Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zxxkFK7WsqCq-mNrl5hoPTHDuYk.roa
File: zxxkFK7WsqCq-mNrl5hoPTHDuYk.roa (raw, json)
Hash identifier: kaKiuoWq2sQnX8i4NB0K+vTNSUhJf7JMqIWkVkXxKRo=
Subject key identifier: CF:1C:64:14:AE:D6:B2:A0:AA:FA:63:6B:97:98:68:3D:31:C3:B9:89
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01894059290E3C4B8673B35B20E852DC2F9A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zxxkFK7WsqCq-mNrl5hoPTHDuYk.roa
Signing time: Mon 10 Jul 2023 15:08:52 +0000
ROA not before: Mon 10 Jul 2023 15:08:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197860
IP address blocks: 89.213.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:40:59:29:0e:3c:4b:86:73:b3:5b:20:e8:52:dc:2f:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 10 15:08:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf1c6414aed6b2a0aafa636b9798683d31c3b989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:26:65:90:4e:79:3b:c0:2f:cd:d0:f2:54:cc:
f9:4a:41:4e:6c:69:89:4b:4d:9d:d0:b4:3a:f0:f2:
fe:74:12:18:55:19:85:f0:ce:4d:ea:a6:d3:82:57:
42:c3:db:3d:28:8f:22:59:b6:5c:de:2f:71:a0:af:
3e:1e:65:b4:be:2c:fa:c3:4c:88:ed:cd:12:e0:f7:
5f:64:41:31:64:9d:d3:22:85:4e:62:2c:4b:7b:1c:
6b:e5:52:44:2d:bc:d8:32:26:03:b0:9f:d2:fb:21:
bb:de:11:02:59:1e:0d:c2:0e:7d:54:77:d5:69:ca:
08:72:dc:57:3f:ab:f6:e5:81:8c:77:6e:9d:7c:f5:
51:8d:1d:b8:4b:4b:97:50:7c:53:6f:25:17:d9:2d:
6b:68:fc:ba:56:3f:43:6f:66:aa:85:8a:78:50:db:
04:d0:fa:e6:1a:4a:7a:5d:61:40:4b:1f:d2:21:4e:
8a:18:53:93:70:9c:5e:37:b8:61:8e:17:ab:58:5c:
f6:f7:13:b5:59:52:0b:4b:dc:ce:3b:9e:20:e3:65:
6b:2f:8b:20:2b:89:21:ad:40:f7:2b:a6:b1:77:38:
a7:37:3a:2c:af:a4:4b:a2:dd:fe:79:96:77:f1:85:
e3:32:18:33:2e:ce:e6:b5:b3:3f:7d:18:6b:70:58:
e6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:1C:64:14:AE:D6:B2:A0:AA:FA:63:6B:97:98:68:3D:31:C3:B9:89
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zxxkFK7WsqCq-mNrl5hoPTHDuYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.166.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:d4:8b:fe:0b:0c:02:b0:2c:6a:e3:c2:8c:34:71:27:b3:4b:
db:c0:af:1f:75:f2:15:bc:8a:29:f9:ae:f5:b5:81:eb:f4:cc:
4a:7f:3a:9d:d0:29:d8:fc:0a:15:c7:95:18:33:dc:55:ca:10:
70:a0:5a:9e:e2:50:5e:60:7d:78:31:34:e5:d8:76:69:c2:d4:
6e:15:be:3f:85:a7:5e:3d:9f:c6:0d:37:33:80:c1:b5:d7:df:
f9:bb:98:b5:24:64:1d:b1:78:d3:b2:7f:2a:40:65:01:3e:94:
27:d3:0b:b8:3b:e4:f6:91:5d:7c:48:c7:57:3f:0d:a2:df:a2:
38:c0:70:53:f0:c8:b3:2a:5a:09:9d:c5:46:c7:6b:7d:98:0c:
b0:7f:81:cf:18:38:a5:4e:ec:4e:69:3c:16:8e:17:9c:c7:c7:
94:40:5c:df:9e:c5:1f:76:4b:d1:3d:7c:14:6d:92:f1:97:a3:
08:eb:06:42:14:24:d9:bb:99:c8:a6:e3:83:b3:50:fc:d8:f3:
18:85:81:7e:24:33:75:49:0c:cf:a2:3a:3f:f5:04:1c:b5:4b:
d3:03:07:72:95:19:d1:d8:6a:ef:97:7c:a3:49:fa:d8:b2:ad:
35:27:7b:1d:5a:a3:f2:47:c2:4a:c3:cd:b2:27:07:b0:45:eb:
50:2d:a6:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlAWSkOPEuGc7NbIOhS3C+aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNzEwMTUwODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjFjNjQxNGFlZDZiMmEwYWFmYTYzNmI5Nzk4NjgzZDMxYzNiOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCZlkE55O8AvzdDyVMz5SkFObGmJ
S02d0LQ68PL+dBIYVRmF8M5N6qbTgldCw9s9KI8iWbZc3i9xoK8+HmW0viz6w0yI
7c0S4PdfZEExZJ3TIoVOYixLexxr5VJELbzYMiYDsJ/S+yG73hECWR4Nwg59VHfV
acoIctxXP6v25YGMd26dfPVRjR24S0uXUHxTbyUX2S1raPy6Vj9Db2aqhYp4UNsE
0PrmGkp6XWFASx/SIU6KGFOTcJxeN7hhjherWFz29xO1WVILS9zOO54g42VrL4sg
K4khrUD3K6axdzinNzosr6RLot3+eZZ38YXjMhgzLs7mtbM/fRhrcFjmwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8cZBSu1rKgqvpja5eYaD0xw7mJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvenh4a0ZLN1dzcUNxLW1Ocmw1aG9QVEhEdVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWmMA0G
CSqGSIb3DQEBCwUAA4IBAQBP1Iv+CwwCsCxq48KMNHEns0vbwK8fdfIVvIop+a71
tYHr9MxKfzqd0CnY/AoVx5UYM9xVyhBwoFqe4lBeYH14MTTl2HZpwtRuFb4/hade
PZ/GDTczgMG119/5u5i1JGQdsXjTsn8qQGUBPpQn0wu4O+T2kV18SMdXPw2i36I4
wHBT8MizKloJncVGx2t9mAywf4HPGDilTuxOaTwWjhecx8eUQFzfnsUfdkvRPXwU
bZLxl6MI6wZCFCTZu5nIpuODs1D82PMYhYF+JDN1SQzPojo/9QQctUvTAwdylRnR
2Grvl3yjSfrYsq01J3sdWqPyR8JKw82yJwewRetQLabd
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:58 2025 by rpki-client