Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/z3MMovaWp_gBUcJ9NHl8YiA3M70.roa
File: z3MMovaWp_gBUcJ9NHl8YiA3M70.roa (raw, json)
Hash identifier: HK1v8LsN8D+gg0WefIMvRYdVFNbbXMW9UOhFtNavVMA=
Subject key identifier: CF:73:0C:A2:F6:96:A7:F8:01:51:C2:7D:34:79:7C:62:20:37:33:BD
Certificate issuer: /CN=e6d17b13653ff1e3e7822eb1e5e0a17f4d4f7881
Certificate serial: 01857335C593E92114EAFF460C0283362B25
Authority key identifier: E6:D1:7B:13:65:3F:F1:E3:E7:82:2E:B1:E5:E0:A1:7F:4D:4F:78:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5tF7E2U_8ePngi6x5eChf01PeIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/z3MMovaWp_gBUcJ9NHl8YiA3M70.roa
Signing time: Mon 02 Jan 2023 15:59:41 +0000
ROA not before: Mon 02 Jan 2023 15:59:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57031
IP address blocks: 89.22.2.0/24 maxlen: 24
89.22.4.0/24 maxlen: 24
89.22.0.0/24 maxlen: 24
89.22.3.0/24 maxlen: 24
89.22.6.0/24 maxlen: 24
89.22.5.0/24 maxlen: 24
89.22.7.0/24 maxlen: 24
2001:67c:7c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:35:c5:93:e9:21:14:ea:ff:46:0c:02:83:36:2b:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6d17b13653ff1e3e7822eb1e5e0a17f4d4f7881
Validity
Not Before: Jan 2 15:59:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf730ca2f696a7f80151c27d34797c62203733bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b2:55:80:9d:05:cd:5c:ff:ce:5a:68:f4:4c:
33:0d:9c:a4:4a:66:a7:f1:4c:b5:9f:dc:38:0b:41:
2b:58:ab:7e:fd:29:34:04:d6:5a:02:2f:19:a0:2a:
86:5b:78:a5:9b:79:e0:f7:bd:d1:92:0e:23:04:38:
d4:3e:b2:67:f2:e9:6c:7d:45:d6:ad:66:ef:9b:20:
4d:6f:53:0f:44:26:6c:62:30:24:24:cb:73:9c:1d:
61:6c:9c:93:f8:9b:dc:db:6d:90:6e:9c:7d:d1:ca:
69:62:b0:47:ef:c1:f7:8f:70:9d:3e:58:c1:a1:28:
9c:23:ed:48:73:03:84:38:b0:d7:c9:b1:bf:24:83:
39:b3:5d:8c:29:51:cf:ee:59:f4:92:97:18:1c:28:
d9:48:d4:30:e9:f9:18:8a:a6:bd:fc:40:5f:29:0c:
f4:a0:db:19:8d:ee:f2:1d:4b:c9:57:7d:83:cf:b5:
c4:70:08:2f:79:3b:60:c9:37:2f:a5:0e:9c:a0:a5:
4a:00:f9:e3:6d:ac:6b:12:12:74:8b:a4:a0:54:26:
e2:09:e5:02:f0:4f:3a:b7:62:1e:ad:36:2f:57:bf:
15:6a:b4:1b:d6:23:7c:94:86:a7:58:e4:34:b3:a2:
ed:27:64:15:73:3c:c8:e4:34:bd:79:c9:3c:02:45:
43:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:73:0C:A2:F6:96:A7:F8:01:51:C2:7D:34:79:7C:62:20:37:33:BD
X509v3 Authority Key Identifier:
keyid:E6:D1:7B:13:65:3F:F1:E3:E7:82:2E:B1:E5:E0:A1:7F:4D:4F:78:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5tF7E2U_8ePngi6x5eChf01PeIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/z3MMovaWp_gBUcJ9NHl8YiA3M70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/884e3e-7b53-475c-861f-6acd581d4b0f/1/5tF7E2U_8ePngi6x5eChf01PeIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.0.0/24
