Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v9QxlH70mMhCO9oek6iiFXWyMPA.roa
File: v9QxlH70mMhCO9oek6iiFXWyMPA.roa (raw, json)
Hash identifier: Wmed7GYxjbu9tNwV3rSo9NdRj5tfeItYlTi5Ukjs5W8=
Subject key identifier: BF:D4:31:94:7E:F4:98:C8:42:3B:DA:1E:93:A8:A2:15:75:B2:30:F0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018B42CBFDBC7017BC809ADD40E99FB4D8D1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v9QxlH70mMhCO9oek6iiFXWyMPA.roa
Signing time: Wed 18 Oct 2023 12:39:06 +0000
ROA not before: Wed 18 Oct 2023 12:39:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 32167
IP address blocks: 89.213.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:42:cb:fd:bc:70:17:bc:80:9a:dd:40:e9:9f:b4:d8:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 18 12:39:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfd431947ef498c8423bda1e93a8a21575b230f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7d:95:c1:10:76:f0:6e:13:85:68:44:e8:7b:
ae:a9:a2:07:4d:8b:84:9d:38:4e:4e:38:05:96:f5:
fc:ec:fc:b6:08:cf:58:ca:73:28:3c:88:e8:4e:be:
5f:e9:69:d8:e6:b6:85:5e:dd:1c:5c:1f:35:1c:d5:
bb:88:09:76:d0:a8:fc:52:8d:67:1c:bb:46:8e:98:
b9:13:fb:65:21:22:6d:51:be:6e:d7:d5:5e:25:83:
cc:9c:6a:b3:6d:79:51:1c:37:dd:8d:e2:f6:dd:3e:
43:d0:dd:54:a1:b7:39:16:99:93:2b:c9:f1:0a:6e:
ff:f9:2f:eb:3d:61:5a:b6:e1:1d:3f:9d:6e:ce:73:
65:81:d3:c3:87:1d:74:84:d0:f4:17:24:5f:03:89:
24:94:d8:b4:20:2f:b0:90:af:76:5e:f4:69:ae:1a:
b0:9f:e7:b0:6d:82:26:ea:02:01:e7:7d:1e:ea:7f:
09:3a:af:10:2c:6e:a1:9d:56:23:ee:af:02:0b:77:
ec:29:df:36:9e:bb:e3:83:3f:c5:72:bc:d6:58:22:
f3:4b:99:15:78:c1:7d:c7:fc:a4:11:f3:34:64:a8:
3b:93:5d:7a:f5:c7:18:35:aa:1a:5b:ae:6c:9d:ce:
4b:bd:af:95:0d:f5:91:ac:fb:b0:d2:7e:3a:21:7f:
48:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D4:31:94:7E:F4:98:C8:42:3B:DA:1E:93:A8:A2:15:75:B2:30:F0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v9QxlH70mMhCO9oek6iiFXWyMPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.179.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:21:f4:e6:0b:27:32:e0:5b:df:59:2f:96:e4:80:e5:79:24:
76:cb:0d:32:2e:44:32:1f:b0:6c:69:19:c9:83:cd:61:b1:b5:
36:95:18:b6:6f:e0:b8:ae:b1:94:b4:5d:05:b4:eb:ef:0e:cc:
4c:33:75:3b:68:22:7c:05:52:0e:27:a6:56:f4:80:21:07:de:
05:12:c9:9b:03:d5:bc:77:16:e0:4b:df:0c:58:69:27:ae:a9:
2e:71:ee:a2:f2:c5:0f:57:a4:54:39:4a:13:bd:71:dd:7f:86:
6d:0d:6b:94:2a:6d:1b:02:37:26:b8:4c:69:d7:9c:ab:eb:27:
af:4a:e7:9b:ff:0c:c1:6b:ec:47:66:6f:fc:92:9c:25:42:64:
68:66:e6:4a:b1:57:b3:f0:17:fb:45:22:bd:ca:0a:a9:19:43:
bc:c2:1c:8b:1a:7f:0f:52:4f:b0:3f:0c:a9:93:0b:43:f7:10:
33:18:ab:96:25:b8:fa:af:12:ca:4e:29:24:d1:1b:04:f2:ac:
51:79:56:43:9c:e8:6c:00:1c:0e:51:0c:58:0b:24:c5:88:b0:
db:34:83:88:3b:78:2c:5f:b5:eb:de:dd:64:eb:23:b6:42:f9:
b9:e6:85:29:02:9d:a4:4f:ba:8a:7b:1d:26:3f:ff:aa:f6:79:
3e:c5:fc:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtCy/28cBe8gJrdQOmftNjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMxMDE4MTIzOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQ0MzE5NDdlZjQ5OGM4NDIzYmRhMWU5M2E4YTIxNTc1YjIzMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH2VwRB28G4ThWhE6HuuqaIHTYuE
nThOTjgFlvX87Py2CM9YynMoPIjoTr5f6WnY5raFXt0cXB81HNW7iAl20Kj8Uo1n
HLtGjpi5E/tlISJtUb5u19VeJYPMnGqzbXlRHDfdjeL23T5D0N1Uobc5FpmTK8nx
Cm7/+S/rPWFatuEdP51uznNlgdPDhx10hND0FyRfA4kklNi0IC+wkK92XvRprhqw
n+ewbYIm6gIB530e6n8JOq8QLG6hnVYj7q8CC3fsKd82nrvjgz/FcrzWWCLzS5kV
eMF9x/ykEfM0ZKg7k1169ccYNaoaW65snc5Lva+VDfWRrPuw0n46IX9IkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/UMZR+9JjIQjvaHpOoohV1sjDwMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdjlReGxINzBtTWhDTzlvZWs2aWlGWFd5TVBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWzMA0G
CSqGSIb3DQEBCwUAA4IBAQBfIfTmCycy4FvfWS+W5IDleSR2yw0yLkQyH7BsaRnJ
g81hsbU2lRi2b+C4rrGUtF0FtOvvDsxMM3U7aCJ8BVIOJ6ZW9IAhB94FEsmbA9W8
dxbgS98MWGknrqkuce6i8sUPV6RUOUoTvXHdf4ZtDWuUKm0bAjcmuExp15yr6yev
Sueb/wzBa+xHZm/8kpwlQmRoZuZKsVez8Bf7RSK9ygqpGUO8whyLGn8PUk+wPwyp
kwtD9xAzGKuWJbj6rxLKTikk0RsE8qxReVZDnOhsABwOUQxYCyTFiLDbNIOIO3gs
X7Xr3t1k6yO2Qvm55oUpAp2kT7qKex0mP/+q9nk+xfy4
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:33 2025 by rpki-client