Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/jt2d3y8ZqGM0fA64EBhtMvcbVRM.roa
File: jt2d3y8ZqGM0fA64EBhtMvcbVRM.roa (raw, json)
Hash identifier: r1Mc1AFvCVj+2H7WlGrGgKOiCnZd1S0ctc/Dbcpfqns=
Subject key identifier: 8E:DD:9D:DF:2F:19:A8:63:34:7C:0E:B8:10:18:6D:32:F7:1B:55:13
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0187E06B56D2E23BEBC51C44CADBD3083C82
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/jt2d3y8ZqGM0fA64EBhtMvcbVRM.roa
Signing time: Wed 03 May 2023 07:02:23 +0000
ROA not before: Wed 03 May 2023 07:02:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 185.39.204.0/24 maxlen: 24
89.23.103.0/24 maxlen: 24
89.23.107.0/24 maxlen: 24
89.23.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e0:6b:56:d2:e2:3b:eb:c5:1c:44:ca:db:d3:08:3c:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: May 3 07:02:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8edd9ddf2f19a863347c0eb810186d32f71b5513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e9:2b:35:c1:01:9a:64:db:36:a6:43:85:05:
77:9d:a0:56:74:ec:d0:a6:c4:a0:38:d4:93:b0:a7:
21:8e:ac:77:38:52:02:27:f4:89:68:43:2f:7b:64:
5f:0d:1e:8f:f5:42:dc:ef:12:76:1f:91:7d:00:70:
bf:1e:fb:42:0d:db:c1:6b:ab:11:dc:8e:a5:54:b6:
88:bc:ad:71:1d:12:54:a9:4b:53:4c:a5:4c:62:0d:
3b:db:55:79:ed:4e:ad:be:6a:da:79:2b:eb:18:10:
f7:d1:95:ca:17:b9:e4:6c:55:78:b0:ca:1d:6c:c2:
68:42:18:fb:da:b1:a1:c3:2f:99:4d:93:9d:06:01:
a6:90:d3:06:4f:04:e2:98:f3:fb:ea:88:12:d0:e5:
8b:91:42:39:eb:af:ed:37:a4:cf:3e:23:82:c0:33:
f2:16:04:ff:59:8e:3f:22:48:29:bc:8b:63:00:25:
cf:7b:db:e6:0b:3e:a1:b8:7e:ad:5e:13:ac:83:61:
53:c9:20:fa:eb:e2:d8:37:83:df:fe:4c:2e:4f:bf:
c4:24:22:e8:3c:09:9a:27:4c:ea:df:5e:ca:83:20:
55:24:fd:19:7c:c9:0d:65:d3:e4:ba:6f:56:10:a2:
41:7b:97:f5:1a:b4:f6:ef:60:a6:85:26:95:4b:fc:
11:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:DD:9D:DF:2F:19:A8:63:34:7C:0E:B8:10:18:6D:32:F7:1B:55:13
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/jt2d3y8ZqGM0fA64EBhtMvcbVRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.103.0/24
89.23.107.0-89.23.108.255
185.39.204.0/24
Signature Algorithm: sha256WithRSAEncryption
be:3d:82:d9:09:8f:3c:18:3a:3a:1f:99:1f:66:96:ab:91:89:
7b:d4:8d:78:02:25:e5:85:22:34:41:24:09:67:49:f0:98:d2:
5b:55:7b:0f:b1:a3:d6:5a:05:62:4a:f5:b8:bf:69:11:1d:a2:
90:2c:9a:c4:5b:73:67:b0:96:3d:69:49:11:81:f9:76:4e:c3:
70:a5:e1:da:43:94:5c:08:3e:af:17:bf:82:61:4c:4e:51:d1:
a9:4e:9b:9c:87:a4:9a:31:a7:e5:7f:51:53:aa:98:7a:81:e9:
93:33:d5:69:68:95:bc:45:cf:e6:de:0b:7f:80:f2:37:5c:57:
4f:50:d0:cf:9a:f3:ce:2e:f5:87:ee:e9:40:69:ad:4b:64:e5:
29:3b:de:84:c0:e6:4a:82:f5:b2:32:91:a9:ae:3f:17:c4:00:
00:68:bb:d2:6f:a5:19:b3:f8:6c:0b:bb:fe:e7:98:78:ee:bf:
fc:0d:b5:6c:8d:eb:ab:9c:83:82:f2:df:66:d7:e6:92:a0:94:
b3:b2:ea:ca:7e:9c:93:17:91:d0:3d:4b:06:04:da:3a:01:08:
17:ec:93:30:50:de:8e:ee:e7:40:58:b9:9e:b7:c5:9a:8e:53:
18:8f:78:18:50:df:60:36:5e:ec:3f:26:6f:11:e7:22:bb:5a:
e0:68:e0:ba
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYfga1bS4jvrxRxEytvTCDyCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwNTAzMDcwMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWRkOWRkZjJmMTlhODYzMzQ3YzBlYjgxMDE4NmQzMmY3MWI1NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmukrNcEBmmTbNqZDhQV3naBWdOzQ
psSgONSTsKchjqx3OFICJ/SJaEMve2RfDR6P9ULc7xJ2H5F9AHC/HvtCDdvBa6sR
3I6lVLaIvK1xHRJUqUtTTKVMYg0721V57U6tvmraeSvrGBD30ZXKF7nkbFV4sMod
bMJoQhj72rGhwy+ZTZOdBgGmkNMGTwTimPP76ogS0OWLkUI566/tN6TPPiOCwDPy
FgT/WY4/IkgpvItjACXPe9vmCz6huH6tXhOsg2FTySD66+LYN4Pf/kwuT7/EJCLo
PAmaJ0zq317KgyBVJP0ZfMkNZdPkum9WEKJBe5f1GrT272CmhSaVS/wRrwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFI7dnd8vGahjNHwOuBAYbTL3G1UTMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvanQyZDN5OFpxR00wZkE2NEVCaHRNdmNiVlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWRdnMAwD
BABZF2sDBABZF2wDBAC5J8wwDQYJKoZIhvcNAQELBQADggEBAL49gtkJjzwYOjof
mR9mlquRiXvUjXgCJeWFIjRBJAlnSfCY0ltVew+xo9ZaBWJK9bi/aREdopAsmsRb
c2ewlj1pSRGB+XZOw3Cl4dpDlFwIPq8Xv4JhTE5R0alOm5yHpJoxp+V/UVOqmHqB
6ZMz1WlolbxFz+beC3+A8jdcV09Q0M+a884u9Yfu6UBprUtk5Sk73oTA5kqC9bIy
kamuPxfEAABou9JvpRmz+GwLu/7nmHjuv/wNtWyN66ucg4Ly32bX5pKglLOy6sp+
nJMXkdA9SwYE2joBCBfskzBQ3o7u50BYuZ63xZqOUxiPeBhQ32A2Xuw/Jm8R5yK7
WuBo4Lo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:59 2025 by rpki-client