Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/P9ynofgfm_8l4sIsgfKCu0wt4Hw.roa
File: P9ynofgfm_8l4sIsgfKCu0wt4Hw.roa (raw, json)
Hash identifier: 57zhBi8mcCMTIwALpWLhpnBOxGby10NPuBL1biHV1BU=
Subject key identifier: 3F:DC:A7:A1:F8:1F:9B:FF:25:E2:C2:2C:81:F2:82:BB:4C:2D:E0:7C
Certificate issuer: /CN=a7f66522f403d8c994a484682870799417ce1e81
Certificate serial: 01895B3A40C66B6E678F94E31AA05965F50B
Authority key identifier: A7:F6:65:22:F4:03:D8:C9:94:A4:84:68:28:70:79:94:17:CE:1E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/P9ynofgfm_8l4sIsgfKCu0wt4Hw.roa
Signing time: Sat 15 Jul 2023 20:24:51 +0000
ROA not before: Sat 15 Jul 2023 20:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60815
IP address blocks: 185.89.90.0/24 maxlen: 24
185.89.90.0/23 maxlen: 23
185.89.89.0/24 maxlen: 24
185.89.88.0/24 maxlen: 24
185.89.88.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:5b:3a:40:c6:6b:6e:67:8f:94:e3:1a:a0:59:65:f5:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7f66522f403d8c994a484682870799417ce1e81
Validity
Not Before: Jul 15 20:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fdca7a1f81f9bff25e2c22c81f282bb4c2de07c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b4:d6:33:a8:11:e8:a5:2b:1a:d5:84:a9:b9:
88:5f:ef:46:7a:e2:e6:25:93:24:67:1b:73:12:aa:
dd:09:38:a5:87:81:05:a4:aa:e7:cd:5e:13:8c:96:
33:4f:88:46:09:64:47:20:8a:51:82:a2:23:0a:a6:
ba:48:6b:cb:ac:57:f6:91:56:36:2c:9b:bc:77:07:
fb:5a:10:8d:f6:e6:63:d7:97:d2:aa:1e:dc:28:78:
f6:6e:93:65:3a:a2:97:c1:ed:42:b1:fe:62:bb:3e:
26:45:0c:81:a6:86:9a:64:f5:a0:cc:d7:e8:b0:db:
9f:3a:3a:7b:7a:9f:5d:10:10:0d:2e:19:00:07:0f:
e1:53:66:a8:e4:25:1e:77:30:ab:ef:52:4e:22:d8:
93:cc:06:e2:53:e3:02:24:d6:48:ca:4b:13:b5:bd:
85:1b:8e:73:e2:da:c0:6e:73:27:96:b7:d7:9f:c9:
38:22:41:39:2b:93:a5:40:45:81:8b:3e:3c:33:30:
3b:d2:50:3b:48:4b:b8:ab:af:c4:6f:3f:c9:7d:51:
e6:79:6b:fc:3b:4d:d3:d2:ee:aa:08:49:b1:a5:8c:
51:0a:8f:be:ed:48:7c:ff:8a:e1:c5:20:15:57:87:
e9:ab:92:7a:b8:99:2b:0c:a7:b5:f8:53:d7:af:b2:
c6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DC:A7:A1:F8:1F:9B:FF:25:E2:C2:2C:81:F2:82:BB:4C:2D:E0:7C
X509v3 Authority Key Identifier:
keyid:A7:F6:65:22:F4:03:D8:C9:94:A4:84:68:28:70:79:94:17:CE:1E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/P9ynofgfm_8l4sIsgfKCu0wt4Hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/52d0fe-cc6e-41d9-9643-c5d360fcdf0e/1/p_ZlIvQD2MmUpIRoKHB5lBfOHoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.88.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:d1:5e:f5:31:e8:f9:fc:fd:67:3f:50:5a:ca:23:47:aa:4c:
