Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/KLhI3noQZfCPtWuy4pMsMjRUQgs.roa
File: KLhI3noQZfCPtWuy4pMsMjRUQgs.roa (raw, json)
Hash identifier: 9AXFf3WGj82w09jfn/I5h9oDZV0KABkE1Yg147HzV14=
Subject key identifier: 28:B8:48:DE:7A:10:65:F0:8F:B5:6B:B2:E2:93:2C:32:34:54:42:0B
Certificate issuer: /CN=e482fd07e20d406ea4152e492b000e554ebfcc80
Certificate serial: 01856DCAE6C8C5ED2280A6D03DD22E5877B7
Authority key identifier: E4:82:FD:07:E2:0D:40:6E:A4:15:2E:49:2B:00:0E:55:4E:BF:CC:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5IL9B-INQG6kFS5JKwAOVU6_zIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/KLhI3noQZfCPtWuy4pMsMjRUQgs.roa
Signing time: Sun 01 Jan 2023 14:44:51 +0000
ROA not before: Sun 01 Jan 2023 14:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41625
IP address blocks: 89.31.240.0/21 maxlen: 21
89.31.242.0/24 maxlen: 24
2a00:8900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:ca:e6:c8:c5:ed:22:80:a6:d0:3d:d2:2e:58:77:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e482fd07e20d406ea4152e492b000e554ebfcc80
Validity
Not Before: Jan 1 14:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=28b848de7a1065f08fb56bb2e2932c323454420b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6a:9e:b1:ed:ea:9e:f1:39:a9:ae:8f:c6:82:
c9:84:fe:da:b4:ad:7c:4e:de:1f:5a:3e:52:99:bb:
d7:59:8f:92:4c:da:a2:d8:90:73:69:a8:bf:d3:91:
fa:88:b6:09:b1:5e:9d:46:6f:d0:dc:1a:2e:23:0e:
81:63:12:74:ff:eb:82:5a:8f:35:ac:c7:b5:a7:12:
f1:7f:c2:0b:7e:bf:bc:3a:54:56:ba:ae:b3:9b:db:
1b:d2:73:47:4b:c1:33:9f:22:1d:d2:bc:8f:45:15:
7b:e3:b8:ee:85:37:33:db:c6:cf:52:10:a6:9c:ed:
70:72:4f:19:4e:8a:b0:5a:08:77:54:fc:6a:c4:92:
ee:30:e3:c9:2d:2a:f5:73:82:ed:92:0a:b9:8a:cb:
fd:99:fa:32:e1:11:47:69:79:60:7f:96:16:83:28:
19:db:99:03:42:9f:33:4e:84:3a:a5:18:4a:0f:2b:
0c:36:9b:1e:44:f1:89:a6:89:53:22:ab:15:b2:d8:
77:a8:b3:cd:42:0b:df:fb:ce:3e:80:39:a3:8b:59:
49:d0:1e:ae:7c:f0:45:24:b9:f5:b5:ec:e0:76:3e:
0d:4f:b1:0c:e6:90:a0:9e:32:c7:b6:d8:a4:98:3d:
03:76:73:97:0e:30:f5:a4:8f:f6:2c:17:1f:5a:26:
6d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B8:48:DE:7A:10:65:F0:8F:B5:6B:B2:E2:93:2C:32:34:54:42:0B
X509v3 Authority Key Identifier:
keyid:E4:82:FD:07:E2:0D:40:6E:A4:15:2E:49:2B:00:0E:55:4E:BF:CC:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5IL9B-INQG6kFS5JKwAOVU6_zIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/KLhI3noQZfCPtWuy4pMsMjRUQgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/5IL9B-INQG6kFS5JKwAOVU6_zIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.240.0/21
IPv6:
2a00:8900::/32
