Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/9A57B7S0xUUi6eG1ftfkAnvoRXg.roa
File: 9A57B7S0xUUi6eG1ftfkAnvoRXg.roa (raw, json)
Hash identifier: YyOM/VmDQ+ZqCcev6MVf6GLfhtJsLs4mSaKdq+xrGkk=
Subject key identifier: F4:0E:7B:07:B4:B4:C5:45:22:E9:E1:B5:7E:D7:E4:02:7B:E8:45:78
Certificate issuer: /CN=24504c74c7127090a4cff85001f443149e128e60
Certificate serial: 018C670DF1223CBDB1FC384BE1427E71A065
Authority key identifier: 24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/9A57B7S0xUUi6eG1ftfkAnvoRXg.roa
Signing time: Thu 14 Dec 2023 06:40:16 +0000
ROA not before: Thu 14 Dec 2023 06:40:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203929
IP address blocks: 146.19.147.0/24 maxlen: 24
91.199.220.0/24 maxlen: 24
185.124.33.0/24 maxlen: 24
185.124.34.0/24 maxlen: 24
185.124.35.0/24 maxlen: 24
89.37.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:67:0d:f1:22:3c:bd:b1:fc:38:4b:e1:42:7e:71:a0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24504c74c7127090a4cff85001f443149e128e60
Validity
Not Before: Dec 14 06:40:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f40e7b07b4b4c54522e9e1b57ed7e4027be84578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a5:2d:6f:81:2f:47:78:66:b5:b7:83:04:80:
25:79:5d:2e:c1:15:28:e4:1d:eb:5f:f8:91:ef:27:
ad:66:87:a2:47:66:a8:c8:41:b1:79:b4:8a:91:bb:
84:46:10:a5:a7:51:00:48:f5:15:86:28:af:ed:c8:
ea:c2:6b:1b:27:e7:d9:71:f1:f8:0b:62:41:39:ed:
eb:77:94:72:a5:c4:86:f2:62:1a:90:5f:fe:9e:87:
43:e2:d5:b0:2e:0b:6c:c8:90:14:71:bb:93:d6:dc:
98:72:e4:89:c8:0c:3f:aa:dc:0d:6d:48:18:2e:26:
2e:0f:00:21:6e:ab:8a:a9:b1:ba:3f:98:33:4b:0f:
51:0f:cd:a5:fb:59:bf:ed:4b:b0:fa:1c:1d:58:93:
d1:1c:52:46:4b:da:e8:d3:37:6d:45:01:be:91:fa:
e4:1e:89:c9:4f:c0:c9:82:83:0f:32:56:23:60:ae:
de:02:5e:9e:f0:d0:58:cd:e5:79:f7:a8:df:00:9b:
49:9a:8a:7c:8c:80:25:22:18:ba:c0:5e:09:1c:a6:
5d:38:85:7a:ab:77:28:b4:e1:fc:5d:8a:87:49:2d:
64:ff:47:ee:2c:19:28:28:41:c8:97:8b:24:37:d9:
17:ef:cd:8b:0d:d9:c9:16:f7:89:fc:9f:b2:71:78:
b5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:0E:7B:07:B4:B4:C5:45:22:E9:E1:B5:7E:D7:E4:02:7B:E8:45:78
X509v3 Authority Key Identifier:
keyid:24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/9A57B7S0xUUi6eG1ftfkAnvoRXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.56.0/24
91.199.220.0/24
146.19.147.0/24
185.124.33.0-185.124.35.255
Signature Algorithm: sha256WithRSAEncryption
