Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i5SPKDe9vPhzfithP73g2ti-aWY.roa
File: i5SPKDe9vPhzfithP73g2ti-aWY.roa (raw, json)
Hash identifier: sMZEEbyLXa8nRFsPn7A9YeCvbomCyRdsRWNWuiYQWvM=
Subject key identifier: 8B:94:8F:28:37:BD:BC:F8:73:7E:2B:61:3F:BD:E0:DA:D8:BE:69:66
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018BFB5CC1F8B1930BF1EB8C5270502BEE66
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i5SPKDe9vPhzfithP73g2ti-aWY.roa
Signing time: Thu 23 Nov 2023 08:47:22 +0000
ROA not before: Thu 23 Nov 2023 08:47:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212815
IP address blocks: 89.213.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fb:5c:c1:f8:b1:93:0b:f1:eb:8c:52:70:50:2b:ee:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 23 08:47:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b948f2837bdbcf8737e2b613fbde0dad8be6966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:61:5a:cc:24:c7:d8:af:70:12:1a:93:bc:60:
a2:b2:36:32:48:32:4c:ed:48:67:bd:ea:c3:f2:83:
12:c4:e5:ee:b4:dd:01:ff:11:73:6d:60:59:7c:64:
55:3b:88:dc:83:4d:5e:1c:df:42:09:d5:81:a6:cb:
e3:e9:72:a6:1d:a1:be:82:a7:da:07:51:b5:d2:cd:
b0:ff:2a:eb:76:57:61:7f:18:81:f7:9c:4d:23:0c:
60:a9:0b:b9:d3:32:5c:15:66:f6:2d:92:d6:bd:aa:
cb:6f:8a:4e:f1:12:cc:52:32:cd:dc:e4:8c:83:8c:
2a:cb:f0:be:79:13:24:8e:cf:83:18:14:91:4f:ff:
1d:21:9b:48:cf:30:a5:b8:8a:2f:54:e8:8b:f5:cc:
9c:9c:f9:86:2c:0c:57:03:d5:33:e9:76:6f:52:ad:
8c:2b:6a:cf:98:24:9a:0f:26:e0:11:e6:c3:f2:0a:
49:fc:dd:61:45:96:93:82:d3:96:a6:2b:28:af:4b:
6e:10:1c:63:1b:56:03:61:d7:e4:da:4b:66:48:21:
79:6c:49:34:62:2d:ac:af:d1:d9:68:60:12:e3:4c:
47:bc:bb:fe:85:13:ad:fe:ed:b1:fc:e4:7a:30:05:
86:b8:2c:09:1d:2c:a4:d5:b5:b6:7c:6f:84:5c:93:
42:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:94:8F:28:37:BD:BC:F8:73:7E:2B:61:3F:BD:E0:DA:D8:BE:69:66
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i5SPKDe9vPhzfithP73g2ti-aWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.157.0/24
Signature Algorithm: sha256WithRSAEncryption
72:62:c3:2c:9e:04:22:a4:4c:d5:d8:ac:77:bf:92:7a:19:25:
67:ec:81:00:61:47:38:55:58:1a:ac:6e:1b:37:b5:21:46:51:
df:7f:44:6c:31:e8:65:2f:2d:3f:8c:98:ca:ba:e7:30:95:31:
25:ab:a4:b8:dd:e9:51:b1:12:95:f4:a4:fc:f7:bb:6c:f1:57:
d9:9e:5a:91:3c:7e:18:80:7a:f9:38:5a:93:d4:b3:e8:85:d4:
64:90:d5:c5:89:78:7d:78:e4:2b:da:f0:10:eb:51:af:9b:19:
69:1b:cb:ca:f3:7c:98:2e:07:ae:7f:0f:15:d5:d0:f9:7a:3e:
f6:e3:7f:55:ac:53:82:25:7f:93:64:25:23:94:00:54:70:60:
e3:c3:b2:37:92:4d:7d:82:cd:12:56:5c:9f:6a:80:f4:1c:ff:
c7:95:f0:3f:0d:d7:e2:0c:fd:f4:14:0b:fc:8e:46:cd:cf:77:
b6:12:9a:d9:5f:20:0c:dd:71:c6:59:9f:96:25:bf:35:7c:a6:
9b:1a:e3:fa:1f:f7:ac:72:35:6d:b1:f5:25:a1:a6:a6:05:54:
6b:a8:1e:47:00:1f:d6:81:bb:1e:62:75:d1:1a:45:e8:fc:37:
b4:54:23:6f:89:82:e6:c5:33:c6:1b:e6:c4:44:29:da:36:1e:
6d:a7:ee:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv7XMH4sZML8euMUnBQK+5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTIzMDg0NzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk0OGYyODM3YmRiY2Y4NzM3ZTJiNjEzZmJkZTBkYWQ4YmU2OTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWFazCTH2K9wEhqTvGCisjYySDJM
7UhnverD8oMSxOXutN0B/xFzbWBZfGRVO4jcg01eHN9CCdWBpsvj6XKmHaG+gqfa
B1G10s2w/yrrdldhfxiB95xNIwxgqQu50zJcFWb2LZLWvarLb4pO8RLMUjLN3OSM
g4wqy/C+eRMkjs+DGBSRT/8dIZtIzzCluIovVOiL9cycnPmGLAxXA9Uz6XZvUq2M
K2rPmCSaDybgEebD8gpJ/N1hRZaTgtOWpisor0tuEBxjG1YDYdfk2ktmSCF5bEk0
Yi2sr9HZaGAS40xHvLv+hROt/u2x/OR6MAWGuCwJHSyk1bW2fG+EXJNCnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIuUjyg3vbz4c34rYT+94NrYvmlmMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaTVTUEtEZTl2UGh6Zml0aFA3M2cydGktYVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWdMA0G
CSqGSIb3DQEBCwUAA4IBAQByYsMsngQipEzV2Kx3v5J6GSVn7IEAYUc4VVgarG4b
N7UhRlHff0RsMehlLy0/jJjKuucwlTElq6S43elRsRKV9KT897ts8VfZnlqRPH4Y
gHr5OFqT1LPohdRkkNXFiXh9eOQr2vAQ61GvmxlpG8vK83yYLgeufw8V1dD5ej72
439VrFOCJX+TZCUjlABUcGDjw7I3kk19gs0SVlyfaoD0HP/HlfA/DdfiDP30FAv8
jkbNz3e2EprZXyAM3XHGWZ+WJb81fKabGuP6H/escjVtsfUloaamBVRrqB5HAB/W
gbseYnXRGkXo/De0VCNviYLmxTPGG+bERCnaNh5tp+7F
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:01 2025 by rpki-client