Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/atva-IhdL6xfqNUQ_PfrsUj1tA0.roa
File: atva-IhdL6xfqNUQ_PfrsUj1tA0.roa (raw, json)
Hash identifier: 4DPsPMOVexJk5Am0hLHy8NZvhgvEjfke/x32HBnf4wg=
Subject key identifier: 6A:DB:DA:F8:88:5D:2F:AC:5F:A8:D5:10:FC:F7:EB:B1:48:F5:B4:0D
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01856EAFF0FF27BE2EECB6D7A4C34467530E
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/atva-IhdL6xfqNUQ_PfrsUj1tA0.roa
Signing time: Sun 01 Jan 2023 18:55:02 +0000
ROA not before: Sun 01 Jan 2023 18:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30823
IP address blocks: 89.23.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:af:f0:ff:27:be:2e:ec:b6:d7:a4:c3:44:67:53:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 18:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6adbdaf8885d2fac5fa8d510fcf7ebb148f5b40d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1c:48:9f:10:a8:7a:ca:21:4b:11:2d:24:2e:
60:66:71:4b:f0:ef:9d:c0:60:31:c5:56:68:11:b7:
67:f6:c8:5e:0a:1c:de:3b:49:1f:4a:4d:24:af:4e:
27:ac:df:40:fc:63:33:bb:1d:c8:36:e5:5b:76:7c:
10:a1:7f:5e:bb:c0:42:fc:25:cb:e0:66:db:8e:16:
98:1f:9b:c5:48:49:63:f6:02:02:53:44:02:f6:f7:
25:02:ea:69:58:d5:13:de:ad:ea:43:bf:50:a4:cc:
d4:b1:f3:74:31:15:f8:ac:e8:14:70:f4:dc:36:44:
6b:d9:e6:8d:e1:1d:55:7e:2e:e6:68:20:44:5f:6b:
2d:c2:6a:f8:e7:24:0f:b8:fb:24:e3:d7:28:ef:cd:
11:54:d9:f8:8f:63:b7:2d:f3:06:0d:5c:f0:59:fe:
72:ce:a8:85:5d:b5:f9:f4:4a:37:55:e6:80:75:2a:
f3:fb:2d:7c:51:ea:b6:25:83:dc:ab:dc:71:0b:e3:
be:57:bb:ba:74:67:73:bd:77:6f:5b:89:dd:cc:24:
b8:d9:a0:06:eb:b3:9d:6c:18:86:5a:49:07:ca:8f:
12:35:74:f0:ec:ea:87:c7:28:f2:83:e2:2a:16:07:
db:50:63:e8:89:bb:4d:c6:d5:5f:1b:76:43:e4:33:
aa:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:DB:DA:F8:88:5D:2F:AC:5F:A8:D5:10:FC:F7:EB:B1:48:F5:B4:0D
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/atva-IhdL6xfqNUQ_PfrsUj1tA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.107.0/24
Signature Algorithm: sha256WithRSAEncryption
20:82:54:93:4e:5b:af:0a:33:6c:ef:bb:96:2a:77:b2:d8:62:
26:17:3a:15:60:c3:53:1f:23:07:46:3f:78:a7:d5:cd:22:e9:
0b:78:be:fe:a7:53:7a:cd:14:66:51:6c:0b:8e:63:bb:f5:bf:
79:f0:c2:03:be:00:a8:92:b4:c6:b6:c3:c2:dd:5f:86:f7:87:
b6:98:0d:36:1f:0d:cb:e5:e9:d6:80:f4:6d:a8:37:cc:6b:dd:
d9:45:6a:c3:1e:9e:bf:b9:cc:ac:d1:ed:6d:9d:69:f3:36:13:
48:06:f1:5a:f0:8a:e8:dd:08:7e:30:6f:48:6a:a4:21:a8:c0:
f8:19:9e:48:56:e0:8d:ae:94:9d:e5:11:e9:93:27:ce:12:ef:
09:b9:41:b6:19:60:d9:6a:ac:76:d4:2e:cb:47:53:19:49:a6:
a8:60:6a:7f:ca:aa:77:d5:ed:c1:ff:88:21:94:41:6d:13:44:
5e:90:cc:17:8b:da:36:7f:b3:b3:dd:d8:34:b3:55:f8:d1:80:
2e:70:f3:fe:d6:33:f9:82:b4:3f:86:a7:4f:8c:05:25:a2:71:
d0:c0:2d:41:f8:2a:a2:c2:f2:88:79:98:45:1d:b0:64:1a:2c:
eb:45:27:b8:a4:dd:fd:70:d1:19:8e:59:7b:32:56:d1:3a:4d:
41:e9:30:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVur/D/J74u7LbXpMNEZ1MOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwMTAxMTg1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWRiZGFmODg4NWQyZmFjNWZhOGQ1MTBmY2Y3ZWJiMTQ4ZjViNDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxxInxCoesohSxEtJC5gZnFL8O+d
wGAxxVZoEbdn9sheChzeO0kfSk0kr04nrN9A/GMzux3INuVbdnwQoX9eu8BC/CXL
4GbbjhaYH5vFSElj9gICU0QC9vclAuppWNUT3q3qQ79QpMzUsfN0MRX4rOgUcPTc
NkRr2eaN4R1Vfi7maCBEX2stwmr45yQPuPsk49co780RVNn4j2O3LfMGDVzwWf5y
zqiFXbX59Eo3VeaAdSrz+y18Ueq2JYPcq9xxC+O+V7u6dGdzvXdvW4ndzCS42aAG
67OdbBiGWkkHyo8SNXTw7OqHxyjyg+IqFgfbUGPoibtNxtVfG3ZD5DOqRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGrb2viIXS+sX6jVEPz367FI9bQNMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvYXR2YS1JaGRMNnhmcU5VUV9QZnJzVWoxdEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdrMA0G
CSqGSIb3DQEBCwUAA4IBAQAgglSTTluvCjNs77uWKney2GImFzoVYMNTHyMHRj94
p9XNIukLeL7+p1N6zRRmUWwLjmO79b958MIDvgCokrTGtsPC3V+G94e2mA02Hw3L
5enWgPRtqDfMa93ZRWrDHp6/ucys0e1tnWnzNhNIBvFa8Iro3Qh+MG9IaqQhqMD4
GZ5IVuCNrpSd5RHpkyfOEu8JuUG2GWDZaqx21C7LR1MZSaaoYGp/yqp31e3B/4gh
lEFtE0RekMwXi9o2f7Oz3dg0s1X40YAucPP+1jP5grQ/hqdPjAUlonHQwC1B+Cqi
wvKIeZhFHbBkGizrRSe4pN39cNEZjll7MlbROk1B6TBt
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:15 2025 by rpki-client