Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/01X68WbNH8b12LYpH_5tJLAM41M.roa
File: 01X68WbNH8b12LYpH_5tJLAM41M.roa (raw, json)
Hash identifier: 4uoLSAn+XcPh4+NKSfthmjU/Y883AZ7QDRUiXgxgf6M=
Subject key identifier: D3:55:FA:F1:66:CD:1F:C6:F5:D8:B6:29:1F:FE:6D:24:B0:0C:E3:53
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01856EAFF4144CBAD133321EC6D4E4525718
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/01X68WbNH8b12LYpH_5tJLAM41M.roa
Signing time: Sun 01 Jan 2023 18:55:03 +0000
ROA not before: Sun 01 Jan 2023 18:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60548
IP address blocks: 89.23.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f4:14:4c:ba:d1:33:32:1e:c6:d4:e4:52:57:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 18:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d355faf166cd1fc6f5d8b6291ffe6d24b00ce353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d6:4d:16:4c:9e:d7:a8:93:d1:73:57:ca:44:
39:14:fd:a9:a6:d5:65:b3:3b:6e:60:8a:b4:c1:10:
8e:95:27:8f:61:56:65:f4:f8:39:71:d3:0b:e4:a7:
53:5d:53:95:aa:27:44:cc:8f:a0:16:1d:df:8a:67:
29:b1:3e:a3:f6:cf:cd:81:b4:df:5d:88:85:b9:35:
6d:5b:0c:a5:b9:79:aa:0c:2f:1e:bb:89:d2:b3:78:
9d:c0:16:22:01:26:89:83:99:43:97:01:d4:e3:a1:
2b:38:ec:4c:d7:10:13:a6:e8:9f:2a:2b:e3:49:a1:
f6:c3:1b:8c:41:97:25:20:6c:4f:f0:75:bc:9d:87:
56:f8:6f:f2:9c:7a:06:9c:9b:17:2a:66:78:3b:bb:
77:84:d1:1d:7f:06:8f:24:f3:ba:8d:d9:1b:26:87:
32:8f:2f:7f:e4:75:53:c7:ed:27:59:12:41:31:dc:
89:20:aa:b2:18:d7:99:cf:f9:b7:8b:21:2c:52:3d:
06:ac:ce:b7:d8:39:ea:98:a6:eb:68:2e:6c:3b:d4:
91:74:b3:86:66:30:ee:b4:c2:41:44:74:05:fc:bd:
2c:8e:0c:2e:62:49:21:c9:f2:ef:a2:87:72:1f:a7:
53:f3:37:93:18:6b:99:88:ac:ba:ee:3c:56:28:7c:
cb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:55:FA:F1:66:CD:1F:C6:F5:D8:B6:29:1F:FE:6D:24:B0:0C:E3:53
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/01X68WbNH8b12LYpH_5tJLAM41M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.109.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:54:ae:36:0e:96:9f:3f:45:c6:14:65:81:90:6a:97:64:8a:
a0:de:31:cb:d4:9b:97:68:fa:13:9d:94:fd:95:5d:49:cf:b8:
6d:17:b8:01:21:42:97:0b:8b:46:cd:fc:aa:20:6c:ba:69:08:
fa:a6:ad:64:18:c4:ff:ee:be:c9:bd:73:1f:7d:f9:4e:41:48:
18:85:ce:76:1c:f4:9d:08:d9:cd:6d:df:66:3b:bc:da:1a:a5:
46:68:9f:31:13:60:19:b1:80:e0:e6:1f:3d:75:3e:4b:0a:82:
6f:c5:30:a1:a0:20:39:21:94:ac:08:b4:ed:8d:30:6a:fc:4f:
d4:6f:91:6b:fd:dd:2f:ee:a7:ad:bf:3e:a3:b8:35:24:f7:4a:
01:77:4c:d7:d8:8d:dc:60:47:11:ab:8d:30:0b:ec:fd:01:df:
ba:b7:4a:c0:d3:bd:97:0f:94:16:3a:39:e9:69:b2:f8:87:d7:
63:80:44:40:9d:52:8a:95:b8:25:02:6d:83:f4:44:0f:70:9f:
0a:d1:d5:33:71:1f:09:24:f7:7d:bc:b5:a3:20:db:71:71:65:
8e:2b:d2:26:72:a7:d7:b6:5c:2d:d3:dc:6d:6c:5d:0e:48:b7:
4e:02:02:8b:ae:95:31:26:93:da:41:77:e3:ed:37:06:75:ca:
8b:82:af:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur/QUTLrRMzIextTkUlcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMTAxMTg1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU1ZmFmMTY2Y2QxZmM2ZjVkOGI2MjkxZmZlNmQyNGIwMGNlMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdZNFkye16iT0XNXykQ5FP2pptVl
sztuYIq0wRCOlSePYVZl9Pg5cdML5KdTXVOVqidEzI+gFh3fimcpsT6j9s/NgbTf
XYiFuTVtWwyluXmqDC8eu4nSs3idwBYiASaJg5lDlwHU46ErOOxM1xATpuifKivj
SaH2wxuMQZclIGxP8HW8nYdW+G/ynHoGnJsXKmZ4O7t3hNEdfwaPJPO6jdkbJocy
jy9/5HVTx+0nWRJBMdyJIKqyGNeZz/m3iyEsUj0GrM632DnqmKbraC5sO9SRdLOG
ZjDutMJBRHQF/L0sjgwuYkkhyfLvoodyH6dT8zeTGGuZiKy67jxWKHzLcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNNV+vFmzR/G9di2KR/+bSSwDONTMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvMDFYNjhXYk5IOGIxMkxZcEhfNXRKTEFNNDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdtMA0G
CSqGSIb3DQEBCwUAA4IBAQCdVK42DpafP0XGFGWBkGqXZIqg3jHL1JuXaPoTnZT9
lV1Jz7htF7gBIUKXC4tGzfyqIGy6aQj6pq1kGMT/7r7JvXMffflOQUgYhc52HPSd
CNnNbd9mO7zaGqVGaJ8xE2AZsYDg5h89dT5LCoJvxTChoCA5IZSsCLTtjTBq/E/U
b5Fr/d0v7qetvz6juDUk90oBd0zX2I3cYEcRq40wC+z9Ad+6t0rA072XD5QWOjnp
abL4h9djgERAnVKKlbglAm2D9EQPcJ8K0dUzcR8JJPd9vLWjINtxcWWOK9ImcqfX
tlwt09xtbF0OSLdOAgKLrpUxJpPaQXfj7TcGdcqLgq/q
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:21 2025 by rpki-client