33:0b:49:ef:e9:31:6e:1c:c3:2a:b9:f0:3d:6c:74:f5:84:29:
0e:e4:d2:f2:a2:dd:65:5e:08:45:8d:23:9e:ad:49:f5:e4:a3:
e6:52:cf:75:61:45:d4:ff:1d:5a:ae:6a:76:40:97:0a:c6:9b:
50:f7:a4:79:b9:e8:8c:a7:7b:b1:99:1f:e7:ec:af:dc:e8:b5:
5e:b1:a2:ca:19:df:a1:63:9c:54:6f:f8:e0:ff:95:f7:e0:09:
1c:93:6b:b7:74:11:f2:99:b1:2b:b7:a3:9a:d7:9d:dd:9d:46:
4b:81:0f:83:31:7b:fa:bc:d5:c6:fd:12:69:73:53:c4:1c:31:
1f:45:5b:7e:bb:d7:93:05:9c:d0:a5:fd:42:7b:84:65:e2:2b:
e4:0b:12:73:5b:47:9a:8a:d5:9e:7e:36:ca:a2:74:81:8d:a4:
72:38:71:4f:4a:5c:b5:a1:7e:17:41:a4:86:89:93:0c:dc:30:
b4:3b:60:c5:52:47:ea:df:e6:fd:4d:b2:cb:9e:09:2b:52:a6:
49:29:f9:76:6f:53:1a:6e:8a:68:a7:90:a3:3a:3c:fc:79:28:
54:79:c5:fc:51:54:32:91:6b:28:be:f4:66:0f:d5:30:54:ca:
26:e7:29:33:3f:b8:b7:00:9f:07:25:74:d0:27:a4:7b:96:10:
c2:14:24:e9
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYxnDfEiPL2x/DhL4UJ+caBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTA0Yzc0YzcxMjcwOTBhNGNmZjg1MDAxZjQ0MzE0OWUx
MjhlNjAwHhcNMjMxMjE0MDY0MDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDBlN2IwN2I0YjRjNTQ1MjJlOWUxYjU3ZWQ3ZTQwMjdiZTg0NTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6Utb4EvR3hmtbeDBIAleV0uwRUo
5B3rX/iR7yetZoeiR2aoyEGxebSKkbuERhClp1EASPUVhiiv7cjqwmsbJ+fZcfH4
C2JBOe3rd5RypcSG8mIakF/+nodD4tWwLgtsyJAUcbuT1tyYcuSJyAw/qtwNbUgY
LiYuDwAhbquKqbG6P5gzSw9RD82l+1m/7Uuw+hwdWJPRHFJGS9ro0zdtRQG+kfrk
HonJT8DJgoMPMlYjYK7eAl6e8NBYzeV596jfAJtJmop8jIAlIhi6wF4JHKZdOIV6
q3cotOH8XYqHSS1k/0fuLBkoKEHIl4skN9kX782LDdnJFveJ/J+ycXi1mwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFPQOewe0tMVFIunhtX7X5AJ76EV4MB8GA1UdIwQY
MBaAFCRQTHTHEnCQpM/4UAH0QxSeEo5gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQt
ZDA2MjJjNGNkNDhkLzEvOUE1N0I3UzB4VVVpNmVHMWZ0ZmtBbnZvUlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQtZDA2MjJjNGNkNDhk
LzEvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWSU4AwQA
W8fcAwQAkhOTMAwDBAC5fCEDBAK5fCAwDQYJKoZIhvcNAQELBQADggEBADMLSe/p
MW4cwyq58D1sdPWEKQ7k0vKi3WVeCEWNI56tSfXko+ZSz3VhRdT/HVquanZAlwrG
m1D3pHm56Iyne7GZH+fsr9zotV6xosoZ36FjnFRv+OD/lffgCRyTa7d0EfKZsSu3
o5rXnd2dRkuBD4Mxe/q81cb9EmlzU8QcMR9FW36715MFnNCl/UJ7hGXiK+QLEnNb
R5qK1Z5+NsqidIGNpHI4cU9KXLWhfhdBpIaJkwzcMLQ7YMVSR+rf5v1NssueCStS
pkkp+XZvUxpuiminkKM6PPx5KFR5xfxRVDKRayi+9GYP1TBUyibnKTM/uLcAnwcl
dNAnpHuWEMIUJOk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:54:09 2025 by rpki-client