Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/z2a0-cKtiguY_jko5-93xGes94I.roa
File: z2a0-cKtiguY_jko5-93xGes94I.roa (raw, json)
Hash identifier: geofqHdQFR24XJ71vUaHrz5r8mm2gne1cPqs8RwD6k4=
Subject key identifier: CF:66:B4:F9:C2:AD:8A:0B:98:FE:39:28:E7:EF:77:C4:67:AC:F7:82
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01830D66A84959DFE2C63ECFD07843622FA3
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/z2a0-cKtiguY_jko5-93xGes94I.roa
Signing time: Mon 05 Sep 2022 11:26:14 +0000
ROA not before: Mon 05 Sep 2022 11:26:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30823
IP address blocks: 89.23.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0d:66:a8:49:59:df:e2:c6:3e:cf:d0:78:43:62:2f:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Sep 5 11:26:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf66b4f9c2ad8a0b98fe3928e7ef77c467acf782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ce:86:0a:a3:98:83:33:76:ea:7c:0b:60:0a:
68:c2:ad:fa:20:03:a8:b6:5d:ae:2b:84:11:c7:4c:
67:8f:4e:f5:77:db:86:cf:5d:1b:2e:ec:0d:56:8d:
6f:fa:4b:f3:db:25:01:41:63:72:aa:32:19:c4:61:
c6:54:34:fe:3d:1c:b5:68:28:69:1b:c6:7e:ac:e8:
d1:c1:76:98:20:7e:25:8a:29:d9:02:4c:e1:82:7b:
3a:15:f8:d8:55:8a:99:fa:20:b0:d2:35:e6:c9:f8:
d8:14:0f:6e:90:be:15:d8:fc:ac:d2:1c:55:ab:14:
65:66:5f:c1:86:11:3c:41:37:ed:0d:7a:ab:4a:8c:
57:96:59:95:a2:b3:20:29:81:6c:1f:15:6e:01:e0:
2c:75:f3:39:8e:ca:29:1f:c8:60:6e:7a:e4:f9:a4:
dd:f5:e1:8f:23:47:8b:40:55:da:b0:4d:bb:98:7b:
f9:3f:a6:f8:c3:88:93:f6:d0:3b:d1:bf:06:c6:05:
2d:62:d6:fb:3c:c5:39:8d:4d:18:ca:72:6f:2e:51:
2c:63:2f:55:f3:81:e2:e9:bd:51:8d:8d:38:48:d9:
63:73:7b:6f:c3:57:a6:68:ae:18:ad:c4:ab:37:26:
fe:5d:25:a2:c9:53:9a:7d:46:41:0a:2b:c9:bd:e6:
6c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:66:B4:F9:C2:AD:8A:0B:98:FE:39:28:E7:EF:77:C4:67:AC:F7:82
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/z2a0-cKtiguY_jko5-93xGes94I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.107.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ee:f8:6f:cb:4f:45:cb:e6:44:87:00:59:8d:61:9e:d8:8b:
40:29:91:3a:7c:09:01:77:97:db:07:5b:6c:5a:5a:ac:1b:11:
39:6d:a5:d6:5f:2c:a2:b0:57:5c:61:ac:cc:ca:0e:20:5f:d1:
36:0a:ce:7c:09:89:c7:93:7b:e2:19:cd:a3:b3:34:33:b5:36:
c5:7f:83:7e:32:d7:46:bd:25:81:86:69:a9:a0:95:64:b3:83:
4d:c9:bf:b2:88:49:bf:17:8b:05:44:fd:f1:d5:ed:94:94:36:
cb:53:37:86:5c:26:0d:ce:3d:c8:d8:1b:e1:08:14:dd:7a:e8:
f7:52:cf:25:51:fa:3a:ec:42:a8:f1:83:79:f2:59:c1:e0:ad:
f9:ec:ed:e7:75:54:03:3b:6b:86:6e:a3:be:6b:a8:0a:13:a8:
03:30:f0:78:d0:e9:1b:76:ba:89:5f:dd:bd:a1:93:38:d5:c7:
ff:60:fc:e3:a2:d7:7e:5c:91:a2:47:e8:9c:92:b1:2c:16:3c:
ef:d1:f8:09:6b:18:63:d3:1e:82:8e:4f:bc:08:33:36:ee:bc:
f5:e1:f9:27:b2:0e:2c:69:c3:50:9b:6d:98:13:e2:1e:96:8d:
fb:71:62:60:82:be:93:59:1d:74:3d:98:f0:95:a9:4e:32:0f:
7f:ad:90:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMNZqhJWd/ixj7P0HhDYi+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjIwOTA1MTEyNjE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjY2YjRmOWMyYWQ4YTBiOThmZTM5MjhlN2VmNzdjNDY3YWNmNzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA286GCqOYgzN26nwLYApowq36IAOo
tl2uK4QRx0xnj071d9uGz10bLuwNVo1v+kvz2yUBQWNyqjIZxGHGVDT+PRy1aChp
G8Z+rOjRwXaYIH4liinZAkzhgns6FfjYVYqZ+iCw0jXmyfjYFA9ukL4V2Pys0hxV
qxRlZl/BhhE8QTftDXqrSoxXllmVorMgKYFsHxVuAeAsdfM5jsopH8hgbnrk+aTd
9eGPI0eLQFXasE27mHv5P6b4w4iT9tA70b8GxgUtYtb7PMU5jU0YynJvLlEsYy9V
84Hi6b1RjY04SNljc3tvw1emaK4YrcSrNyb+XSWiyVOafUZBCivJveZsZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9mtPnCrYoLmP45KOfvd8RnrPeCMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvejJhMC1jS3RpZ3VZX2prbzUtOTN4R2VzOTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdrMA0G
CSqGSIb3DQEBCwUAA4IBAQBq7vhvy09Fy+ZEhwBZjWGe2ItAKZE6fAkBd5fbB1ts
WlqsGxE5baXWXyyisFdcYazMyg4gX9E2Cs58CYnHk3viGc2jszQztTbFf4N+MtdG
vSWBhmmpoJVks4NNyb+yiEm/F4sFRP3x1e2UlDbLUzeGXCYNzj3I2BvhCBTdeuj3
Us8lUfo67EKo8YN58lnB4K357O3ndVQDO2uGbqO+a6gKE6gDMPB40OkbdrqJX929
oZM41cf/YPzjotd+XJGiR+ickrEsFjzv0fgJaxhj0x6Cjk+8CDM27rz14fknsg4s
acNQm22YE+Ielo37cWJggr6TWR10PZjwlalOMg9/rZCw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:15 2025 by rpki-client