Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dRUrY4W8_Hxb79h5LGqW0R0HXSQ.roa
File: dRUrY4W8_Hxb79h5LGqW0R0HXSQ.roa (raw, json)
Hash identifier: GNeyydRPYEQCwjlUULZxM2/Ca+UMEX1yD3xy8JsLMCA=
Subject key identifier: 75:15:2B:63:85:BC:FC:7C:5B:EF:D8:79:2C:6A:96:D1:1D:07:5D:24
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0189772DA282E826F32FD58845F20B7839BF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dRUrY4W8_Hxb79h5LGqW0R0HXSQ.roa
Signing time: Fri 21 Jul 2023 06:40:26 +0000
ROA not before: Fri 21 Jul 2023 06:40:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210110
IP address blocks: 89.213.128.0/24 maxlen: 24
109.176.254.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:2d:a2:82:e8:26:f3:2f:d5:88:45:f2:0b:78:39:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 21 06:40:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=75152b6385bcfc7c5befd8792c6a96d11d075d24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4c:a9:3f:c2:2a:5e:70:b9:7a:72:4e:28:e9:
44:1c:75:a0:07:ef:0b:8f:23:df:5d:ac:84:6b:13:
f7:81:f9:86:88:e5:49:ee:93:13:35:d5:7e:fd:bc:
3b:56:54:23:90:23:bc:54:31:68:95:9d:8e:a3:f6:
d4:89:12:29:84:97:82:cd:f6:cf:96:d0:59:27:60:
21:95:55:40:95:ab:e6:8b:a4:fb:57:36:04:1e:4c:
07:01:0a:22:bb:a0:f4:56:54:ea:39:2e:7b:b5:9a:
05:73:0e:e4:5a:3a:7a:e8:66:f9:20:e3:7c:06:87:
3b:21:8d:d8:96:1a:e4:e8:5b:4b:c5:ae:c2:e0:4a:
ac:25:98:d8:35:ae:d5:71:51:ef:6e:04:94:9c:24:
4b:5f:88:11:d0:14:b9:a2:33:4b:29:0e:c7:38:8c:
71:eb:4b:12:1e:15:4c:6a:96:61:08:01:ff:e9:b2:
a5:a1:4b:ce:a7:ee:0d:44:19:88:11:ed:e8:dc:00:
d7:0b:09:2c:fc:e7:fb:e9:dd:24:fe:43:c4:e1:93:
c3:0d:f5:60:4e:c0:e6:89:29:64:da:04:13:e3:c6:
72:47:9b:a3:13:ee:0c:4a:20:8d:bf:72:0d:3d:bc:
88:6f:44:40:dc:2f:c6:83:f9:9e:7d:e1:2c:26:3f:
41:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:15:2B:63:85:BC:FC:7C:5B:EF:D8:79:2C:6A:96:D1:1D:07:5D:24
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dRUrY4W8_Hxb79h5LGqW0R0HXSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.128.0/24
109.176.254.0/23
Signature Algorithm: sha256WithRSAEncryption
41:73:8d:8d:20:85:49:db:68:2b:2d:9f:f1:da:f2:ab:a5:01:
4d:6e:22:07:cb:39:ed:54:58:9d:3f:13:61:6c:3b:cc:6f:d1:
46:10:ae:7e:b4:1a:b4:10:05:fe:85:b4:58:af:0f:79:c0:f0:
9e:fa:82:e0:39:dd:53:1b:cf:b3:b4:81:65:8b:53:3d:67:46:
a8:31:7a:87:54:ae:c5:49:18:d3:19:d3:6d:75:f2:c2:13:da:
c8:96:5b:a0:22:09:ff:60:9f:71:95:56:9e:57:b2:f2:ed:31:
24:49:f1:6e:71:ba:a0:2b:f3:5b:15:06:9e:f7:f7:19:7f:22:
de:7a:42:72:3f:76:dc:bb:0f:6e:36:e8:99:b6:bc:53:e5:c8:
c5:9b:5e:65:0b:04:51:6f:fd:88:e1:f6:72:89:2c:3f:54:1a:
3c:fc:d8:4e:e3:bf:6c:5d:62:ac:1e:d6:e1:56:c1:5e:36:3c:
5f:41:32:05:69:7f:d9:e3:ff:d6:68:45:44:eb:b9:57:b1:3f:
be:b7:b0:c9:1e:2f:e6:b2:c2:b2:37:72:1a:d8:4e:eb:35:4e:
cf:22:06:b6:c8:01:8e:7d:58:f4:90:b4:59:30:52:92:ef:8b:
22:fc:62:16:03:dc:e9:69:33:f8:62:b3:bb:75:97:3a:5f:60:
1a:16:e9:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYl3LaKC6CbzL9WIRfILeDm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzIxMDY0MDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE1MmI2Mzg1YmNmYzdjNWJlZmQ4NzkyYzZhOTZkMTFkMDc1ZDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUypP8IqXnC5enJOKOlEHHWgB+8L
jyPfXayEaxP3gfmGiOVJ7pMTNdV+/bw7VlQjkCO8VDFolZ2Oo/bUiRIphJeCzfbP
ltBZJ2AhlVVAlavmi6T7VzYEHkwHAQoiu6D0VlTqOS57tZoFcw7kWjp66Gb5ION8
Boc7IY3Ylhrk6FtLxa7C4EqsJZjYNa7VcVHvbgSUnCRLX4gR0BS5ojNLKQ7HOIxx
60sSHhVMapZhCAH/6bKloUvOp+4NRBmIEe3o3ADXCwks/Of76d0k/kPE4ZPDDfVg
TsDmiSlk2gQT48ZyR5ujE+4MSiCNv3INPbyIb0RA3C/Gg/mefeEsJj9ByQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHUVK2OFvPx8W+/YeSxqltEdB10kMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZFJVclk0VzhfSHhiNzloNUxHcVcwUjBIWFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWAAwQB
bbD+MA0GCSqGSIb3DQEBCwUAA4IBAQBBc42NIIVJ22grLZ/x2vKrpQFNbiIHyznt
VFidPxNhbDvMb9FGEK5+tBq0EAX+hbRYrw95wPCe+oLgOd1TG8+ztIFli1M9Z0ao
MXqHVK7FSRjTGdNtdfLCE9rIllugIgn/YJ9xlVaeV7Ly7TEkSfFucbqgK/NbFQae
9/cZfyLeekJyP3bcuw9uNuiZtrxT5cjFm15lCwRRb/2I4fZyiSw/VBo8/NhO479s
XWKsHtbhVsFeNjxfQTIFaX/Z4//WaEVE67lXsT++t7DJHi/mssKyN3Ia2E7rNU7P
Iga2yAGOfVj0kLRZMFKS74si/GIWA9zpaTP4YrO7dZc6X2AaFulA
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:55 2025 by rpki-client