Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/3d78d1-3e0c-4c1a-a141-74e218d4b613/1/nKsmtP5SJZMxKh0g4xe8zwPtxRo.roa
File: nKsmtP5SJZMxKh0g4xe8zwPtxRo.roa (raw, json)
Hash identifier: mcY28bgKiDFzHs6hhH0rbpc5fe8nKY0VkOMXFD66pHc=
Subject key identifier: 9C:AB:26:B4:FE:52:25:93:31:2A:1D:20:E3:17:BC:CF:03:ED:C5:1A
Certificate issuer: /CN=81062dce1a791e7341d5f4259811ab4d65f6b075
Certificate serial: 018570B09191E8CA0F2371EFEEDCF6B09D6A
Authority key identifier: 81:06:2D:CE:1A:79:1E:73:41:D5:F4:25:98:11:AB:4D:65:F6:B0:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQYtzhp5HnNB1fQlmBGrTWX2sHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/3d78d1-3e0c-4c1a-a141-74e218d4b613/1/nKsmtP5SJZMxKh0g4xe8zwPtxRo.roa
Signing time: Mon 02 Jan 2023 04:14:57 +0000
ROA not before: Mon 02 Jan 2023 04:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199189
IP address blocks: 89.22.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:91:91:e8:ca:0f:23:71:ef:ee:dc:f6:b0:9d:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81062dce1a791e7341d5f4259811ab4d65f6b075
Validity
Not Before: Jan 2 04:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9cab26b4fe522593312a1d20e317bccf03edc51a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:61:79:6c:9a:5e:f3:6a:5a:b3:c4:dc:45:7a:
4f:6f:c3:bf:af:b7:3a:2c:fb:b5:bd:7a:0b:c7:dc:
06:4a:69:42:a8:ca:a4:22:00:bf:41:05:38:6f:f1:
3f:87:ab:d0:b8:12:2b:9b:20:4e:7b:c2:12:a9:0d:
bc:cf:41:cc:ee:7d:d1:83:09:5e:8e:d3:cc:c4:33:
79:97:7e:51:9f:8e:87:6c:f5:7a:a1:30:90:92:a2:
9c:2b:27:65:70:7c:72:8a:fb:07:7d:0c:4e:66:09:
ed:97:ef:44:33:d5:5a:7e:fe:8b:9b:92:b2:bb:47:
24:c3:45:4e:39:3d:6a:03:ca:ea:db:15:3b:7b:39:
ff:3f:4a:c6:c2:92:02:bc:65:d8:23:d7:c0:03:69:
08:9e:82:39:f3:0c:de:16:4c:cd:e5:67:68:a3:36:
c6:25:48:b7:76:2c:c4:be:0c:8e:c4:c2:fd:6b:7e:
02:fc:4e:41:ba:df:8f:18:58:c9:85:08:0d:1f:f8:
3e:65:88:07:6c:3e:22:42:b7:18:9f:69:a9:68:d5:
c1:36:89:5f:af:f9:16:72:df:ef:c4:2a:a8:ad:d1:
9d:d8:9a:29:65:2a:79:a4:eb:ca:ab:63:90:d0:cb:
3b:4d:70:15:84:19:40:38:77:eb:8c:98:14:86:49:
07:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:AB:26:B4:FE:52:25:93:31:2A:1D:20:E3:17:BC:CF:03:ED:C5:1A
X509v3 Authority Key Identifier:
keyid:81:06:2D:CE:1A:79:1E:73:41:D5:F4:25:98:11:AB:4D:65:F6:B0:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQYtzhp5HnNB1fQlmBGrTWX2sHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d78d1-3e0c-4c1a-a141-74e218d4b613/1/nKsmtP5SJZMxKh0g4xe8zwPtxRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/3d78d1-3e0c-4c1a-a141-74e218d4b613/1/gQYtzhp5HnNB1fQlmBGrTWX2sHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.49.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:b9:8c:92:8a:6e:f6:8e:12:08:22:d9:a5:c0:a9:59:c8:97:
