Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3izzsNPG98DV8a32MQOizH0G0co.roa
File: 3izzsNPG98DV8a32MQOizH0G0co.roa (raw, json)
Hash identifier: ss41gebZwxupj0S4dr29DeyZ61yxbnw2gGqdRyu8urE=
Subject key identifier: DE:2C:F3:B0:D3:C6:F7:C0:D5:F1:AD:F6:31:03:A2:CC:7D:06:D1:CA
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01821F0BCCBE8FA0509197981B3DBE01F080
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3izzsNPG98DV8a32MQOizH0G0co.roa
Signing time: Thu 21 Jul 2022 04:37:23 +0000
ROA not before: Thu 21 Jul 2022 04:37:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56694
IP address blocks: 89.23.96.0/22 maxlen: 22
89.23.102.0/24 maxlen: 24
89.23.101.0/24 maxlen: 24
89.23.100.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1f:0b:cc:be:8f:a0:50:91:97:98:1b:3d:be:01:f0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jul 21 04:37:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=de2cf3b0d3c6f7c0d5f1adf63103a2cc7d06d1ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:87:c1:a3:36:b4:6c:02:a1:1d:ad:2d:b5:06:
7f:e3:c2:c5:6f:6b:df:66:a4:63:cb:f5:f8:80:b0:
29:30:f2:70:73:72:11:c8:69:d5:f4:0d:87:d3:9d:
c4:49:4f:c3:be:1f:d1:7c:45:4d:6e:99:4a:7b:38:
85:43:3d:a3:5c:1b:a1:6d:02:a4:22:c1:f5:ef:d6:
6e:e1:64:a6:08:94:df:23:cc:6e:1a:5d:fb:81:51:
0c:5c:b7:5d:04:65:01:c8:e1:f3:e2:78:bb:af:b4:
7d:c8:a6:7a:ab:54:cb:4c:04:09:bb:a8:06:8b:b9:
b9:68:60:01:6b:77:21:a1:32:9f:23:80:dc:75:01:
45:09:64:a2:f2:90:12:bb:ae:1e:94:47:78:41:e8:
7b:9c:0b:78:33:d1:01:f5:9f:b9:ab:dc:e8:e9:e2:
8f:52:69:74:74:72:4e:ee:c9:6d:c2:4a:17:b9:43:
63:29:b7:eb:c9:9b:7c:f3:f2:97:db:8f:1e:20:af:
86:a3:94:87:d4:77:8c:10:f1:43:a5:ac:b2:97:54:
2a:d5:39:3f:ff:21:0f:12:68:7b:5a:94:bc:6f:58:
88:d6:56:7e:93:f5:0c:08:80:15:a1:09:3b:c5:f7:
92:fc:11:c9:0e:62:ed:fc:33:89:76:50:5b:c6:04:
d1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:2C:F3:B0:D3:C6:F7:C0:D5:F1:AD:F6:31:03:A2:CC:7D:06:D1:CA
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/3izzsNPG98DV8a32MQOizH0G0co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.96.0-89.23.102.255
Signature Algorithm: sha256WithRSAEncryption
7b:2e:34:f3:2f:bd:6a:cd:b6:07:fe:eb:91:6c:6b:6d:ae:10:
02:85:a4:a2:6f:7b:17:a0:1c:de:79:89:f9:e7:2e:0a:44:37:
7c:e1:b1:51:f4:c7:ed:7c:58:f4:72:a2:6f:54:55:0c:7e:f1:
b6:a6:c0:e4:f8:05:21:eb:8c:1c:65:e3:8c:43:60:8c:80:02:
3d:85:68:98:62:e0:b6:7d:be:d6:3d:78:ce:17:f4:5f:f2:b9:
22:7c:4f:de:9e:94:28:39:0b:f0:c6:b0:de:1e:3a:8e:fc:cf:
4d:cf:10:21:e3:bd:e0:59:2c:f3:65:5b:23:9f:ca:d6:e6:63:
cc:9f:28:90:6c:3c:50:f1:8d:71:b0:fd:af:ec:69:fa:54:9a:
4c:1e:14:17:1b:15:5f:18:37:fe:03:cd:71:d6:6b:fa:61:dc:
af:d8:65:fd:83:2a:17:e5:6b:5b:66:93:42:bc:82:f2:19:47:
a1:2b:7c:57:a4:52:6b:9d:a9:d3:5d:ab:1a:3d:f5:4e:31:ac:
95:06:ad:ed:bd:86:19:48:2c:e1:3f:8b:7f:76:76:6d:48:07:
0d:4b:eb:2e:be:4c:9d:18:99:ec:58:54:ff:b5:ac:61:f8:2a:
46:a2:bf:d8:76:ba:bc:69:31:94:8b:9d:ff:d1:dc:4a:cd:f5:
1d:17:d7:1a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYIfC8y+j6BQkZeYGz2+AfCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjIwNzIxMDQzNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTJjZjNiMGQzYzZmN2MwZDVmMWFkZjYzMTAzYTJjYzdkMDZkMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIfBoza0bAKhHa0ttQZ/48LFb2vf
ZqRjy/X4gLApMPJwc3IRyGnV9A2H053ESU/Dvh/RfEVNbplKeziFQz2jXBuhbQKk
IsH179Zu4WSmCJTfI8xuGl37gVEMXLddBGUByOHz4ni7r7R9yKZ6q1TLTAQJu6gG
i7m5aGABa3choTKfI4DcdQFFCWSi8pASu64elEd4Qeh7nAt4M9EB9Z+5q9zo6eKP
Uml0dHJO7sltwkoXuUNjKbfryZt88/KX248eIK+Go5SH1HeMEPFDpayyl1Qq1Tk/
/yEPEmh7WpS8b1iI1lZ+k/UMCIAVoQk7xfeS/BHJDmLt/DOJdlBbxgTRhwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN4s87DTxvfA1fGt9jEDosx9BtHKMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvM2l6enNOUEc5OERWOGEzMk1RT2l6SDBHMGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVZF2AD
BABZF2YwDQYJKoZIhvcNAQELBQADggEBAHsuNPMvvWrNtgf+65Fsa22uEAKFpKJv
exegHN55ifnnLgpEN3zhsVH0x+18WPRyom9UVQx+8bamwOT4BSHrjBxl44xDYIyA
Aj2FaJhi4LZ9vtY9eM4X9F/yuSJ8T96elCg5C/DGsN4eOo78z03PECHjveBZLPNl
WyOfytbmY8yfKJBsPFDxjXGw/a/safpUmkweFBcbFV8YN/4DzXHWa/ph3K/YZf2D
Khfla1tmk0K8gvIZR6ErfFekUmudqdNdqxo99U4xrJUGre29hhlILOE/i392dm1I
Bw1L6y6+TJ0YmexYVP+1rGH4Kkaiv9h2urxpMZSLnf/R3ErN9R0X1xo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:21 2025 by rpki-client