Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lLZ09YmzUA8wl4gznn-Thn9PfhQ.roa
File: lLZ09YmzUA8wl4gznn-Thn9PfhQ.roa (raw, json)
Hash identifier: Ik0HBmEQ06bq0h2xRLqcFrHZ8v9GW9QOXVK8OTSVJdg=
Subject key identifier: 94:B6:74:F5:89:B3:50:0F:30:97:88:33:9E:7F:93:86:7F:4F:7E:14
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018BFE73C4567553D8E5776E85E4F7401D5D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lLZ09YmzUA8wl4gznn-Thn9PfhQ.roa
Signing time: Thu 23 Nov 2023 23:11:21 +0000
ROA not before: Thu 23 Nov 2023 23:11:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 996
IP address blocks: 89.34.224.0/24 maxlen: 24
89.34.224.0/23 maxlen: 23
89.34.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fe:73:c4:56:75:53:d8:e5:77:6e:85:e4:f7:40:1d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 23 23:11:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94b674f589b3500f309788339e7f93867f4f7e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6c:0a:ea:3d:b0:7d:be:62:db:aa:5f:03:fe:
25:26:26:9d:63:e0:68:60:ad:c2:8b:5f:eb:30:6a:
65:27:71:ad:b1:43:65:30:87:f5:8b:40:a8:41:21:
69:06:9c:3e:2d:ac:ad:1e:7c:73:5b:aa:b1:f0:f3:
9e:09:99:cc:a5:09:ff:4f:61:e2:69:75:6d:b7:77:
62:db:fc:c1:fb:af:7b:c3:ed:60:a2:3d:55:ff:c1:
1f:7b:28:9d:c7:06:fc:8c:8f:0f:9f:e1:97:36:cf:
42:1c:bf:e0:1c:f8:7b:ca:31:f1:76:8c:7c:d0:7b:
8b:f6:76:cf:f6:d1:1c:0f:0b:eb:75:f1:e4:ca:e0:
e5:ba:38:32:07:00:80:8b:96:19:b2:1c:e7:98:43:
1f:3f:1f:2c:e8:c5:91:fc:08:68:1e:f3:93:d5:4f:
bf:b3:43:cf:5f:a3:8c:31:75:82:ae:ff:e7:2f:92:
80:ce:58:cb:c3:bb:da:36:c4:43:25:92:b1:4f:18:
06:c6:b2:52:4d:71:7f:85:72:61:4c:a3:a9:1e:56:
c9:cd:7f:63:92:7f:51:b1:be:f8:83:76:9f:d2:da:
89:aa:9f:4a:b5:a8:d6:12:bd:18:04:6d:5b:0e:04:
7a:ce:43:ff:88:72:44:6b:83:fa:a5:ca:d6:d5:22:
30:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B6:74:F5:89:B3:50:0F:30:97:88:33:9E:7F:93:86:7F:4F:7E:14
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/lLZ09YmzUA8wl4gznn-Thn9PfhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:0b:b1:34:b9:52:1c:67:20:e8:aa:cc:f0:cc:ef:ed:93:cd:
af:99:85:1d:50:b7:25:d2:4a:94:fb:32:29:e2:64:9e:d1:41:
53:3a:44:7f:07:48:70:28:ee:ae:98:f2:e4:31:be:bc:83:d6:
dd:1f:5e:73:70:2b:43:15:98:c9:3e:d8:c5:53:b7:a3:01:e2:
f6:c1:5f:6b:4b:71:11:63:67:df:4e:d3:de:50:3c:46:fa:b7:
f9:84:6d:4c:cf:64:96:3c:ee:ce:b5:1d:4a:45:15:32:a6:4b:
ba:13:64:50:c5:90:98:be:91:b4:29:6c:e0:25:66:22:0f:e7:
ce:c2:10:04:47:f9:db:fa:9b:da:76:4a:21:90:16:63:b1:67:
37:1c:87:17:51:a3:f8:dd:92:3d:b2:f9:b3:c7:a3:a7:a5:2a:
2e:cb:ac:c7:b0:71:bd:d2:44:78:54:da:58:b4:69:a1:16:81:
ae:12:58:b8:c0:cd:38:0f:9a:cb:d0:e5:c6:55:d4:91:e5:d4:
30:1e:c8:37:14:dd:c8:2b:4c:40:de:a9:7f:91:61:cf:03:01:
2f:52:2e:c0:6f:32:1a:9c:b0:37:c7:51:b3:e7:89:0a:ff:b9:
f7:c7:a3:b2:70:e3:95:11:3c:e6:cd:ee:e3:98:aa:f6:48:99:
2b:b4:e3:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYv+c8RWdVPY5XduheT3QB1dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMTIzMjMxMTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGI2NzRmNTg5YjM1MDBmMzA5Nzg4MzM5ZTdmOTM4NjdmNGY3ZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2wK6j2wfb5i26pfA/4lJiadY+Bo
YK3Ci1/rMGplJ3GtsUNlMIf1i0CoQSFpBpw+LaytHnxzW6qx8POeCZnMpQn/T2Hi
aXVtt3di2/zB+697w+1goj1V/8Efeyidxwb8jI8Pn+GXNs9CHL/gHPh7yjHxdox8
0HuL9nbP9tEcDwvrdfHkyuDlujgyBwCAi5YZshznmEMfPx8s6MWR/AhoHvOT1U+/
s0PPX6OMMXWCrv/nL5KAzljLw7vaNsRDJZKxTxgGxrJSTXF/hXJhTKOpHlbJzX9j
kn9Rsb74g3af0tqJqp9KtajWEr0YBG1bDgR6zkP/iHJEa4P6pcrW1SIwvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJS2dPWJs1APMJeIM55/k4Z/T34UMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvbExaMDlZbXpVQTh3bDRnem5uLVRobjlQZmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSLgMA0G
CSqGSIb3DQEBCwUAA4IBAQBaC7E0uVIcZyDoqszwzO/tk82vmYUdULcl0kqU+zIp
4mSe0UFTOkR/B0hwKO6umPLkMb68g9bdH15zcCtDFZjJPtjFU7ejAeL2wV9rS3ER
Y2ffTtPeUDxG+rf5hG1Mz2SWPO7OtR1KRRUypku6E2RQxZCYvpG0KWzgJWYiD+fO
whAER/nb+pvadkohkBZjsWc3HIcXUaP43ZI9svmzx6OnpSouy6zHsHG90kR4VNpY
tGmhFoGuEli4wM04D5rL0OXGVdSR5dQwHsg3FN3IK0xA3ql/kWHPAwEvUi7AbzIa
nLA3x1Gz54kK/7n3x6OycOOVETzmze7jmKr2SJkrtONk
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:51:34 2025 by rpki-client