c5:
98:4d:89:7d:84:6e:1d:42:e9:c1:94:fb:e9:d1:09:
e7:8b:e3:ff:fb:21:e5:6f:fb:1c:db:2a:78:d3:3b:
e9:d2:86:a6:3b:50:f8:c7:ed:7f:4f:d1:30:3a:4a:
b6:02:0e:e9:4c:89:34:8c:1a:14:91:6c:bb:d5:82:
60:5d:74:d6:8e:72:94:46:f7:66:f6:fa:82:fc:28:
37:32:4c:f3:00:8a:46:79:8c:7f:d2:e4:6a:d3:1f:
00:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:85:26:50:07:21:11:DF:29:F3:F5:E6:1D:CC:55:2A:F1:53:B3:5C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aoUmUAchEd8p8_XmHcxVKvFTs1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.191.0/24
Signature Algorithm: sha256WithRSAEncryption
56:ff:24:43:96:4d:93:e9:be:41:59:e6:f0:c9:44:6c:49:43:
27:ce:e5:88:ef:75:0b:1f:e0:a1:cf:e6:7e:38:2a:64:83:9d:
25:9e:38:de:9b:ff:89:4e:88:16:b0:c4:7a:54:86:d5:1b:75:
cf:f8:c1:3a:2a:45:f7:33:fd:c6:d2:13:5d:94:1a:61:c7:f6:
9c:21:22:f6:3d:07:57:12:30:81:42:bc:c7:a9:c3:d8:6d:76:
d0:a0:89:27:84:09:fe:e0:a3:34:de:ef:24:04:06:30:3f:03:
45:e0:e9:21:81:4d:58:bb:06:57:f1:1b:44:d0:24:6f:19:40:
68:58:d9:2a:9b:d4:5b:c5:ec:6c:20:31:cc:95:72:51:c0:cb:
7a:24:e8:98:21:09:37:0f:04:3c:bc:17:5f:3c:3a:79:12:5a:
c3:fe:3c:0e:46:19:03:22:2a:33:39:f5:e3:a7:e0:45:1f:37:
33:bd:36:ce:80:49:d0:53:8a:d0:51:4e:81:31:a5:ce:d3:cd:
ed:34:70:09:64:b7:49:1d:b9:1a:60:ff:1b:73:55:69:2a:38:
8a:c3:e8:cd:2b:11:3f:81:3e:88:69:ab:2d:15:9d:59:20:c4:
99:ee:b0:a2:bb:c7:a8:c4:0c:ed:79:47:c1:da:9e:c1:3c:d0:
1d:3a:64:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYy2pag3mVZBEEnws5cenwtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMjI5MTczNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTg1MjY1MDA3MjExMWRmMjlmM2Y1ZTYxZGNjNTUyYWYxNTNiMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMlurXfiOSVmSZgOLwOUGfzU3XiI
AsR8XX9Zetd/VAY+i4ytTBZu61sdyLcXdkEAxJbeRPhBx4090tSpEJqyi69QE4W9
eV4KTOk4CytDHhGM5OsUVe4KeWsrGHdMsaoowCuHPfzpt9aGcCN94zd2xW/YGLur
7woIpl/4iSwJy+oJ5FCVOZ3LWXx7wLlliJGqV5m6GNF6OBP1fT0veUCyl1porMWY
TYl9hG4dQunBlPvp0Qnni+P/+yHlb/sc2yp40zvp0oamO1D4x+1/T9EwOkq2Ag7p
TIk0jBoUkWy71YJgXXTWjnKURvdm9vqC/Cg3MkzzAIpGeYx/0uRq0x8AoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGqFJlAHIRHfKfP15h3MVSrxU7NcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYW9VbVVBY2hFZDhwOF9YbUhjeFZLdkZUczF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdW/MA0G
CSqGSIb3DQEBCwUAA4IBAQBW/yRDlk2T6b5BWebwyURsSUMnzuWI73ULH+Chz+Z+
OCpkg50lnjjem/+JTogWsMR6VIbVG3XP+ME6KkX3M/3G0hNdlBphx/acISL2PQdX
EjCBQrzHqcPYbXbQoIknhAn+4KM03u8kBAYwPwNF4OkhgU1YuwZX8RtE0CRvGUBo
WNkqm9RbxexsIDHMlXJRwMt6JOiYIQk3DwQ8vBdfPDp5ElrD/jwORhkDIiozOfXj
p+BFHzczvTbOgEnQU4rQUU6BMaXO083tNHAJZLdJHbkaYP8bc1VpKjiKw+jNKxE/
gT6IaastFZ1ZIMSZ7rCiu8eoxAzteUfB2p7BPNAdOmSa
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:58 2025 by rpki-client