9f:e5:4a:06:e6:70:e0:5f:2a:88:cd:b3:b2:76:92:d4:a8:a3:
ca:6f:23:18:31:0a:d4:54:a4:33:3b:29:7c:ea:55:b4:28:d6:
c7:d0:a9:64:9b:60:d8:b6:50:ac:af:29:d9:38:8c:80:4f:ac:
8f:9b:1a:b5:63:40:05:a0:90:bb:59:b5:a4:dd:bf:16:7e:29:
c1:7c:c4:21:4a:47:54:89:e5:d7:99:72:94:d2:74:0d:d2:00:
b6:e3:9d:96:cf:b3:2d:45:9a:05:20:04:f2:c7:ff:46:cc:93:
5b:8b:f3:ef:3e:4b:cd:c3:a9:e2:6e:89:74:09:d4:46:00:7c:
60:40:46:de:55:79:49:bd:95:09:14:53:81:73:7c:1d:ef:6e:
c1:70:eb:67:5b:32:6c:1d:f5:0a:91:72:39:4c:9b:ba:41:ca:
50:18:e4:46:3b:df:59:7b:70:73:8b:b4:41:b9:2d:63:15:10:
3f:de:59:be:8f:ab:eb:eb:1e:05:85:4e:88:81:f5:8e:0e:b7:
3c:14:2a:e4:41:b5:03:c6:25:d2:48:cf:c8:89:fd:d3:5c:bc:
46:5c:fb:8b:07:b1:a4:3a:ab:0d:56:16:cf:0d:a7:08:a8:05:
79:02:76:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlbOkDGa25nj5TjGqBZZfULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZjY2NTIyZjQwM2Q4Yzk5NGE0ODQ2ODI4NzA3OTk0MTdj
ZTFlODEwHhcNMjMwNzE1MjAyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmRjYTdhMWY4MWY5YmZmMjVlMmMyMmM4MWYyODJiYjRjMmRlMDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbTWM6gR6KUrGtWEqbmIX+9GeuLm
JZMkZxtzEqrdCTilh4EFpKrnzV4TjJYzT4hGCWRHIIpRgqIjCqa6SGvLrFf2kVY2
LJu8dwf7WhCN9uZj15fSqh7cKHj2bpNlOqKXwe1Csf5iuz4mRQyBpoaaZPWgzNfo
sNufOjp7ep9dEBANLhkABw/hU2ao5CUedzCr71JOItiTzAbiU+MCJNZIyksTtb2F
G45z4trAbnMnlrfXn8k4IkE5K5OlQEWBiz48MzA70lA7SEu4q6/Ebz/JfVHmeWv8
O03T0u6qCEmxpYxRCo++7Uh8/4rhxSAVV4fpq5J6uJkrDKe1+FPXr7LGhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/cp6H4H5v/JeLCLIHygrtMLeB8MB8GA1UdIwQY
MBaAFKf2ZSL0A9jJlKSEaChweZQXzh6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF9abEl2UUQyTW1VcElSb0tIQjVsQmZPSG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81MmQwZmUtY2M2ZS00MWQ5LTk2NDMt
YzVkMzYwZmNkZjBlLzEvUDl5bm9mZ2ZtXzhsNHNJc2dmS0N1MHd0NEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81MmQwZmUtY2M2ZS00MWQ5LTk2NDMtYzVkMzYwZmNkZjBl
LzEvcF9abEl2UUQyTW1VcElSb0tIQjVsQmZPSG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVlYMA0G
CSqGSIb3DQEBCwUAA4IBAQCd0V71Mej5/P1nP1BayiNHqkyf5UoG5nDgXyqIzbOy
dpLUqKPKbyMYMQrUVKQzOyl86lW0KNbH0Klkm2DYtlCsrynZOIyAT6yPmxq1Y0AF
oJC7WbWk3b8WfinBfMQhSkdUieXXmXKU0nQN0gC2452Wz7MtRZoFIATyx/9GzJNb
i/PvPkvNw6nibol0CdRGAHxgQEbeVXlJvZUJFFOBc3wd727BcOtnWzJsHfUKkXI5
TJu6QcpQGORGO99Ze3Bzi7RBuS1jFRA/3lm+j6vr6x4FhU6IgfWODrc8FCrkQbUD
xiXSSM/Iif3TXLxGXPuLB7GkOqsNVhbPDacIqAV5AnZh
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:13:10 2025 by rpki-client