Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/kwJkutWGLOHh7p6BZp3ENR27IUw.roa
File: kwJkutWGLOHh7p6BZp3ENR27IUw.roa (raw, json)
Hash identifier: mO94LPX5JK8eX4/dhf8KapF89n2cIfdT6vmJFG7ocj8=
Subject key identifier: 93:02:64:BA:D5:86:2C:E1:E1:EE:9E:81:66:9D:C4:35:1D:BB:21:4C
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 01856BEEC161D5728ADF5F1BEA4F3377AEA2
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/kwJkutWGLOHh7p6BZp3ENR27IUw.roa
Signing time: Sun 01 Jan 2023 06:04:47 +0000
ROA not before: Sun 01 Jan 2023 06:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206647
IP address blocks: 89.223.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:ee:c1:61:d5:72:8a:df:5f:1b:ea:4f:33:77:ae:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 1 06:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=930264bad5862ce1e1ee9e81669dc4351dbb214c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d0:21:ea:1d:e3:04:9f:78:25:d9:48:b9:8b:
0b:c1:dc:df:4e:0e:fb:b0:e8:4c:89:45:35:38:93:
60:57:c1:83:73:57:f7:8b:f4:41:0e:6b:65:6b:f7:
f3:38:8e:32:d1:d9:1a:a8:2d:e5:fe:f1:42:eb:5e:
41:7b:a8:26:8f:08:70:e6:9a:6b:71:93:52:1d:4f:
28:58:82:17:7e:2e:8a:8c:32:a5:d8:08:bc:fc:1d:
72:04:56:99:b4:d1:2b:71:aa:c8:cd:d6:7e:3d:8f:
d7:78:f0:ae:b3:e8:96:b7:df:b1:b9:91:be:4a:e4:
bf:c5:5a:fa:65:47:57:62:e6:f7:9d:17:e4:3d:bd:
98:2d:b2:a3:17:48:95:c7:92:5f:d0:36:4a:39:93:
88:e4:21:07:3f:31:0b:c1:94:f9:f9:24:73:92:62:
1d:22:39:10:22:d2:65:5c:f7:78:3e:ff:d8:35:65:
04:db:b0:c9:bd:99:0c:7d:b7:83:65:73:bd:8e:66:
33:f2:bc:04:50:85:b1:fd:d7:a6:14:57:01:6c:08:
87:70:7d:57:f2:3a:2b:eb:c4:b7:84:69:4b:6b:2b:
ef:8b:08:7d:7d:f6:c8:23:76:d0:55:2c:e2:2d:8c:
15:5b:9b:21:d2:4c:f3:d0:05:5a:dd:cf:39:71:38:
b3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:02:64:BA:D5:86:2C:E1:E1:EE:9E:81:66:9D:C4:35:1D:BB:21:4C
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/kwJkutWGLOHh7p6BZp3ENR27IUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.17.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a5:2c:b3:04:ed:41:e6:db:5f:e5:0d:1c:34:75:b8:4e:67:
6b:0f:ca:23:2e:2c:f4:bb:a1:45:4c:1e:2e:6d:e6:6a:32:e8:
30:0b:a3:95:4a:f8:59:0f:b8:59:2b:e5:76:a7:9e:45:42:1e:
98:e5:a4:0d:7f:df:3c:18:3a:5a:98:1c:51:ae:6a:ee:65:c4:
0f:fa:ac:c9:72:5f:9e:4e:eb:6b:06:b7:4c:79:88:e4:6f:5d:
eb:fd:9e:8d:c5:98:af:34:25:32:cc:44:ff:a9:86:62:bb:64:
7a:68:18:57:a1:5d:9c:68:2f:fb:13:5e:3d:5b:c7:64:8f:37:
36:3e:e3:b8:a5:2e:0e:5b:ee:26:8b:a5:00:fb:74:ca:c1:c5:
8e:54:43:2a:58:b9:e0:12:f1:93:3f:5c:0b:12:ed:50:76:f3:
d7:a8:9d:19:6b:b6:02:ba:63:bb:ef:e7:f6:1b:c8:90:5c:d6:
f6:a6:65:bb:ba:3d:6e:20:5d:3e:e5:2c:98:13:47:7f:78:00:
e2:8c:86:3f:37:2e:27:e8:6c:c5:59:24:b1:3c:79:ef:a7:8c:
74:53:92:2f:90:35:2b:a9:30:72:4d:79:bd:ed:cb:17:42:64:
0a:90:8f:09:68:3b:9f:38:c3:90:75:11:22:2d:fc:a0:47:76:
89:40:ba:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr7sFh1XKK318b6k8zd66iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjMwMTAxMDYwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzAyNjRiYWQ1ODYyY2UxZTFlZTllODE2NjlkYzQzNTFkYmIyMTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdAh6h3jBJ94JdlIuYsLwdzfTg77
sOhMiUU1OJNgV8GDc1f3i/RBDmtla/fzOI4y0dkaqC3l/vFC615Be6gmjwhw5ppr
cZNSHU8oWIIXfi6KjDKl2Ai8/B1yBFaZtNErcarIzdZ+PY/XePCus+iWt9+xuZG+
SuS/xVr6ZUdXYub3nRfkPb2YLbKjF0iVx5Jf0DZKOZOI5CEHPzELwZT5+SRzkmId
IjkQItJlXPd4Pv/YNWUE27DJvZkMfbeDZXO9jmYz8rwEUIWx/demFFcBbAiHcH1X
8jor68S3hGlLayvviwh9ffbII3bQVSziLYwVW5sh0kzz0AVa3c85cTizeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMCZLrVhizh4e6egWadxDUduyFMMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEva3dKa3V0V0dMT0hoN3A2QlpwM0VOUjI3SVV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWd8RMA0G
CSqGSIb3DQEBCwUAA4IBAQAWpSyzBO1B5ttf5Q0cNHW4TmdrD8ojLiz0u6FFTB4u
beZqMugwC6OVSvhZD7hZK+V2p55FQh6Y5aQNf988GDpamBxRrmruZcQP+qzJcl+e
TutrBrdMeYjkb13r/Z6NxZivNCUyzET/qYZiu2R6aBhXoV2caC/7E149W8dkjzc2
PuO4pS4OW+4mi6UA+3TKwcWOVEMqWLngEvGTP1wLEu1QdvPXqJ0Za7YCumO77+f2
G8iQXNb2pmW7uj1uIF0+5SyYE0d/eADijIY/Ny4n6GzFWSSxPHnvp4x0U5IvkDUr
qTByTXm97csXQmQKkI8JaDufOMOQdREiLfygR3aJQLrf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:51 2025 by rpki-client