Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/9KgHNJahIKegdB9C07T-yfuND68.roa
File: 9KgHNJahIKegdB9C07T-yfuND68.roa (raw, json)
Hash identifier: LH9U+5iX2sgX6+Jzdheto7/6JOj4N1Rlam1xdkrQ6/I=
Subject key identifier: F4:A8:07:34:96:A1:20:A7:A0:74:1F:42:D3:B4:FE:C9:FB:8D:0F:AF
Certificate issuer: /CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Certificate serial: 01849B235368AF902811625F8BEA6E32BD99
Authority key identifier: C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/9KgHNJahIKegdB9C07T-yfuND68.roa
Signing time: Mon 21 Nov 2022 17:01:34 +0000
ROA not before: Mon 21 Nov 2022 17:01:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 89.204.240.0/20 maxlen: 24
95.83.196.0/22 maxlen: 24
95.83.196.0/23 maxlen: 24
89.204.160.0/20 maxlen: 24
95.83.229.0/24 maxlen: 24
92.251.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9b:23:53:68:af:90:28:11:62:5f:8b:ea:6e:32:bd:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1acf260d23263a7c6bb6c59c19eebc6759b60be
Validity
Not Before: Nov 21 17:01:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4a8073496a120a7a0741f42d3b4fec9fb8d0faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d0:10:fd:aa:39:72:43:eb:e1:c8:94:9c:6d:
67:93:1f:88:08:26:26:83:a7:76:79:99:84:60:be:
a8:03:00:8e:41:28:e0:c9:c2:33:1e:ab:ab:62:07:
cf:a2:ac:c7:97:f1:58:de:a9:89:c0:fa:cd:ec:cc:
35:ae:17:b6:5e:8e:03:b0:7b:d5:7a:33:50:43:1b:
05:e8:0e:1a:1d:0a:9b:39:d9:64:ed:4f:59:86:13:
5a:82:9f:e2:6a:62:68:56:6e:e3:2f:96:13:e7:e7:
16:a2:14:25:cd:21:82:76:a1:39:ec:16:33:54:50:
2c:c4:82:43:43:39:0a:88:5f:3a:aa:ea:d4:a0:0c:
01:97:fa:e7:e5:fd:3b:92:de:29:9b:06:c0:e9:db:
ad:91:a8:97:aa:f1:11:16:29:c0:38:af:f6:e0:ee:
b2:f8:26:43:60:34:9d:12:29:f9:63:f9:0c:73:c3:
dd:ee:ca:f2:1f:57:d0:1f:45:85:35:3b:43:60:b0:
5e:a9:70:a1:5b:51:d6:0b:31:97:8f:2c:1f:e3:32:
10:b0:0b:ad:14:2c:29:82:06:d8:4a:20:bd:33:0a:
0b:39:f0:fa:bb:53:de:de:28:5c:b4:bd:26:2d:09:
8c:02:f1:7c:a9:47:94:ea:7c:23:b4:54:e2:74:1b:
3a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A8:07:34:96:A1:20:A7:A0:74:1F:42:D3:B4:FE:C9:FB:8D:0F:AF
X509v3 Authority Key Identifier:
keyid:C1:AC:F2:60:D2:32:63:A7:C6:BB:6C:59:C1:9E:EB:C6:75:9B:60:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wazyYNIyY6fGu2xZwZ7rxnWbYL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/9KgHNJahIKegdB9C07T-yfuND68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/d0c17a-19b7-4142-b941-ffd646d05f67/1/wazyYNIyY6fGu2xZwZ7rxnWbYL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.204.160.0/20
