Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3IJf6dvFc9-IHqVlIDSGIVHSYbI.roa
File: 3IJf6dvFc9-IHqVlIDSGIVHSYbI.roa (raw, json)
Hash identifier: 5qsHLgH7b7ObeLCIrsqH+LaNwtUjtJfqheqZ3u/CJpg=
Subject key identifier: DC:82:5F:E9:DB:C5:73:DF:88:1E:A5:65:20:34:86:21:51:D2:61:B2
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01856EAFF6F3D5FD8F4EF761244E42A4DAFC
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3IJf6dvFc9-IHqVlIDSGIVHSYbI.roa
Signing time: Sun 01 Jan 2023 18:55:03 +0000
ROA not before: Sun 01 Jan 2023 18:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210352
IP address blocks: 89.23.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f6:f3:d5:fd:8f:4e:f7:61:24:4e:42:a4:da:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 18:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dc825fe9dbc573df881ea5652034862151d261b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d2:e9:4c:5e:f8:1e:da:ed:0c:14:65:99:ce:
52:a8:61:6c:0a:32:28:52:59:10:86:46:fe:39:2b:
fa:df:6d:64:7c:94:19:0c:dc:29:25:c3:5e:ca:5e:
05:a8:c1:b3:f9:72:03:ef:3c:99:2d:d4:67:ab:bf:
5b:1e:1f:37:75:bd:08:bc:c4:f4:72:80:ad:01:e5:
63:4e:a5:88:79:3b:09:18:af:c9:d9:6e:be:d0:f0:
30:41:72:72:c7:11:a8:45:75:65:27:0b:f5:73:89:
e0:9e:fb:7f:ba:57:70:c3:56:cf:15:00:af:d5:65:
6a:a0:26:f0:13:82:2b:4c:b0:2c:bf:3c:3b:07:4a:
a9:7d:32:de:c5:6d:7f:d0:4b:1c:2b:14:00:a1:3f:
2b:4a:c5:b3:a9:db:04:c1:d1:98:da:d9:94:3e:e2:
f3:74:f4:46:58:3a:02:d1:e3:18:87:50:63:76:df:
6c:24:74:45:2e:dd:01:db:ab:24:2b:31:70:68:c0:
66:49:f0:49:25:b9:f8:8c:7f:79:f0:3a:66:ad:2b:
07:dd:1f:5c:aa:c2:e5:86:f8:8f:8c:76:fe:8b:36:
8b:b5:76:b6:cb:70:a5:ac:91:f4:b0:37:6b:25:10:
cc:b5:76:60:4e:54:b6:34:2e:1e:cd:db:3c:2b:c9:
c4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:82:5F:E9:DB:C5:73:DF:88:1E:A5:65:20:34:86:21:51:D2:61:B2
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3IJf6dvFc9-IHqVlIDSGIVHSYbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.107.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:2a:69:42:25:ba:58:2c:90:c2:38:a0:ad:a1:0f:d7:1f:bb:
7e:47:f7:e2:96:70:51:f5:45:41:47:8a:e4:75:fd:d4:72:8b:
c9:7b:06:b1:06:93:af:48:8e:a9:03:27:48:0d:05:0d:4c:dd:
0b:c7:db:8b:50:eb:17:38:18:43:5a:7d:2e:b9:01:72:9e:bc:
93:70:09:28:cd:f9:51:07:6a:bd:7a:7c:11:b9:a6:41:c3:ba:
83:6e:de:1c:35:06:5b:d6:04:1a:20:af:58:4a:ea:e3:3d:db:
fe:55:2c:c4:46:b7:03:f5:07:89:bc:2c:a8:db:85:c5:5a:7f:
8c:bf:10:e0:ea:c6:13:45:80:a5:90:47:04:2f:2f:ff:cf:8d:
64:fa:db:35:3f:73:75:07:7d:08:ab:eb:f8:e6:29:d9:30:63:
06:b8:fa:d8:ca:7f:a1:93:02:bd:d6:d1:04:56:4c:cf:5f:a0:
31:37:9d:0a:ea:75:0b:9c:53:c7:79:ae:3f:6b:7e:66:d8:ac:
66:e2:7c:04:40:16:b2:cb:ca:fb:3b:cb:42:74:78:4e:9b:9e:
b8:55:2f:74:0a:71:79:65:02:ae:c1:c7:04:a9:7e:c8:55:66:
7a:d0:07:39:46:4f:1f:0b:62:dd:04:f2:9c:6f:b9:ea:3d:ff:
af:7d:66:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur/bz1f2PTvdhJE5CpNr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMTAxMTg1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzgyNWZlOWRiYzU3M2RmODgxZWE1NjUyMDM0ODYyMTUxZDI2MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztLpTF74HtrtDBRlmc5SqGFsCjIo
UlkQhkb+OSv6321kfJQZDNwpJcNeyl4FqMGz+XID7zyZLdRnq79bHh83db0IvMT0
coCtAeVjTqWIeTsJGK/J2W6+0PAwQXJyxxGoRXVlJwv1c4ngnvt/uldww1bPFQCv
1WVqoCbwE4IrTLAsvzw7B0qpfTLexW1/0EscKxQAoT8rSsWzqdsEwdGY2tmUPuLz
dPRGWDoC0eMYh1Bjdt9sJHRFLt0B26skKzFwaMBmSfBJJbn4jH958DpmrSsH3R9c
qsLlhviPjHb+izaLtXa2y3ClrJH0sDdrJRDMtXZgTlS2NC4ezds8K8nEhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNyCX+nbxXPfiB6lZSA0hiFR0mGyMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvM0lKZjZkdkZjOS1JSHFWbElEU0dJVkhTWWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdrMA0G
CSqGSIb3DQEBCwUAA4IBAQDVKmlCJbpYLJDCOKCtoQ/XH7t+R/filnBR9UVBR4rk
df3UcovJewaxBpOvSI6pAydIDQUNTN0Lx9uLUOsXOBhDWn0uuQFynryTcAkozflR
B2q9enwRuaZBw7qDbt4cNQZb1gQaIK9YSurjPdv+VSzERrcD9QeJvCyo24XFWn+M
vxDg6sYTRYClkEcELy//z41k+ts1P3N1B30Iq+v45inZMGMGuPrYyn+hkwK91tEE
VkzPX6AxN50K6nULnFPHea4/a35m2Kxm4nwEQBayy8r7O8tCdHhOm564VS90CnF5
ZQKuwccEqX7IVWZ60Ac5Rk8fC2LdBPKcb7nqPf+vfWYY
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:31 2025 by rpki-client