Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kRAyGKF9xnJFpHor1vZaKIbGdg0.roa
File: kRAyGKF9xnJFpHor1vZaKIbGdg0.roa (raw, json)
Hash identifier: jBRG3WTM3Mqk6OfSXJ404O90KmWfEhTHuhG6TwYPflg=
Subject key identifier: 91:10:32:18:A1:7D:C6:72:45:A4:7A:2B:D6:F6:5A:28:86:C6:76:0D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018B3C836869A6C6DE4BFB1833FF8E17DDC4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kRAyGKF9xnJFpHor1vZaKIbGdg0.roa
Signing time: Tue 17 Oct 2023 07:22:06 +0000
ROA not before: Tue 17 Oct 2023 07:22:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51741
IP address blocks: 89.213.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3c:83:68:69:a6:c6:de:4b:fb:18:33:ff:8e:17:dd:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 17 07:22:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91103218a17dc67245a47a2bd6f65a2886c6760d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7b:f6:46:56:1a:fb:8e:f8:87:68:49:49:7a:
3d:b0:a6:ad:de:26:dd:04:50:63:e2:69:47:0d:63:
8b:47:fe:48:55:e4:00:6a:bb:87:1c:42:e8:49:53:
73:85:2c:7a:1a:fd:41:ba:2a:ec:3c:79:34:f7:12:
01:3b:b2:df:62:bf:8f:4f:a8:94:7e:2e:6e:80:fd:
a2:d5:07:2c:2b:34:ff:a4:8c:fa:90:c6:9b:00:ca:
c3:51:58:cb:85:1b:4d:bd:fb:df:6f:de:01:d7:1b:
87:d2:85:26:4d:b2:33:d7:47:2d:b7:8c:0d:3a:6e:
51:d2:92:93:80:a8:fc:36:95:f8:bc:b0:f5:0b:24:
af:c6:cf:7e:1b:a6:05:43:52:9d:8a:72:3f:e1:0c:
30:f6:ff:93:7f:f1:4a:02:9e:3f:47:59:ce:8e:85:
0c:ea:04:2f:c5:19:27:14:e3:3c:b5:73:6f:9b:de:
62:bd:b1:5f:16:eb:3f:8e:79:16:c7:00:f5:ea:28:
e0:ad:19:0e:be:65:48:e0:fb:46:bb:b0:ff:43:ea:
5e:aa:5b:4f:4e:af:34:59:5a:31:cf:af:bb:b9:ab:
3a:52:ad:18:db:33:b1:88:c3:41:91:ac:f7:bb:69:
97:89:04:9a:81:aa:e0:9f:9a:ac:76:45:66:73:11:
cc:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:10:32:18:A1:7D:C6:72:45:A4:7A:2B:D6:F6:5A:28:86:C6:76:0D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kRAyGKF9xnJFpHor1vZaKIbGdg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.152.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:26:ef:19:85:16:bd:1c:f3:56:11:90:44:d8:b8:1e:f9:0b:
b5:e8:e0:35:9a:35:fb:9c:f5:b3:f9:10:bb:78:5b:ca:e2:fa:
27:5f:2e:05:8b:47:ad:02:0a:df:e9:62:f4:e1:9a:39:1b:8d:
c3:3d:00:a2:42:5f:b2:a7:e9:9b:45:22:f5:5e:d9:0b:3c:0a:
39:0c:c5:71:88:f7:ba:2a:9a:08:36:66:3d:62:54:98:b5:24:
85:e2:8d:65:f7:10:d7:a0:c2:4e:13:ca:b2:79:a5:79:40:b2:
70:c8:09:cd:ab:94:af:4a:f8:9e:c2:74:0c:de:9c:91:de:2d:
16:7a:fd:54:de:e3:68:a5:9d:59:8e:04:35:c0:58:6b:d6:f7:
aa:0c:2c:bc:b5:d9:26:e3:7f:e0:dc:21:5a:a1:68:dc:9f:51:
b0:23:60:f5:d3:31:39:7e:27:e9:2a:6d:5c:b4:b9:8c:33:8a:
85:52:bf:72:aa:49:b8:b8:6a:3e:e4:2f:a1:b7:8e:93:6e:dc:
ff:c0:45:ca:12:d6:c3:f8:be:b8:51:be:02:02:2e:e3:8f:d5:
7f:fc:3e:4f:08:22:e5:d2:ec:84:b9:51:13:f8:83:e6:15:10:
ff:26:02:21:e2:47:1e:bb:29:0a:8c:3f:b5:9c:40:43:29:b3:
14:e8:2a:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYs8g2hppsbeS/sYM/+OF93EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE3MDcyMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTEwMzIxOGExN2RjNjcyNDVhNDdhMmJkNmY2NWEyODg2YzY3NjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3v2RlYa+474h2hJSXo9sKat3ibd
BFBj4mlHDWOLR/5IVeQAaruHHELoSVNzhSx6Gv1BuirsPHk09xIBO7LfYr+PT6iU
fi5ugP2i1QcsKzT/pIz6kMabAMrDUVjLhRtNvfvfb94B1xuH0oUmTbIz10ctt4wN
Om5R0pKTgKj8NpX4vLD1CySvxs9+G6YFQ1KdinI/4Qww9v+Tf/FKAp4/R1nOjoUM
6gQvxRknFOM8tXNvm95ivbFfFus/jnkWxwD16ijgrRkOvmVI4PtGu7D/Q+peqltP
Tq80WVoxz6+7uas6Uq0Y2zOxiMNBkaz3u2mXiQSagargn5qsdkVmcxHMHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJEQMhihfcZyRaR6K9b2WiiGxnYNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEva1JBeUdLRjl4bkpGcEhvcjF2WmFLSWJHZGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWYMA0G
CSqGSIb3DQEBCwUAA4IBAQAfJu8ZhRa9HPNWEZBE2Lge+Qu16OA1mjX7nPWz+RC7
eFvK4vonXy4Fi0etAgrf6WL04Zo5G43DPQCiQl+yp+mbRSL1XtkLPAo5DMVxiPe6
KpoINmY9YlSYtSSF4o1l9xDXoMJOE8qyeaV5QLJwyAnNq5SvSviewnQM3pyR3i0W
ev1U3uNopZ1ZjgQ1wFhr1veqDCy8tdkm43/g3CFaoWjcn1GwI2D10zE5fifpKm1c
tLmMM4qFUr9yqkm4uGo+5C+ht46Tbtz/wEXKEtbD+L64Ub4CAi7jj9V//D5PCCLl
0uyEuVET+IPmFRD/JgIh4kceuykKjD+1nEBDKbMU6Cqq
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:56 2025 by rpki-client