Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/U8uOrXFFnc5CE-Ks3PS7I138iNs.roa
File: U8uOrXFFnc5CE-Ks3PS7I138iNs.roa (raw, json)
Hash identifier: rMKLkOIgwhOXOeIbYvwSlCViUkR8alM1hLBZ7RbyPJc=
Subject key identifier: 53:CB:8E:AD:71:45:9D:CE:42:13:E2:AC:DC:F4:BB:23:5D:FC:88:DB
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01856EAFF287DB8D6B056240E0915D3A0DD8
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/U8uOrXFFnc5CE-Ks3PS7I138iNs.roa
Signing time: Sun 01 Jan 2023 18:55:02 +0000
ROA not before: Sun 01 Jan 2023 18:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43624
IP address blocks: 89.23.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f2:87:db:8d:6b:05:62:40:e0:91:5d:3a:0d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 18:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=53cb8ead71459dce4213e2acdcf4bb235dfc88db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1a:be:2c:36:3c:a7:4b:5d:03:2c:0b:ed:96:
2d:b4:bc:f7:54:47:5a:d5:14:ef:7d:91:4f:50:35:
aa:cb:ea:46:2b:62:32:28:f2:cf:7a:00:57:c9:70:
06:aa:84:98:c2:47:57:a1:27:58:0d:0c:56:e9:f4:
07:4d:8b:27:be:d5:fb:f3:89:f3:4c:b8:19:ef:84:
bc:2c:2b:98:6f:d4:05:70:e4:87:97:94:98:90:98:
b0:96:ac:f7:ae:11:d3:2a:0a:b6:e7:55:76:1a:a6:
8a:98:25:de:c9:4f:33:90:4a:f8:b4:13:1d:2b:9a:
48:ec:54:2c:f0:9a:ad:28:14:27:a9:cf:5b:29:ba:
ea:ba:53:23:a7:1f:a7:79:a8:fc:8f:3b:40:bf:f5:
e0:cd:41:4f:42:94:7e:8c:e2:90:bb:7e:b8:c7:35:
50:1a:88:2c:c8:3a:22:a5:46:d8:39:55:49:c0:b2:
02:ee:94:af:e3:53:04:c8:e0:d2:95:e1:56:9b:de:
65:62:ef:f1:fb:8e:48:6a:a2:65:62:84:07:07:85:
18:0f:c1:64:83:25:38:8b:67:16:99:f2:af:3e:c1:
e1:1f:e9:0d:10:ed:1c:36:bf:ed:cb:e9:6e:7f:bd:
0f:e2:8a:fa:ad:db:98:6a:ca:3e:70:3c:5c:23:32:
c3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CB:8E:AD:71:45:9D:CE:42:13:E2:AC:DC:F4:BB:23:5D:FC:88:DB
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/U8uOrXFFnc5CE-Ks3PS7I138iNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.110.0/24
Signature Algorithm: sha256WithRSAEncryption
af:ac:43:2a:a7:3b:e4:0f:b4:c8:17:71:5f:40:5a:d6:98:d3:
15:d1:c0:b1:33:3f:af:bd:e6:4d:0e:e4:f3:34:dc:6b:1d:3e:
02:ce:f7:fb:44:db:b4:01:8a:77:db:0f:17:49:d0:11:a7:4f:
76:cc:c6:12:b1:83:e8:8e:51:87:f2:6b:d5:1e:5d:7b:ca:25:
78:46:84:5d:96:63:be:e4:e4:dd:f1:39:54:60:f0:0c:e9:c5:
d9:ae:d3:14:79:81:a1:c9:4f:10:9b:df:ce:e5:da:0b:7c:b1:
bc:b6:e9:4b:ee:42:5b:a2:5b:0d:e2:47:6a:d3:f6:0e:7b:11:
78:3c:7d:e2:cd:97:d1:07:ac:3d:31:65:7d:a7:07:6a:1d:82:
d7:6b:d4:33:e2:78:be:1b:9a:c3:42:bc:15:d3:af:a5:9e:33:
6c:8d:7c:20:71:54:11:57:69:b8:5e:8f:90:87:37:9b:c8:21:
9b:91:3d:09:0a:cf:ac:24:84:02:2e:6d:ff:7a:5a:ff:6f:d4:
3f:1a:13:5e:a2:15:c9:f4:c7:99:72:4b:84:0e:1d:49:0b:3b:
f7:dd:78:12:c4:8f:d1:55:fb:66:3c:c7:88:58:3b:5d:80:2c:
b1:3d:71:80:8a:8d:fe:4a:4f:c8:01:02:f4:be:b6:a2:f9:10:
1e:60:8d:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur/KH241rBWJA4JFdOg3YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMTAxMTg1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2NiOGVhZDcxNDU5ZGNlNDIxM2UyYWNkY2Y0YmIyMzVkZmM4OGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhq+LDY8p0tdAywL7ZYttLz3VEda
1RTvfZFPUDWqy+pGK2IyKPLPegBXyXAGqoSYwkdXoSdYDQxW6fQHTYsnvtX784nz
TLgZ74S8LCuYb9QFcOSHl5SYkJiwlqz3rhHTKgq251V2GqaKmCXeyU8zkEr4tBMd
K5pI7FQs8JqtKBQnqc9bKbrqulMjpx+neaj8jztAv/XgzUFPQpR+jOKQu364xzVQ
GogsyDoipUbYOVVJwLIC7pSv41MEyODSleFWm95lYu/x+45IaqJlYoQHB4UYD8Fk
gyU4i2cWmfKvPsHhH+kNEO0cNr/ty+luf70P4or6rduYaso+cDxcIzLDNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPLjq1xRZ3OQhPirNz0uyNd/IjbMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvVTh1T3JYRkZuYzVDRS1LczNQUzdJMTM4aU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRduMA0G
CSqGSIb3DQEBCwUAA4IBAQCvrEMqpzvkD7TIF3FfQFrWmNMV0cCxMz+vveZNDuTz
NNxrHT4Czvf7RNu0AYp32w8XSdARp092zMYSsYPojlGH8mvVHl17yiV4RoRdlmO+
5OTd8TlUYPAM6cXZrtMUeYGhyU8Qm9/O5doLfLG8tulL7kJbolsN4kdq0/YOexF4
PH3izZfRB6w9MWV9pwdqHYLXa9Qz4ni+G5rDQrwV06+lnjNsjXwgcVQRV2m4Xo+Q
hzebyCGbkT0JCs+sJIQCLm3/elr/b9Q/GhNeohXJ9MeZckuEDh1JCzv33XgSxI/R
VftmPMeIWDtdgCyxPXGAio3+Sk/IAQL0vrai+RAeYI3h
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:38:54 2025 by rpki-client