Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r8BuYKvXc8LIqIdhAhZXehabB0s.roa
File: r8BuYKvXc8LIqIdhAhZXehabB0s.roa (raw, json)
Hash identifier: oHchZzIEVtAlohQQJ+cw6vlBNf6kTKn12Sq764J8ILE=
Subject key identifier: AF:C0:6E:60:AB:D7:73:C2:C8:A8:87:61:02:16:57:7A:16:9B:07:4B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018BA3916353C82D072F91552A4689D52153
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r8BuYKvXc8LIqIdhAhZXehabB0s.roa
Signing time: Mon 06 Nov 2023 07:38:16 +0000
ROA not before: Mon 06 Nov 2023 07:38:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216362
IP address blocks: 89.213.181.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:91:63:53:c8:2d:07:2f:91:55:2a:46:89:d5:21:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 6 07:38:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afc06e60abd773c2c8a887610216577a169b074b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7f:e4:ff:b4:01:0d:2b:29:2e:3d:44:9d:fc:
db:a7:f7:0b:d9:89:19:b3:0a:3f:bb:19:c4:aa:d7:
72:57:73:9f:d2:38:da:f9:44:3c:b5:e0:97:51:4a:
e6:2b:c7:1b:9a:c1:2a:6c:ef:33:23:cb:f7:a9:ae:
e0:01:7b:1e:32:8f:3f:db:18:e7:7b:59:5f:5d:b5:
e4:31:7c:5b:f8:3e:ab:08:9f:fe:5b:6b:73:c3:1b:
e7:3a:dd:47:c3:63:e1:26:b8:30:3f:6c:55:c4:63:
94:f0:ce:9a:ff:31:be:9d:c9:97:90:db:61:1a:cd:
ef:7f:70:c5:ba:5e:80:41:ac:ec:91:dc:3a:9a:ca:
72:06:df:e8:ba:65:4e:2c:25:c2:85:61:06:3d:39:
0b:78:a9:89:cc:90:65:df:2e:93:93:b5:62:9a:11:
b1:d1:2d:b8:61:fc:f2:19:d0:70:ce:07:75:a6:e1:
8b:96:ee:c2:73:78:b2:ff:08:e4:12:a1:f8:de:19:
f3:56:70:35:26:bd:64:f9:66:1f:a5:21:af:e2:04:
bd:8e:b0:6d:03:2b:b9:33:de:a8:03:cb:d5:43:96:
b2:60:d4:ed:7b:8a:6b:e9:5b:70:bc:8b:da:4a:b8:
11:08:8b:2e:1a:d7:cf:9c:3c:97:83:ff:99:c8:aa:
16:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:C0:6E:60:AB:D7:73:C2:C8:A8:87:61:02:16:57:7A:16:9B:07:4B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/r8BuYKvXc8LIqIdhAhZXehabB0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.147.0/24
89.213.181.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:43:19:5a:06:b1:36:11:16:9e:b1:28:52:24:5d:ef:10:de:
8f:0c:03:10:69:e5:eb:e2:0b:b6:d9:7f:36:3a:c1:f1:a2:bf:
ef:a4:81:60:2d:9a:96:c6:98:90:0a:38:9a:7c:da:f2:e5:ff:
05:32:d9:da:fa:72:a4:ec:fe:55:89:3d:4c:f4:05:7f:bb:f3:
7d:24:18:e2:5c:29:e7:d2:c1:09:9b:eb:5a:b6:90:19:ae:36:
28:f9:93:59:b3:9e:ab:96:12:30:9c:18:84:a0:70:25:e7:d4:
24:a3:4f:3b:ce:ae:06:07:68:41:45:0c:2e:fe:05:a2:e5:e2:
45:dc:e2:d3:10:b6:f5:3e:6b:40:34:f7:14:47:40:7d:cb:67:
5c:a7:2e:d9:ca:b4:df:1b:8a:3a:68:5b:ac:0f:cf:25:08:d0:
ba:da:a6:cb:b4:e2:10:cb:59:09:80:d0:43:84:08:96:67:ad:
c0:e6:73:5b:16:02:b7:83:02:18:9d:02:f7:56:de:e4:76:b6:
58:65:12:5a:d1:6c:63:ef:de:3a:58:6b:42:27:99:66:58:a7:
51:0e:cd:a2:07:0f:85:ae:89:76:ee:b8:5d:1e:99:00:76:49:
23:0e:6f:cd:29:39:10:d6:3d:2d:99:96:d6:78:8c:6c:9f:ab:
97:ee:95:9f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYujkWNTyC0HL5FVKkaJ1SFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMTA2MDczODE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmMwNmU2MGFiZDc3M2MyYzhhODg3NjEwMjE2NTc3YTE2OWIwNzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3/k/7QBDSspLj1Enfzbp/cL2YkZ
swo/uxnEqtdyV3Of0jja+UQ8teCXUUrmK8cbmsEqbO8zI8v3qa7gAXseMo8/2xjn
e1lfXbXkMXxb+D6rCJ/+W2tzwxvnOt1Hw2PhJrgwP2xVxGOU8M6a/zG+ncmXkNth
Gs3vf3DFul6AQazskdw6mspyBt/oumVOLCXChWEGPTkLeKmJzJBl3y6Tk7VimhGx
0S24YfzyGdBwzgd1puGLlu7Cc3iy/wjkEqH43hnzVnA1Jr1k+WYfpSGv4gS9jrBt
Ayu5M96oA8vVQ5ayYNTte4pr6VtwvIvaSrgRCIsuGtfPnDyXg/+ZyKoWVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK/AbmCr13PCyKiHYQIWV3oWmwdLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcjhCdVlLdlhjOExJcUlkaEFoWlhlaGFiQjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWTAwQA
WdW1MA0GCSqGSIb3DQEBCwUAA4IBAQAsQxlaBrE2ERaesShSJF3vEN6PDAMQaeXr
4gu22X82OsHxor/vpIFgLZqWxpiQCjiafNry5f8FMtna+nKk7P5ViT1M9AV/u/N9
JBjiXCnn0sEJm+tatpAZrjYo+ZNZs56rlhIwnBiEoHAl59Qko087zq4GB2hBRQwu
/gWi5eJF3OLTELb1PmtANPcUR0B9y2dcpy7ZyrTfG4o6aFusD88lCNC62qbLtOIQ
y1kJgNBDhAiWZ63A5nNbFgK3gwIYnQL3Vt7kdrZYZRJa0Wxj7946WGtCJ5lmWKdR
Ds2iBw+Frol27rhdHpkAdkkjDm/NKTkQ1j0tmZbWeIxsn6uX7pWf
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:48 2025 by rpki-client