Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gKYx0yDWqBIZR_RVRLtBzQtmFtw.roa
File: gKYx0yDWqBIZR_RVRLtBzQtmFtw.roa (raw, json)
Hash identifier: fpTXGB15O/tW1HsqaFyvxgRCYUy54fsrxLGGIzVxMsQ=
Subject key identifier: 80:A6:31:D3:20:D6:A8:12:19:47:F4:55:44:BB:41:CD:0B:66:16:DC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018BF1D22132150D6ECFF54188A3AF625C48
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gKYx0yDWqBIZR_RVRLtBzQtmFtw.roa
Signing time: Tue 21 Nov 2023 12:19:21 +0000
ROA not before: Tue 21 Nov 2023 12:19:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 63023
IP address blocks: 89.213.144.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f1:d2:21:32:15:0d:6e:cf:f5:41:88:a3:af:62:5c:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 21 12:19:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80a631d320d6a8121947f45544bb41cd0b6616dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:04:8d:dc:13:b0:4d:08:27:1e:4f:02:4a:e9:
b8:a9:66:87:ad:0c:e7:a2:bc:be:ef:f9:40:40:ee:
59:31:86:94:fa:90:17:bc:d8:2b:9b:d8:26:d4:31:
f5:f2:3e:45:49:31:15:96:22:72:29:d1:b9:72:c7:
1a:4a:98:b3:c0:6f:4c:68:23:e6:42:a2:45:5d:a9:
b8:6e:aa:15:d1:d4:07:92:3d:01:be:e3:d1:8f:3f:
91:95:91:7f:67:a1:74:7e:b9:de:45:cd:07:f8:c6:
6b:5e:a1:7b:46:c4:61:89:2b:d9:5c:7d:76:a6:35:
95:f1:0b:04:d6:ce:90:ca:7f:58:0b:dd:ad:2d:84:
f0:80:05:54:29:6b:6e:57:8a:5d:85:36:24:ad:2e:
d9:b8:ab:62:94:cf:46:89:99:43:d2:94:3b:76:2e:
55:d5:ba:5c:d5:b9:2a:62:a0:68:ff:f7:ca:e4:14:
67:49:20:99:e8:27:71:85:d8:46:7c:d5:fd:f0:9f:
c8:56:11:40:11:b6:98:17:ae:6d:ac:61:4e:0f:46:
8a:a3:36:9c:3e:0b:39:56:b4:62:76:23:a9:71:6b:
e3:f7:49:f4:db:94:ec:0c:40:11:f0:a3:77:6c:9f:
b3:6b:9d:2a:fa:5c:32:d2:11:11:0d:f2:0e:9d:f6:
82:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A6:31:D3:20:D6:A8:12:19:47:F4:55:44:BB:41:CD:0B:66:16:DC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gKYx0yDWqBIZR_RVRLtBzQtmFtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.144.0/24
89.213.150.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:ee:b0:76:2c:0a:20:9e:e7:fe:d6:1d:e6:9d:a3:17:03:42:
83:b9:b1:40:08:7c:b7:98:2e:6d:1d:78:b6:90:f0:21:d7:b8:
7a:70:d8:c4:af:44:02:e1:fc:a1:55:13:dd:31:be:65:7c:e4:
a7:64:d4:10:96:0f:8e:1d:be:1f:97:cd:f6:d2:ca:cf:fb:1a:
4c:76:0c:bc:a5:f2:c1:c4:b4:28:93:6a:cd:ba:b1:d1:cd:f4:
49:ce:b2:b9:78:5a:8e:93:bc:2a:13:c8:8d:d5:55:ce:90:d5:
e4:a3:98:46:44:ed:be:c0:91:16:47:53:e5:b8:95:e3:5c:62:
26:d9:2d:14:cc:36:31:7b:8f:06:ae:52:18:ec:fa:ba:f9:17:
a8:27:4d:33:d9:76:23:b1:bb:de:d4:e8:69:83:71:06:b7:90:
16:89:2b:29:80:9d:19:c8:12:58:f5:6f:8b:eb:ef:29:f4:ad:
68:9b:30:a1:0a:dc:ec:20:3b:67:95:43:5a:5b:cc:3b:0b:78:
bb:cf:3a:8d:28:23:21:0c:9c:4e:6e:07:8b:09:4d:e3:8e:ee:
8c:f9:ae:e1:fb:57:50:d3:72:e0:ae:05:84:8a:73:22:83:91:
61:32:1b:7c:69:79:1c:45:31:c4:bc:71:e0:d6:96:1f:c8:af:
1f:c4:7e:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvx0iEyFQ1uz/VBiKOvYlxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTIxMTIxOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE2MzFkMzIwZDZhODEyMTk0N2Y0NTU0NGJiNDFjZDBiNjYxNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiASN3BOwTQgnHk8CSum4qWaHrQzn
ory+7/lAQO5ZMYaU+pAXvNgrm9gm1DH18j5FSTEVliJyKdG5cscaSpizwG9MaCPm
QqJFXam4bqoV0dQHkj0BvuPRjz+RlZF/Z6F0frneRc0H+MZrXqF7RsRhiSvZXH12
pjWV8QsE1s6Qyn9YC92tLYTwgAVUKWtuV4pdhTYkrS7ZuKtilM9GiZlD0pQ7di5V
1bpc1bkqYqBo//fK5BRnSSCZ6CdxhdhGfNX98J/IVhFAEbaYF65trGFOD0aKozac
Pgs5VrRidiOpcWvj90n025TsDEAR8KN3bJ+za50q+lwy0hERDfIOnfaCHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFICmMdMg1qgSGUf0VUS7Qc0LZhbcMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ0tZeDB5RFdxQklaUl9SVlJMdEJ6UXRtRnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWQAwQA
WdWWMA0GCSqGSIb3DQEBCwUAA4IBAQCb7rB2LAognuf+1h3mnaMXA0KDubFACHy3
mC5tHXi2kPAh17h6cNjEr0QC4fyhVRPdMb5lfOSnZNQQlg+OHb4fl8320srP+xpM
dgy8pfLBxLQok2rNurHRzfRJzrK5eFqOk7wqE8iN1VXOkNXko5hGRO2+wJEWR1Pl
uJXjXGIm2S0UzDYxe48GrlIY7Pq6+ReoJ00z2XYjsbve1Ohpg3EGt5AWiSspgJ0Z
yBJY9W+L6+8p9K1omzChCtzsIDtnlUNaW8w7C3i7zzqNKCMhDJxObgeLCU3jju6M
+a7h+1dQ03LgrgWEinMig5FhMht8aXkcRTHEvHHg1pYfyK8fxH4I
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:05 2025 by rpki-client