Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/_NNwU8ETKTP8HW0wTA1Vq7cAFdE.roa
File: _NNwU8ETKTP8HW0wTA1Vq7cAFdE.roa (raw, json)
Hash identifier: f6ijxnyPYtfhVDO+rRqRLhjSTntCKSiODuu4IPiPbVU=
Subject key identifier: FC:D3:70:53:C1:13:29:33:FC:1D:6D:30:4C:0D:55:AB:B7:00:15:D1
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01856EAFF7B4013C1F80813ADB41488C8984
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/_NNwU8ETKTP8HW0wTA1Vq7cAFdE.roa
Signing time: Sun 01 Jan 2023 18:55:03 +0000
ROA not before: Sun 01 Jan 2023 18:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 89.23.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f7:b4:01:3c:1f:80:81:3a:db:41:48:8c:89:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 18:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcd37053c1132933fc1d6d304c0d55abb70015d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:24:e8:6f:d8:0c:35:7b:bd:a8:d2:46:e8:05:
17:ea:66:fe:5e:1e:61:c8:db:8d:64:31:c4:17:73:
e7:33:84:80:26:7e:de:dd:91:04:a4:e9:b8:6d:6e:
d0:82:ca:2e:2a:62:04:5a:9d:dd:ca:a0:90:a5:e6:
65:ea:8b:e7:4d:42:b2:aa:ae:36:b6:9e:ae:d3:0d:
5a:49:41:ce:ff:46:2a:50:7a:45:f8:fc:19:20:08:
6c:65:4b:7d:9d:cd:81:ed:9d:06:eb:f7:11:5c:cc:
2f:4b:ec:69:5f:94:2d:e6:b1:52:39:c7:03:dc:4d:
73:54:b4:bf:6d:8a:83:bf:de:64:ed:20:e2:5f:64:
10:db:25:35:8c:30:c2:dd:37:0b:3e:95:b8:5c:2c:
7b:d4:79:5d:3c:47:4e:1c:73:3b:95:26:46:1d:5f:
8b:17:9f:68:97:b6:1e:e3:04:4d:d4:84:d5:f4:83:
b7:4e:40:68:7b:24:3e:05:b5:41:26:1f:e9:c7:e5:
e1:87:98:d5:73:d6:41:2a:7c:bb:58:50:e7:bd:e0:
83:d1:da:f9:2c:cd:ee:55:1a:c8:e1:c3:06:d7:da:
84:e4:f0:d0:29:a1:e3:be:ed:7a:51:8e:0d:1d:83:
45:9a:7d:78:42:e0:82:cd:c7:39:e8:62:17:fb:8e:
ab:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D3:70:53:C1:13:29:33:FC:1D:6D:30:4C:0D:55:AB:B7:00:15:D1
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/_NNwU8ETKTP8HW0wTA1Vq7cAFdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.103.0/24
Signature Algorithm: sha256WithRSAEncryption
48:f3:c2:86:fc:4e:84:38:ab:ef:62:d3:58:a7:20:3a:ed:84:
45:67:ae:19:41:5d:23:ed:5a:bf:93:b8:ce:82:f3:09:1b:f4:
c7:37:10:5d:af:86:56:f7:fe:06:40:9a:5f:36:a7:99:8f:52:
4d:fe:94:e4:7d:99:28:15:05:00:7b:c9:c7:f5:6d:01:84:8e:
48:5c:f0:6f:cd:5c:26:27:14:a3:3b:8d:26:63:c6:05:58:9a:
e5:d8:86:8c:36:bd:d8:d5:42:bf:88:15:84:cd:99:2a:2b:c4:
01:10:cc:23:49:4f:c7:53:51:5b:00:37:0e:e5:9e:01:5b:12:
c0:c0:f5:d5:f0:df:94:94:a5:3c:c3:7a:f0:11:82:da:95:ff:
5a:59:3d:b3:70:12:45:e3:e2:a8:04:21:e4:1d:a0:1b:06:0a:
77:ea:d6:92:7d:3f:29:08:48:f5:a9:64:e7:35:2c:08:c3:9b:
e9:35:5c:8d:10:5f:df:f6:51:f8:64:93:52:8d:6e:3e:0f:17:
76:55:9e:fa:b0:82:53:dc:eb:5e:1a:8a:23:4c:e2:73:19:bb:
66:ae:3b:4e:1a:7c:25:70:33:ac:39:ec:3f:aa:d3:8f:52:5c:
04:9b:23:c3:7b:5a:67:fb:64:98:ed:04:8e:8a:af:8c:b5:79:
56:2f:42:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur/e0ATwfgIE620FIjImEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMTAxMTg1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2QzNzA1M2MxMTMyOTMzZmMxZDZkMzA0YzBkNTVhYmI3MDAxNWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyTob9gMNXu9qNJG6AUX6mb+Xh5h
yNuNZDHEF3PnM4SAJn7e3ZEEpOm4bW7QgsouKmIEWp3dyqCQpeZl6ovnTUKyqq42
tp6u0w1aSUHO/0YqUHpF+PwZIAhsZUt9nc2B7Z0G6/cRXMwvS+xpX5Qt5rFSOccD
3E1zVLS/bYqDv95k7SDiX2QQ2yU1jDDC3TcLPpW4XCx71HldPEdOHHM7lSZGHV+L
F59ol7Ye4wRN1ITV9IO3TkBoeyQ+BbVBJh/px+Xhh5jVc9ZBKny7WFDnveCD0dr5
LM3uVRrI4cMG19qE5PDQKaHjvu16UY4NHYNFmn14QuCCzcc56GIX+46rpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPzTcFPBEykz/B1tMEwNVau3ABXRMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvX05Od1U4RVRLVFA4SFcwd1RBMVZxN2NBRmRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdnMA0G
CSqGSIb3DQEBCwUAA4IBAQBI88KG/E6EOKvvYtNYpyA67YRFZ64ZQV0j7Vq/k7jO
gvMJG/THNxBdr4ZW9/4GQJpfNqeZj1JN/pTkfZkoFQUAe8nH9W0BhI5IXPBvzVwm
JxSjO40mY8YFWJrl2IaMNr3Y1UK/iBWEzZkqK8QBEMwjSU/HU1FbADcO5Z4BWxLA
wPXV8N+UlKU8w3rwEYLalf9aWT2zcBJF4+KoBCHkHaAbBgp36taSfT8pCEj1qWTn
NSwIw5vpNVyNEF/f9lH4ZJNSjW4+Dxd2VZ76sIJT3OteGoojTOJzGbtmrjtOGnwl
cDOsOew/qtOPUlwEmyPDe1pn+2SY7QSOiq+MtXlWL0JL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:48 2025 by rpki-client