Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/KC_Tpb60zsWtS9tKmO6-mHKErSs.roa
File: KC_Tpb60zsWtS9tKmO6-mHKErSs.roa (raw, json)
Hash identifier: xVlcwElGqycXGpOoIbFfLjzavkY19nmJqC4V6Wl0da0=
Subject key identifier: 28:2F:D3:A5:BE:B4:CE:C5:AD:4B:DB:4A:98:EE:BE:98:72:84:AD:2B
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0182B5681DE798771B953640027929009197
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/KC_Tpb60zsWtS9tKmO6-mHKErSs.roa
Signing time: Fri 19 Aug 2022 09:21:15 +0000
ROA not before: Fri 19 Aug 2022 09:21:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207713
IP address blocks: 89.23.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:b5:68:1d:e7:98:77:1b:95:36:40:02:79:29:00:91:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Aug 19 09:21:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=282fd3a5beb4cec5ad4bdb4a98eebe987284ad2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ff:12:9e:13:38:0a:26:82:05:21:a8:ab:9f:
70:e2:7f:cc:49:8d:cd:90:41:7a:91:13:93:de:1d:
b3:db:5b:b3:3d:1b:21:a3:ed:20:fc:74:5d:aa:f7:
38:f8:31:22:7a:db:45:3a:7c:d0:50:f7:5a:71:2f:
bd:28:97:20:ce:ec:30:2f:82:a2:0d:1c:7d:49:f2:
53:84:3f:e1:13:f8:88:42:d3:01:8c:80:c9:08:1e:
b2:87:bf:2f:5f:2f:92:44:de:1f:2d:1a:21:88:a1:
1a:58:93:25:91:33:a4:3d:52:ff:ae:f1:b1:27:5f:
76:8b:f8:45:31:cb:06:15:ca:e2:9d:cd:9a:d6:d3:
d3:ef:5f:bc:b1:c6:84:08:ea:54:ff:95:a0:c8:75:
63:d1:37:63:c0:a7:5b:af:c6:e6:c2:0d:33:21:7d:
fd:e4:05:8a:b9:a6:a9:1a:83:23:c5:bd:1f:37:a1:
35:7f:d0:8a:33:9e:70:61:21:a6:c9:5e:c0:a7:28:
ab:a4:c6:b8:d9:f0:5e:1b:e1:35:b8:8e:c8:b6:60:
18:7b:35:72:ca:3c:81:28:e1:0a:49:77:78:4b:1f:
00:e2:60:2f:8d:b8:85:c5:31:da:3f:c1:51:92:5a:
56:af:44:63:26:6e:1b:ef:7e:5b:44:85:49:92:50:
e2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:2F:D3:A5:BE:B4:CE:C5:AD:4B:DB:4A:98:EE:BE:98:72:84:AD:2B
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/KC_Tpb60zsWtS9tKmO6-mHKErSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.103.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:a7:ed:f6:c3:26:16:0a:2d:e8:38:8d:55:2f:98:0b:4c:e3:
8b:c1:e0:a4:9f:78:6e:69:9d:00:66:fc:40:5a:21:14:27:0a:
3e:22:5f:97:3a:d1:4f:25:78:15:5c:88:65:44:f3:b8:ff:f0:
77:5c:a2:32:9c:b4:64:24:8d:bb:bc:48:69:45:eb:06:59:5f:
89:12:d9:4d:be:9a:49:c3:51:29:d0:7f:17:f2:e8:a7:ff:86:
93:ac:58:7a:20:93:08:e2:27:37:fc:a3:0f:d0:07:94:13:a3:
95:e0:0a:2b:e7:97:7d:fb:5f:50:02:c3:94:4d:15:cf:0f:05:
e6:5b:df:bb:4b:99:60:35:32:74:dd:28:80:c9:bf:3e:ce:bc:
16:e1:52:04:c7:49:d2:24:c0:00:b7:b3:36:8b:37:82:47:1e:
7f:af:83:89:bc:f0:24:cd:7e:bc:14:04:c8:5d:95:11:43:f9:
11:71:bd:10:cd:61:3e:84:36:a3:36:fb:a9:c1:9b:18:95:64:
1c:cc:b1:1e:d8:38:97:51:18:02:97:11:ea:20:6f:e9:d4:b2:
82:3a:ef:48:71:de:63:6d:e8:a5:de:f0:9e:c9:57:29:20:aa:
26:d9:8b:1f:63:86:3b:bb:a7:4d:36:bd:5f:6e:91:e1:7e:f7:
56:98:44:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYK1aB3nmHcblTZAAnkpAJGXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjIwODE5MDkyMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODJmZDNhNWJlYjRjZWM1YWQ0YmRiNGE5OGVlYmU5ODcyODRhZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnv8SnhM4CiaCBSGoq59w4n/MSY3N
kEF6kROT3h2z21uzPRsho+0g/HRdqvc4+DEiettFOnzQUPdacS+9KJcgzuwwL4Ki
DRx9SfJThD/hE/iIQtMBjIDJCB6yh78vXy+SRN4fLRohiKEaWJMlkTOkPVL/rvGx
J192i/hFMcsGFcrinc2a1tPT71+8scaECOpU/5WgyHVj0TdjwKdbr8bmwg0zIX39
5AWKuaapGoMjxb0fN6E1f9CKM55wYSGmyV7ApyirpMa42fBeG+E1uI7ItmAYezVy
yjyBKOEKSXd4Sx8A4mAvjbiFxTHaP8FRklpWr0RjJm4b735bRIVJklDi6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCgv06W+tM7FrUvbSpjuvphyhK0rMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvS0NfVHBiNjB6c1d0Uzl0S21PNi1tSEtFclNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdnMA0G
CSqGSIb3DQEBCwUAA4IBAQDFp+32wyYWCi3oOI1VL5gLTOOLweCkn3huaZ0AZvxA
WiEUJwo+Il+XOtFPJXgVXIhlRPO4//B3XKIynLRkJI27vEhpResGWV+JEtlNvppJ
w1Ep0H8X8uin/4aTrFh6IJMI4ic3/KMP0AeUE6OV4Aor55d9+19QAsOUTRXPDwXm
W9+7S5lgNTJ03SiAyb8+zrwW4VIEx0nSJMAAt7M2izeCRx5/r4OJvPAkzX68FATI
XZURQ/kRcb0QzWE+hDajNvupwZsYlWQczLEe2DiXURgClxHqIG/p1LKCOu9Icd5j
beil3vCeyVcpIKom2YsfY4Y7u6dNNr1fbpHhfvdWmEQa
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:49:14 2025 by rpki-client