9c:ee:6e:37:6e:3e:9a:e6:de:af:80:a4:63:bc:88:f0:fd:2b:
9e:5a:f2:ea:ba:33:10:0f:93:ff:d8:7a:ab:dd:dc:cb:19:3b:
73:f6:68:56:b8:69:a0:e0:39:43:43:81:91:93:3b:60:36:8a:
08:22:74:30:d3:e7:ea:31:f5:88:5d:a6:3b:9b:8a:c9:0f:2e:
eb:11:b7:99:d5:f9:e6:2a:ff:5b:e2:c3:aa:0f:76:61:4f:6e:
b9:22:61:43:f4:93:bc:8d:0c:b4:31:dc:8b:db:12:c4:32:d5:
02:47:97:da:64:14:ab:a6:b1:94:87:51:92:f6:bd:8d:6d:36:
fc:2b:af:74:e9:46:af:ea:07:61:80:88:86:4f:08:a6:bc:e5:
de:3c:d4:28:ca:0e:ef:af:3b:fb:a4:c2:b1:1e:1d:c7:4b:d4:
bb:e9:d5:80:5d:1c:d2:42:60:67:42:b5:bf:e9:a6:d7:f3:38:
33:b4:db:58:b8:e0:cd:60:cb:31:64:e2:46:3e:e7:74:3c:74:
cf:f8:58:4f:34:52:3b:c7:18:f0:5b:c3:16:cd:b6:eb:ba:8b:
3b:83:99:5b:b9:0c:b0:1a:6a:b1:10:ce:38:a1:12:8b:4a:b4:
d3:80:2f:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwsJGR6MoPI3Hv7tz2sJ1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMDYyZGNlMWE3OTFlNzM0MWQ1ZjQyNTk4MTFhYjRkNjVm
NmIwNzUwHhcNMjMwMTAyMDQxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2FiMjZiNGZlNTIyNTkzMzEyYTFkMjBlMzE3YmNjZjAzZWRjNTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGF5bJpe82pas8TcRXpPb8O/r7c6
LPu1vXoLx9wGSmlCqMqkIgC/QQU4b/E/h6vQuBIrmyBOe8ISqQ28z0HM7n3Rgwle
jtPMxDN5l35Rn46HbPV6oTCQkqKcKydlcHxyivsHfQxOZgntl+9EM9Vafv6Lm5Ky
u0ckw0VOOT1qA8rq2xU7ezn/P0rGwpICvGXYI9fAA2kInoI58wzeFkzN5WdoozbG
JUi3dizEvgyOxML9a34C/E5But+PGFjJhQgNH/g+ZYgHbD4iQrcYn2mpaNXBNolf
r/kWct/vxCqordGd2JopZSp5pOvKq2OQ0Ms7TXAVhBlAOHfrjJgUhkkHcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJyrJrT+UiWTMSodIOMXvM8D7cUaMB8GA1UdIwQY
MBaAFIEGLc4aeR5zQdX0JZgRq01l9rB1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1FZdHpocDVIbk5CMWZRbG1CR3JUV1gyc0hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8zZDc4ZDEtM2UwYy00YzFhLWExNDEt
NzRlMjE4ZDRiNjEzLzEvbktzbXRQNVNKWk14S2gwZzR4ZTh6d1B0eFJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8zZDc4ZDEtM2UwYy00YzFhLWExNDEtNzRlMjE4ZDRiNjEz
LzEvZ1FZdHpocDVIbk5CMWZRbG1CR3JUV1gyc0hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRYxMA0G
CSqGSIb3DQEBCwUAA4IBAQBvuYySim72jhIIItmlwKlZyJec7m43bj6a5t6vgKRj
vIjw/SueWvLqujMQD5P/2Hqr3dzLGTtz9mhWuGmg4DlDQ4GRkztgNooIInQw0+fq
MfWIXaY7m4rJDy7rEbeZ1fnmKv9b4sOqD3ZhT265ImFD9JO8jQy0MdyL2xLEMtUC
R5faZBSrprGUh1GS9r2NbTb8K6906Uav6gdhgIiGTwimvOXePNQoyg7vrzv7pMKx
Hh3HS9S76dWAXRzSQmBnQrW/6abX8zgztNtYuODNYMsxZOJGPud0PHTP+FhPNFI7
xxjwW8MWzbbruos7g5lbuQywGmqxEM44oRKLSrTTgC++
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:41:22 2025 by rpki-client