Signature Algorithm: sha256WithRSAEncryption
4a:4e:d3:30:f2:1b:22:05:01:e8:cb:ad:8e:e1:df:97:a3:48:
03:90:8e:7c:3d:88:0b:53:f8:a8:38:92:e3:36:11:81:de:9d:
4d:83:f7:c8:cf:10:ed:f3:21:e2:d5:75:d1:6c:14:24:e2:10:
0c:7a:1e:bb:1e:8c:31:44:dc:7d:91:9c:c8:d4:bc:63:a4:ed:
7f:10:35:4e:92:18:aa:9e:49:74:62:92:0f:66:4d:03:69:53:
4c:60:c0:01:5f:59:50:e6:cd:6e:61:a1:f5:f0:07:38:2f:8f:
10:6f:57:bf:be:83:52:38:74:87:21:a9:a5:22:bd:96:15:9c:
2b:10:fb:6d:16:03:1f:e2:68:b8:dd:74:c3:c4:19:3c:7b:22:
e4:bc:2f:23:37:d2:e0:f4:15:79:dc:a4:bd:8c:75:60:a3:e8:
b5:be:13:95:20:21:b6:c0:53:80:a8:11:39:72:57:83:f3:9a:
b1:30:b1:e9:e0:45:42:b6:03:cc:45:a4:8e:4b:91:c2:0f:31:
7e:bc:82:35:50:8f:74:0b:46:ec:b9:27:f7:60:cb:0f:34:b0:
8f:db:fb:75:97:34:68:0c:a9:15:fa:17:ff:8b:f1:99:42:63:
8a:33:4d:c3:c8:57:61:d1:5a:85:a0:b3:75:b3:6c:b7:d1:b5:
6f:7c:78:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtyubIxe0igKbQPdIuWHe3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ODJmZDA3ZTIwZDQwNmVhNDE1MmU0OTJiMDAwZTU1NGVi
ZmNjODAwHhcNMjMwMTAxMTQ0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGI4NDhkZTdhMTA2NWYwOGZiNTZiYjJlMjkzMmMzMjM0NTQ0MjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGqese3qnvE5qa6PxoLJhP7atK18
Tt4fWj5SmbvXWY+STNqi2JBzaai/05H6iLYJsV6dRm/Q3BouIw6BYxJ0/+uCWo81
rMe1pxLxf8ILfr+8OlRWuq6zm9sb0nNHS8EznyId0ryPRRV747juhTcz28bPUhCm
nO1wck8ZToqwWgh3VPxqxJLuMOPJLSr1c4Ltkgq5isv9mfoy4RFHaXlgf5YWgygZ
25kDQp8zToQ6pRhKDysMNpseRPGJpolTIqsVsth3qLPNQgvf+84+gDmji1lJ0B6u
fPBFJLn1tezgdj4NT7EM5pCgnjLHttikmD0DdnOXDjD1pI/2LBcfWiZtlwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCi4SN56EGXwj7VrsuKTLDI0VEILMB8GA1UdIwQY
MBaAFOSC/QfiDUBupBUuSSsADlVOv8yAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUlMOUItSU5RRzZrRlM1Skt3QU9WVTZfeklBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9mN2E4N2EtYzE4NC00OTA0LTk0ZTMt
MjY4NTk4NmY2ZDAxLzEvS0xoSTNub1FaZkNQdFd1eTRwTXNNalJVUWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9mN2E4N2EtYzE4NC00OTA0LTk0ZTMtMjY4NTk4NmY2ZDAx
LzEvNUlMOUItSU5RRzZrRlM1Skt3QU9WVTZfeklBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWR/wMA0E
AgACMAcDBQAqAIkAMA0GCSqGSIb3DQEBCwUAA4IBAQBKTtMw8hsiBQHoy62O4d+X
o0gDkI58PYgLU/ioOJLjNhGB3p1Ng/fIzxDt8yHi1XXRbBQk4hAMeh67HowxRNx9
kZzI1LxjpO1/EDVOkhiqnkl0YpIPZk0DaVNMYMABX1lQ5s1uYaH18Ac4L48Qb1e/
voNSOHSHIamlIr2WFZwrEPttFgMf4mi43XTDxBk8eyLkvC8jN9Lg9BV53KS9jHVg
o+i1vhOVICG2wFOAqBE5cleD85qxMLHp4EVCtgPMRaSOS5HCDzF+vII1UI90C0bs
uSf3YMsPNLCP2/t1lzRoDKkV+hf/i/GZQmOKM03DyFdh0VqFoLN1s2y30bVvfHh+
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:43 2025 by rpki-client