Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/JU9VBuayMYVDzSuhMdhDp3wP1ws.roa
File: JU9VBuayMYVDzSuhMdhDp3wP1ws.roa (raw, json)
Hash identifier: qVCiGG/WI7VRY3baxIEqz9xgXzwvjtC4jJhb6D51DNQ=
Subject key identifier: 25:4F:55:06:E6:B2:31:85:43:CD:2B:A1:31:D8:43:A7:7C:0F:D7:0B
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018229556C6FCF0EE878AB82E3A8EDACB2BE
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/JU9VBuayMYVDzSuhMdhDp3wP1ws.roa
Signing time: Sat 23 Jul 2022 04:34:00 +0000
ROA not before: Sat 23 Jul 2022 04:34:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61223
IP address blocks: 89.23.105.0/24 maxlen: 24
89.23.104.0/24 maxlen: 24
89.23.106.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:29:55:6c:6f:cf:0e:e8:78:ab:82:e3:a8:ed:ac:b2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jul 23 04:34:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=254f5506e6b2318543cd2ba131d843a77c0fd70b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:20:98:31:13:02:5d:ba:e3:fa:4a:49:5c:c3:
61:f2:d3:b1:2d:21:7b:cd:af:25:76:3c:30:d4:a1:
ec:2a:63:fe:f7:3c:52:16:0e:eb:5a:37:2d:b1:60:
77:27:4c:09:25:93:95:b2:e9:e1:20:b6:4f:8f:41:
10:08:48:a2:41:46:a4:27:9d:15:89:ac:5a:d8:10:
0a:b9:c4:9f:0f:d4:52:93:70:cc:bb:81:c4:2d:41:
d6:4b:a2:6c:11:b6:63:77:e8:06:6e:67:7d:52:f5:
09:14:3a:c7:5b:16:c4:eb:b2:94:94:d3:6c:3a:b9:
a1:42:0e:a1:f7:8a:c0:13:47:f7:b8:b4:41:a3:fc:
7a:f5:17:0a:07:41:9d:9f:4f:4d:26:66:73:81:28:
96:0e:ae:ba:4d:f7:09:a4:a0:12:94:02:22:72:11:
71:31:f4:5f:b9:4b:af:f1:26:d9:a5:74:e4:09:30:
a8:ee:51:35:4f:d6:93:08:ff:da:e2:c3:41:63:b7:
3e:9b:2f:49:0c:7d:c4:52:3e:39:7d:2e:1d:df:44:
de:0c:44:3b:6b:5d:c0:88:2d:3b:3b:e3:d0:77:07:
7c:b0:11:43:43:80:0f:75:89:68:b0:90:8c:ed:eb:
f4:9c:74:8d:4f:34:0c:7e:2f:98:ec:d1:61:1c:24:
67:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:4F:55:06:E6:B2:31:85:43:CD:2B:A1:31:D8:43:A7:7C:0F:D7:0B
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/JU9VBuayMYVDzSuhMdhDp3wP1ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.104.0-89.23.106.255
Signature Algorithm: sha256WithRSAEncryption
4f:1b:76:b1:eb:8f:77:e5:bd:0e:c2:f0:89:e3:a5:12:3a:ff:
8c:3f:04:e8:28:bb:29:97:36:40:dc:1a:92:79:90:11:0e:ca:
d7:09:d1:96:a1:12:d3:c1:af:91:1f:04:af:4a:65:0b:59:d6:
91:3d:81:1c:c8:54:b8:03:0b:7a:40:b4:06:83:0c:18:c9:2b:
bb:30:ea:c4:18:35:48:4c:84:c4:ab:4b:27:89:6b:18:86:48:
18:20:15:a0:18:64:12:78:cf:04:a4:8f:76:bb:1f:b0:45:d7:
e4:9c:15:b6:c8:db:82:16:45:59:eb:9f:a3:26:7c:06:03:ca:
23:1f:72:b2:c9:5e:d9:4e:f3:10:5e:b5:c2:4e:35:52:7d:91:
c4:2c:da:e0:e0:e6:a3:5a:30:d3:a4:96:84:19:2e:d5:a2:7d:
81:e9:65:80:58:d1:24:db:8b:7a:88:78:71:7b:79:7d:b6:c4:
ff:5b:13:26:44:42:9a:7f:55:3a:4b:3d:33:6d:48:37:b2:08:
aa:19:9f:de:de:58:c1:c6:c1:6e:33:6c:9f:62:54:6c:70:46:
8c:58:e2:90:c4:de:fa:a5:d0:98:ee:ac:1b:84:c1:43:e2:3f:
df:8e:9a:af:79:03:df:76:dd:28:13:fe:a1:07:47:04:3d:fc:
19:94:d6:af
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYIpVWxvzw7oeKuC46jtrLK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjIwNzIzMDQzNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTRmNTUwNmU2YjIzMTg1NDNjZDJiYTEzMWQ4NDNhNzdjMGZkNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyCYMRMCXbrj+kpJXMNh8tOxLSF7
za8ldjww1KHsKmP+9zxSFg7rWjctsWB3J0wJJZOVsunhILZPj0EQCEiiQUakJ50V
iaxa2BAKucSfD9RSk3DMu4HELUHWS6JsEbZjd+gGbmd9UvUJFDrHWxbE67KUlNNs
OrmhQg6h94rAE0f3uLRBo/x69RcKB0Gdn09NJmZzgSiWDq66TfcJpKASlAIichFx
MfRfuUuv8SbZpXTkCTCo7lE1T9aTCP/a4sNBY7c+my9JDH3EUj45fS4d30TeDEQ7
a13AiC07O+PQdwd8sBFDQ4APdYlosJCM7ev0nHSNTzQMfi+Y7NFhHCRn9wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCVPVQbmsjGFQ80roTHYQ6d8D9cLMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvSlU5VkJ1YXlNWVZEelN1aE1kaERwM3dQMXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBANZF2gD
BABZF2owDQYJKoZIhvcNAQELBQADggEBAE8bdrHrj3flvQ7C8InjpRI6/4w/BOgo
uymXNkDcGpJ5kBEOytcJ0ZahEtPBr5EfBK9KZQtZ1pE9gRzIVLgDC3pAtAaDDBjJ
K7sw6sQYNUhMhMSrSyeJaxiGSBggFaAYZBJ4zwSkj3a7H7BF1+ScFbbI24IWRVnr
n6MmfAYDyiMfcrLJXtlO8xBetcJONVJ9kcQs2uDg5qNaMNOkloQZLtWifYHpZYBY
0STbi3qIeHF7eX22xP9bEyZEQpp/VTpLPTNtSDeyCKoZn97eWMHGwW4zbJ9iVGxw
RoxY4pDE3vql0JjurBuEwUPiP9+Omq95A9923SgT/qEHRwQ9/BmU1q8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:48 2025 by rpki-client