Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kJYmCxmFNMEuaaStDctEILbmhrw.roa
File: kJYmCxmFNMEuaaStDctEILbmhrw.roa (raw, json)
Hash identifier: p3I2JJ7PV5sYCRCn+pzB7ov8/nrXRombDy3dXcLPsOY=
Subject key identifier: 90:96:26:0B:19:85:34:C1:2E:69:A4:AD:0D:CB:44:20:B6:E6:86:BC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018A6078CEFD231122F71F8156771F633B75
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kJYmCxmFNMEuaaStDctEILbmhrw.roa
Signing time: Mon 04 Sep 2023 13:54:04 +0000
ROA not before: Mon 04 Sep 2023 13:54:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 399073
IP address blocks: 89.213.148.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:60:78:ce:fd:23:11:22:f7:1f:81:56:77:1f:63:3b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 4 13:54:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9096260b198534c12e69a4ad0dcb4420b6e686bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3a:ea:89:e6:23:a6:16:f9:7d:7f:e6:c7:61:
1b:63:8d:b8:dc:12:17:59:11:dd:a4:7d:7d:ce:3d:
35:da:35:f2:08:53:79:5e:a9:f8:68:be:b6:c0:de:
75:1d:4b:79:7b:22:83:ae:2d:7f:82:ea:cd:60:7a:
fc:c5:a7:b8:f9:89:80:e4:28:ce:1d:87:2c:14:b3:
ee:7d:46:29:06:5a:93:3f:e8:62:e8:05:38:ec:e4:
fd:e6:cb:ea:cd:49:74:cb:fc:98:d7:18:6b:c5:a3:
cf:92:94:ec:54:a6:e0:2c:3c:59:44:71:c5:70:bf:
81:02:bd:ce:6f:5a:87:f8:dd:61:22:bb:02:ad:4e:
0f:1a:e4:27:99:43:a3:01:b2:1e:1c:f0:38:fc:7a:
5a:40:c7:b4:34:07:8e:04:a7:70:da:ad:61:48:f5:
a0:a0:b2:91:83:99:2f:07:b8:91:6c:bf:0d:11:23:
fc:9d:0b:54:66:e4:93:2b:4e:06:5c:ae:2f:f0:46:
4e:7b:c3:b9:d0:7b:24:54:99:d6:ce:56:24:3c:42:
7e:d5:06:14:db:a3:41:1f:8e:60:69:09:62:b2:50:
d6:81:b6:01:86:9b:92:93:57:0c:a3:84:7d:a2:89:
9d:ae:69:68:72:59:71:f6:7c:ae:11:f4:e6:98:ec:
70:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:96:26:0B:19:85:34:C1:2E:69:A4:AD:0D:CB:44:20:B6:E6:86:BC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kJYmCxmFNMEuaaStDctEILbmhrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.148.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:e5:d6:96:68:65:5e:30:c6:b8:36:44:a8:cd:66:cb:de:17:
4e:a0:f3:e7:f0:41:5e:67:79:5f:c5:2d:33:3b:15:a0:81:ad:
e9:a0:c4:26:bb:80:db:8b:ce:1a:b6:50:63:c7:22:bf:ba:91:
c2:54:4d:11:85:1d:0d:70:4d:54:ed:7c:88:d6:d5:29:4a:22:
ab:03:b6:c3:7d:10:24:5d:00:5a:89:9f:3a:d8:e9:c4:44:f7:
91:0c:b6:1c:ff:66:db:a4:98:fe:57:bf:78:ad:c2:45:14:38:
36:04:fc:ef:65:fa:1b:bf:2d:fc:d8:53:c9:85:28:59:3b:02:
9f:0b:a5:c7:f4:c3:58:88:63:9c:f3:c9:74:51:57:1a:42:30:
c1:9e:d1:04:d1:a5:6e:48:29:86:22:82:ff:d6:07:bc:3b:bb:
7d:8b:ef:13:df:1a:d0:3a:64:f5:f7:76:48:4d:d9:08:5f:f7:
b4:85:e5:2a:79:68:ac:9a:75:27:19:15:b0:e9:0d:cc:10:c1:
01:cb:86:b8:0b:cc:1f:d2:2a:42:de:8d:08:d0:ac:fb:ca:32:
fa:12:24:39:c2:b1:8a:4b:9b:63:7e:de:5f:8e:3a:a6:80:25:
72:ee:31:bb:2c:ef:b2:cf:d1:87:dd:bd:84:2c:f6:dd:77:cd:
b2:c6:10:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpgeM79IxEi9x+BVncfYzt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwOTA0MTM1NDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDk2MjYwYjE5ODUzNGMxMmU2OWE0YWQwZGNiNDQyMGI2ZTY4NmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizrqieYjphb5fX/mx2EbY4243BIX
WRHdpH19zj012jXyCFN5Xqn4aL62wN51HUt5eyKDri1/gurNYHr8xae4+YmA5CjO
HYcsFLPufUYpBlqTP+hi6AU47OT95svqzUl0y/yY1xhrxaPPkpTsVKbgLDxZRHHF
cL+BAr3Ob1qH+N1hIrsCrU4PGuQnmUOjAbIeHPA4/HpaQMe0NAeOBKdw2q1hSPWg
oLKRg5kvB7iRbL8NESP8nQtUZuSTK04GXK4v8EZOe8O50HskVJnWzlYkPEJ+1QYU
26NBH45gaQlislDWgbYBhpuSk1cMo4R9oomdrmlocllx9nyuEfTmmOxwzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCWJgsZhTTBLmmkrQ3LRCC25oa8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEva0pZbUN4bUZOTUV1YWFTdERjdEVJTGJtaHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWdWUMA0G
CSqGSIb3DQEBCwUAA4IBAQCc5daWaGVeMMa4NkSozWbL3hdOoPPn8EFeZ3lfxS0z
OxWgga3poMQmu4Dbi84atlBjxyK/upHCVE0RhR0NcE1U7XyI1tUpSiKrA7bDfRAk
XQBaiZ862OnERPeRDLYc/2bbpJj+V794rcJFFDg2BPzvZfobvy382FPJhShZOwKf
C6XH9MNYiGOc88l0UVcaQjDBntEE0aVuSCmGIoL/1ge8O7t9i+8T3xrQOmT193ZI
TdkIX/e0heUqeWismnUnGRWw6Q3MEMEBy4a4C8wf0ipC3o0I0Kz7yjL6EiQ5wrGK
S5tjft5fjjqmgCVy7jG7LO+yz9GH3b2ELPbdd82yxhBp
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:09 2025 by rpki-client