89.204.240.0/20
92.251.240.0/21
95.83.196.0/22
95.83.229.0/24
Signature Algorithm: sha256WithRSAEncryption
14:4f:a5:8b:c9:91:79:9b:eb:2f:1d:6e:2b:c6:2a:84:bb:6c:
89:3b:3e:b7:e5:46:ac:e4:6f:04:57:f5:4a:f2:5a:e5:44:31:
23:03:69:5c:e7:37:f9:59:a3:4a:ca:b4:31:62:c0:c7:71:8f:
35:d4:19:3f:64:84:09:10:ed:0d:8e:f0:6b:ca:4f:2c:3a:fb:
93:4d:46:64:8c:bb:d1:e7:e7:aa:db:44:85:54:fc:52:2e:42:
a6:87:0c:8d:f5:19:8d:46:16:46:19:5d:8e:3f:d3:73:07:ba:
3e:e0:22:e0:7a:05:10:d1:ba:a6:bb:10:00:b7:ad:14:10:a6:
53:42:44:04:47:61:43:1e:77:64:bc:e5:29:29:fe:26:aa:4f:
b0:d5:54:a0:68:03:8f:1a:bc:3f:66:e3:9c:4e:c6:fd:8b:a1:
27:eb:39:64:62:62:38:27:0d:17:49:d2:b3:c6:cc:e9:c2:82:
56:ec:b4:92:7e:2c:8e:57:fa:41:42:e0:04:c4:bf:b2:a5:33:
36:0f:49:02:a1:8a:c8:f5:4f:03:74:c4:12:ee:1c:f5:93:29:
0a:63:33:af:17:1f:cd:03:b7:22:43:bf:ed:a0:6d:69:83:a5:
cd:e1:92:86:56:40:00:a5:d2:b0:82:8a:68:e1:96:9e:a5:3a:
8b:6f:fe:b0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYSbI1Nor5AoEWJfi+puMr2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYWNmMjYwZDIzMjYzYTdjNmJiNmM1OWMxOWVlYmM2NzU5
YjYwYmUwHhcNMjIxMTIxMTcwMTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGE4MDczNDk2YTEyMGE3YTA3NDFmNDJkM2I0ZmVjOWZiOGQwZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtAQ/ao5ckPr4ciUnG1nkx+ICCYm
g6d2eZmEYL6oAwCOQSjgycIzHqurYgfPoqzHl/FY3qmJwPrN7Mw1rhe2Xo4DsHvV
ejNQQxsF6A4aHQqbOdlk7U9ZhhNagp/iamJoVm7jL5YT5+cWohQlzSGCdqE57BYz
VFAsxIJDQzkKiF86qurUoAwBl/rn5f07kt4pmwbA6dutkaiXqvERFinAOK/24O6y
+CZDYDSdEin5Y/kMc8Pd7sryH1fQH0WFNTtDYLBeqXChW1HWCzGXjywf4zIQsAut
FCwpggbYSiC9MwoLOfD6u1Pe3ihctL0mLQmMAvF8qUeU6nwjtFTidBs6ewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPSoBzSWoSCnoHQfQtO0/sn7jQ+vMB8GA1UdIwQY
MBaAFMGs8mDSMmOnxrtsWcGe68Z1m2C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEt
ZmZkNjQ2ZDA1ZjY3LzEvOUtnSE5KYWhJS2VnZEI5QzA3VC15ZnVORDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9kMGMxN2EtMTliNy00MTQyLWI5NDEtZmZkNjQ2ZDA1ZjY3
LzEvd2F6eVlOSXlZNmZHdTJ4WndaN3J4bldiWUw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEWcygAwQE
WczwAwQDXPvwAwQCX1PEAwQAX1PlMA0GCSqGSIb3DQEBCwUAA4IBAQAUT6WLyZF5
m+svHW4rxiqEu2yJOz635Uas5G8EV/VK8lrlRDEjA2lc5zf5WaNKyrQxYsDHcY81
1Bk/ZIQJEO0NjvBryk8sOvuTTUZkjLvR5+eq20SFVPxSLkKmhwyN9RmNRhZGGV2O
P9NzB7o+4CLgegUQ0bqmuxAAt60UEKZTQkQER2FDHndkvOUpKf4mqk+w1VSgaAOP
Grw/ZuOcTsb9i6En6zlkYmI4Jw0XSdKzxszpwoJW7LSSfiyOV/pBQuAExL+ypTM2
D0kCoYrI9U8DdMQS7hz1kykKYzOvFx/NA7ciQ7/toG1pg6XN4ZKGVkAApdKwgopo
4ZaepTqLb/6w
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:59:42 2025 by rpki-client