Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/RcsmWm9u0lcjAafv73t9EuS5hxk.roa
File: RcsmWm9u0lcjAafv73t9EuS5hxk.roa (raw, json)
Hash identifier: bfDAyuFIoEIzw7dyoaIOifCCMzRrdoMyea3G0MJQv8k=
Subject key identifier: 45:CB:26:5A:6F:6E:D2:57:23:01:A7:EF:EF:7B:7D:12:E4:B9:87:19
Certificate issuer: /CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Certificate serial: 01856F4B7D35DAAADD00471D3C521C547A9B
Authority key identifier: 2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/RcsmWm9u0lcjAafv73t9EuS5hxk.roa
Signing time: Sun 01 Jan 2023 21:44:56 +0000
ROA not before: Sun 01 Jan 2023 21:44:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16220
IP address blocks: 89.38.156.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:4b:7d:35:da:aa:dd:00:47:1d:3c:52:1c:54:7a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Validity
Not Before: Jan 1 21:44:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45cb265a6f6ed2572301a7efef7b7d12e4b98719
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1b:b4:91:8a:84:b1:5e:76:47:bb:db:97:4b:
40:ec:cc:d7:a3:8a:22:05:1f:3e:dd:ce:cf:62:40:
92:80:b7:28:05:29:ad:94:63:d8:a4:42:f3:a8:65:
23:37:66:4a:cf:7f:c4:eb:59:7c:84:67:90:7d:35:
3f:1f:8c:9a:0e:80:ed:4f:0e:af:12:e3:e5:f6:cc:
b1:51:56:d4:8d:d1:5e:2b:1f:81:33:22:05:09:5a:
14:78:5a:c7:3e:ec:c5:11:f4:7e:43:b0:ce:0e:c4:
20:4f:ab:7e:d5:6c:76:36:9b:58:e8:d8:52:58:e1:
c0:39:e5:c7:41:7f:20:6b:a8:11:5f:82:63:ff:37:
1e:19:bb:e6:42:0b:d6:f2:db:b8:06:e7:72:ad:0c:
33:d1:f2:ac:f3:4a:13:56:f7:ef:f6:c1:ba:fa:60:
21:9b:08:6f:60:29:8c:ee:43:22:ae:e1:03:3e:e1:
9e:28:4b:64:ee:97:9c:64:40:40:ac:47:9d:f1:da:
d8:89:f8:ad:31:5d:f5:8c:62:67:eb:86:23:cc:26:
55:a6:97:c1:f7:9d:59:ea:bc:93:bf:24:f3:62:ce:
d1:03:65:ff:c1:3c:f3:3e:6a:6c:a6:95:5f:ac:81:
b0:ab:47:d7:58:84:d1:db:1a:98:e7:ed:df:51:97:
2b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:CB:26:5A:6F:6E:D2:57:23:01:A7:EF:EF:7B:7D:12:E4:B9:87:19
X509v3 Authority Key Identifier:
keyid:2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/RcsmWm9u0lcjAafv73t9EuS5hxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.156.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:b4:63:d7:30:ad:84:9f:45:3a:cc:70:e3:aa:f1:86:1f:cd:
b6:5c:03:33:ed:7a:76:f7:e1:e6:b4:f1:c5:8f:ee:de:6a:81:
b0:83:50:a7:e5:f4:3a:c2:09:7d:5f:62:a5:ec:97:c1:27:72:
e7:13:6d:31:6d:19:58:21:51:d0:ef:5c:fa:ec:1a:f3:56:13:
eb:f1:32:b2:94:11:d4:13:96:cd:36:f0:46:08:c7:48:74:7e:
be:8a:51:01:c9:10:71:81:ec:6f:35:19:5e:dc:4f:c7:20:7e:
4c:ea:0a:b7:51:45:ac:4d:06:85:6a:d8:cd:fe:52:a9:db:0b:
5f:27:54:b0:7f:05:4d:c3:20:a2:7e:e3:12:32:a5:f1:df:0b:
6e:10:ef:df:fe:30:35:39:26:ec:21:9f:4e:69:b5:75:c8:1f:
c4:f4:c4:a3:b2:0a:27:59:f5:9d:cd:a7:7b:8b:b7:d2:eb:45:
72:32:18:45:68:0b:1f:83:59:29:a7:c6:e1:42:17:11:8d:52:
5e:d5:b7:8f:ef:fc:e5:c4:f4:6a:d2:af:e7:2e:75:54:31:09:
0b:68:c4:5b:c6:2d:7a:1a:2e:af:7d:90:56:bb:2d:fd:fc:80:
69:17:ed:e5:29:c6:23:61:83:ca:3b:ad:dc:e3:fb:6d:c7:0e:
69:83:ce:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvS3012qrdAEcdPFIcVHqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmIzMzQxM2ZhYTVlNWUxZDI3OWEyYTI1ZmY4MWQ4ZDE1
MzI1ZGYwHhcNMjMwMTAxMjE0NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWNiMjY1YTZmNmVkMjU3MjMwMWE3ZWZlZjdiN2QxMmU0Yjk4NzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxu0kYqEsV52R7vbl0tA7MzXo4oi
BR8+3c7PYkCSgLcoBSmtlGPYpELzqGUjN2ZKz3/E61l8hGeQfTU/H4yaDoDtTw6v
EuPl9syxUVbUjdFeKx+BMyIFCVoUeFrHPuzFEfR+Q7DODsQgT6t+1Wx2NptY6NhS
WOHAOeXHQX8ga6gRX4Jj/zceGbvmQgvW8tu4BudyrQwz0fKs80oTVvfv9sG6+mAh
mwhvYCmM7kMiruEDPuGeKEtk7pecZEBArEed8drYifitMV31jGJn64YjzCZVppfB
951Z6ryTvyTzYs7RA2X/wTzzPmpsppVfrIGwq0fXWITR2xqY5+3fUZcr9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEXLJlpvbtJXIwGn7+97fRLkuYcZMB8GA1UdIwQY
MBaAFC5rM0E/ql5eHSeaKiX/gdjRUyXfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYt
OGRkODFlNGIzZTMzLzEvUmNzbVdtOXUwbGNqQWFmdjczdDlFdVM1aHhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYtOGRkODFlNGIzZTMz
LzEvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSacMA0G
CSqGSIb3DQEBCwUAA4IBAQC0tGPXMK2En0U6zHDjqvGGH822XAMz7Xp29+HmtPHF
j+7eaoGwg1Cn5fQ6wgl9X2Kl7JfBJ3LnE20xbRlYIVHQ71z67BrzVhPr8TKylBHU
E5bNNvBGCMdIdH6+ilEByRBxgexvNRle3E/HIH5M6gq3UUWsTQaFatjN/lKp2wtf
J1SwfwVNwyCifuMSMqXx3wtuEO/f/jA1OSbsIZ9OabV1yB/E9MSjsgonWfWdzad7
i7fS60VyMhhFaAsfg1kpp8bhQhcRjVJe1beP7/zlxPRq0q/nLnVUMQkLaMRbxi16
Gi6vfZBWuy39/IBpF+3lKcYjYYPKO63c4/ttxw5pg87k
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:58 2025 by rpki-client