Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Sx90qio7NRQj8uFAciB3A8hdQCQ.roa
File: Sx90qio7NRQj8uFAciB3A8hdQCQ.roa (raw, json)
Hash identifier: E91RscLtpdhiTAHbSsSIUxFh44mOepwjpNaErv0uBDI=
Subject key identifier: 4B:1F:74:AA:2A:3B:35:14:23:F2:E1:40:72:20:77:03:C8:5D:40:24
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0182F1DFFCCC233E77501E0A7E69744BB84E
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Sx90qio7NRQj8uFAciB3A8hdQCQ.roa
Signing time: Wed 31 Aug 2022 03:09:24 +0000
ROA not before: Wed 31 Aug 2022 03:09:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60548
IP address blocks: 89.23.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f1:df:fc:cc:23:3e:77:50:1e:0a:7e:69:74:4b:b8:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Aug 31 03:09:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b1f74aa2a3b351423f2e14072207703c85d4024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0f:91:5d:85:0b:2a:d3:89:65:e8:ed:8f:45:
ae:5d:2a:3b:f5:6e:b4:8c:07:16:b7:6c:39:50:93:
64:0f:bf:93:34:20:da:d3:5a:c9:4e:99:7f:4a:0f:
9a:18:7c:86:90:70:58:7a:3e:cb:7f:db:db:ac:e7:
e3:fe:35:17:05:2c:fe:76:e1:5f:eb:e0:15:5d:16:
0a:94:9f:68:c7:10:d8:c8:3d:6e:1b:d8:39:82:cd:
cb:40:8d:87:97:7f:e0:09:bc:9c:04:57:53:93:18:
ab:e3:d4:64:1d:bb:58:f5:de:97:13:fb:43:6c:77:
ed:4a:25:ff:a3:04:d2:fa:29:48:63:7d:79:c3:ac:
79:3f:9f:c0:ce:9e:b8:20:71:69:91:59:1f:ea:25:
1a:ae:ad:3e:df:4b:fc:20:d9:7a:db:de:d8:44:f8:
d0:d0:00:a8:db:27:28:1f:75:0f:13:39:e6:dd:06:
20:dc:b6:67:38:55:4c:a8:9a:ba:8c:cf:a2:01:49:
9d:93:89:45:1a:d6:14:85:fb:8d:db:c5:8b:20:b0:
5b:64:c5:03:96:c0:4d:84:fe:db:55:63:f5:ea:ae:
8f:34:22:8d:cb:1a:9e:1d:23:ca:29:ac:a4:1f:5b:
13:ae:7b:6b:d7:9b:c4:4e:43:b1:ff:6e:3b:d0:f0:
c7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:1F:74:AA:2A:3B:35:14:23:F2:E1:40:72:20:77:03:C8:5D:40:24
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Sx90qio7NRQj8uFAciB3A8hdQCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.109.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:18:c2:5d:42:ec:bc:40:33:2f:38:ed:16:5b:c7:6a:a6:b4:
6f:b7:e7:78:e2:15:d9:22:ec:a7:dd:5e:f2:70:d9:b5:3d:9c:
04:2b:b7:af:24:43:2f:8b:db:8c:66:b9:74:29:c4:11:05:5a:
60:4e:7a:87:16:12:64:a5:62:f1:5b:0a:0f:b8:97:88:50:06:
b6:1a:b7:95:54:d7:3f:bc:b0:ce:4e:8b:40:55:82:1e:bd:b8:
d4:e1:f6:c6:ea:8f:7d:b3:84:02:f1:51:33:95:d2:5e:cc:61:
dd:d2:6c:3a:9d:1d:a6:80:fc:7d:ec:d4:36:2f:a4:8d:e9:7f:
0c:45:72:1f:3d:ac:c3:59:2b:af:77:24:41:b3:30:94:88:e7:
bd:59:98:43:d6:fb:37:f6:31:a8:08:ca:e6:fa:63:c7:de:37:
3a:f8:16:94:07:7a:6a:dc:5c:52:02:54:db:8f:d8:72:f6:64:
40:80:9f:03:60:82:26:f8:9a:c0:7d:0e:8b:de:36:39:82:46:
45:53:b3:91:da:29:d2:b6:55:51:d3:60:cd:7e:d5:da:65:a5:
37:da:c9:4c:fb:41:42:f3:8e:3f:46:68:5d:d9:14:22:ce:e5:
37:1f:a6:81:d3:92:b5:ba:22:b3:09:7f:1d:e5:6b:ba:ba:67:
20:ba:b9:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLx3/zMIz53UB4Kfml0S7hOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjIwODMxMDMwOTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjFmNzRhYTJhM2IzNTE0MjNmMmUxNDA3MjIwNzcwM2M4NWQ0MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw+RXYULKtOJZejtj0WuXSo79W60
jAcWt2w5UJNkD7+TNCDa01rJTpl/Sg+aGHyGkHBYej7Lf9vbrOfj/jUXBSz+duFf
6+AVXRYKlJ9oxxDYyD1uG9g5gs3LQI2Hl3/gCbycBFdTkxir49RkHbtY9d6XE/tD
bHftSiX/owTS+ilIY315w6x5P5/Azp64IHFpkVkf6iUarq0+30v8INl6297YRPjQ
0ACo2ycoH3UPEznm3QYg3LZnOFVMqJq6jM+iAUmdk4lFGtYUhfuN28WLILBbZMUD
lsBNhP7bVWP16q6PNCKNyxqeHSPKKaykH1sTrntr15vETkOx/2470PDHNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEsfdKoqOzUUI/LhQHIgdwPIXUAkMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvU3g5MHFpbzdOUlFqOHVGQWNpQjNBOGhkUUNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdtMA0G
CSqGSIb3DQEBCwUAA4IBAQCxGMJdQuy8QDMvOO0WW8dqprRvt+d44hXZIuyn3V7y
cNm1PZwEK7evJEMvi9uMZrl0KcQRBVpgTnqHFhJkpWLxWwoPuJeIUAa2GreVVNc/
vLDOTotAVYIevbjU4fbG6o99s4QC8VEzldJezGHd0mw6nR2mgPx97NQ2L6SN6X8M
RXIfPazDWSuvdyRBszCUiOe9WZhD1vs39jGoCMrm+mPH3jc6+BaUB3pq3FxSAlTb
j9hy9mRAgJ8DYIIm+JrAfQ6L3jY5gkZFU7OR2inStlVR02DNftXaZaU32slM+0FC
844/Rmhd2RQizuU3H6aB05K1uiKzCX8d5Wu6umcgurlq
-----END CERTIFICATE-----
Generated at Thu Apr 10 01:55:57 2025 by rpki-client