89.22.2.0-89.22.7.255
IPv6:
2001:67c:7c2::/48
Signature Algorithm: sha256WithRSAEncryption
90:e7:0d:ca:91:ea:a2:f1:f3:56:c8:66:cb:a2:84:24:2b:a8:
74:1e:98:ed:4c:41:a1:32:9b:6a:de:cc:7c:fb:f7:51:ee:cb:
9d:6a:4d:c2:16:03:87:81:c6:e5:5c:6d:9b:19:52:13:40:cd:
81:49:e3:28:37:15:57:01:50:83:ae:49:1d:1a:dd:e7:86:d1:
d8:9e:2b:00:1f:b2:fe:f6:54:25:b6:ff:1a:35:2b:66:df:9f:
0c:27:8b:0c:9f:44:91:d0:f8:bc:64:af:c4:9f:34:ca:a9:35:
5f:06:8e:c0:82:06:72:4a:52:b5:b7:3a:db:33:65:2e:4b:fb:
ff:92:dc:bf:4b:d2:69:fe:cb:7b:09:7b:97:86:81:30:01:17:
fb:95:75:89:cf:11:d5:4d:75:66:e6:ba:17:aa:53:80:48:96:
f5:8f:9c:b4:d8:06:5f:7b:7d:a3:85:e2:22:90:6f:27:b3:9e:
cb:d0:62:c9:d9:cc:91:6c:cd:ec:c6:fb:c0:25:e7:8f:75:96:
43:32:04:6a:46:65:7d:cd:75:c0:2a:94:7e:a0:01:62:e5:7b:
eb:9d:6c:47:54:e2:1b:40:85:3e:18:3d:b4:bc:f3:42:0a:a5:
fb:58:a0:61:2f:68:d4:76:c0:be:32:5d:c3:00:59:7d:65:56:
87:b9:e6:03
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYVzNcWT6SEU6v9GDAKDNislMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZDE3YjEzNjUzZmYxZTNlNzgyMmViMWU1ZTBhMTdmNGQ0
Zjc4ODEwHhcNMjMwMTAyMTU1OTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjczMGNhMmY2OTZhN2Y4MDE1MWMyN2QzNDc5N2M2MjIwMzczM2JkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLJVgJ0FzVz/zlpo9EwzDZykSman
8Uy1n9w4C0ErWKt+/Sk0BNZaAi8ZoCqGW3ilm3ng973Rkg4jBDjUPrJn8ulsfUXW
rWbvmyBNb1MPRCZsYjAkJMtznB1hbJyT+Jvc222Qbpx90cppYrBH78H3j3CdPljB
oSicI+1IcwOEOLDXybG/JIM5s12MKVHP7ln0kpcYHCjZSNQw6fkYiqa9/EBfKQz0
oNsZje7yHUvJV32Dz7XEcAgveTtgyTcvpQ6coKVKAPnjbaxrEhJ0i6SgVCbiCeUC
8E86t2IerTYvV78VarQb1iN8lIanWOQ0s6LtJ2QVczzI5DS9eck8AkVD/wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFM9zDKL2lqf4AVHCfTR5fGIgNzO9MB8GA1UdIwQY
MBaAFObRexNlP/Hj54IuseXgoX9NT3iBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXRGN0UyVV84ZVBuZ2k2eDVlQ2hmMDFQZUlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ODRlM2UtN2I1My00NzVjLTg2MWYt
NmFjZDU4MWQ0YjBmLzEvejNNTW92YVdwX2dCVWNKOU5IbDhZaUEzTTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ODRlM2UtN2I1My00NzVjLTg2MWYtNmFjZDU4MWQ0YjBm
LzEvNXRGN0UyVV84ZVBuZ2k2eDVlQ2hmMDFQZUlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAWRYAMAwD
BAFZFgIDBANZFgAwDwQCAAIwCQMHACABBnwHwjANBgkqhkiG9w0BAQsFAAOCAQEA
kOcNypHqovHzVshmy6KEJCuodB6Y7UxBoTKbat7MfPv3Ue7LnWpNwhYDh4HG5Vxt
mxlSE0DNgUnjKDcVVwFQg65JHRrd54bR2J4rAB+y/vZUJbb/GjUrZt+fDCeLDJ9E
kdD4vGSvxJ80yqk1XwaOwIIGckpStbc62zNlLkv7/5Lcv0vSaf7Lewl7l4aBMAEX
+5V1ic8R1U11Zua6F6pTgEiW9Y+ctNgGX3t9o4XiIpBvJ7Oey9BiydnMkWzN7Mb7
wCXnj3WWQzIEakZlfc11wCqUfqABYuV7651sR1TiG0CFPhg9tLzzQgql+1igYS9o
1HbAvjJdwwBZfWVWh7nmAw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:10 2025 by rpki-client