Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JQxljHcMYwaYcuhE1x-Ny9FwBgQ.roa
File: JQxljHcMYwaYcuhE1x-Ny9FwBgQ.roa (raw, json)
Hash identifier: aZxe3oTMHgSSB/+fsUc3beQbt5Je5ZFrJpavuOIKvZI=
Subject key identifier: 25:0C:65:8C:77:0C:63:06:98:72:E8:44:D7:1F:8D:CB:D1:70:06:04
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01890613F13E4FB5BF1DF39522B2E5C59F08
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JQxljHcMYwaYcuhE1x-Ny9FwBgQ.roa
Signing time: Thu 29 Jun 2023 07:35:17 +0000
ROA not before: Thu 29 Jun 2023 07:35:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 147291
IP address blocks: 89.213.135.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.134.0/24 maxlen: 24
89.213.138.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:06:13:f1:3e:4f:b5:bf:1d:f3:95:22:b2:e5:c5:9f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 29 07:35:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=250c658c770c63069872e844d71f8dcbd1700604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f1:fc:57:38:4c:62:63:eb:97:2e:fe:93:fc:
04:4f:09:13:5a:bd:1e:7a:8d:c5:c7:60:2f:e4:96:
9a:94:e2:00:5f:ed:f6:8c:94:d4:f7:08:1b:6e:c3:
4e:ff:eb:e3:5f:97:57:e3:8a:bd:64:56:9f:41:76:
b4:f1:8b:0f:ff:e0:3e:6d:da:92:61:29:a1:41:78:
61:af:16:1a:ee:33:e4:6b:ce:6b:f8:d8:d9:71:95:
96:1c:8e:7d:91:03:71:29:f5:a4:0c:3c:9c:a2:9c:
db:05:cd:b1:6c:73:70:80:e7:fa:c5:a4:0c:8c:47:
fd:79:56:32:cb:ee:d3:0d:7b:8e:d1:ef:13:b5:a8:
a6:6f:43:6e:8d:71:92:2c:44:89:5e:de:29:42:16:
fc:a1:9a:f1:45:2c:7d:29:9d:65:93:7f:71:49:76:
13:80:10:5b:08:e5:b7:fc:3b:a9:88:43:49:5d:b3:
e5:a4:fe:1d:e1:dd:9a:65:a3:95:b4:92:ad:ca:11:
76:58:bd:63:6d:8d:e1:47:d8:31:11:a1:e8:17:be:
76:49:2f:dd:94:84:9a:91:b1:65:f2:6a:5a:2e:42:
67:cc:bc:a1:b4:44:a2:79:91:51:4f:83:8f:ba:2b:
cd:d9:26:c0:cc:84:37:47:cd:17:50:0b:08:0a:38:
9b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:0C:65:8C:77:0C:63:06:98:72:E8:44:D7:1F:8D:CB:D1:70:06:04
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/JQxljHcMYwaYcuhE1x-Ny9FwBgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.133.0-89.213.139.255
Signature Algorithm: sha256WithRSAEncryption
24:ad:e4:9a:96:4c:91:99:de:ff:67:3e:36:34:cc:8f:d6:d6:
a9:f0:58:b5:61:1a:d6:f6:2f:55:24:c2:47:5f:ab:34:20:63:
1f:1e:04:a7:45:27:6c:2b:cd:a5:2b:b5:98:27:70:8a:38:27:
a0:4e:11:c5:32:d5:8f:e1:95:3a:e2:5a:e6:b3:9e:0e:27:f0:
fe:20:76:0f:87:bc:90:c7:83:c7:cb:e5:09:2a:16:8f:6f:56:
99:14:12:55:8c:1c:6e:a1:b3:61:b3:8b:11:4f:7a:4d:34:bd:
8b:26:76:4c:0d:aa:1e:c1:1e:1d:83:c9:ec:03:aa:d7:4e:da:
01:d0:44:81:a9:c7:ed:97:00:58:4c:76:5a:a6:8e:cd:33:f2:
4c:04:19:50:a5:52:cc:b6:5a:04:9f:bf:4b:10:60:e1:0e:bc:
fb:29:e2:52:e1:e3:82:b6:26:58:bc:bf:3f:f9:85:b9:87:cd:
16:6a:b1:eb:53:be:49:b9:31:bd:9b:91:34:b5:8e:dc:ec:06:
52:23:26:aa:06:2d:99:d1:90:8a:cc:3f:9b:18:e0:96:9c:b4:
fa:ce:12:ea:14:e3:07:4b:15:ae:86:21:ae:f8:20:63:6e:6b:
1d:29:39:5a:dd:1c:c2:f4:9d:46:c7:a9:ef:f8:71:a8:b6:6a:
39:28:d7:0c
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYkGE/E+T7W/HfOVIrLlxZ8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjI5MDczNTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTBjNjU4Yzc3MGM2MzA2OTg3MmU4NDRkNzFmOGRjYmQxNzAwNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvH8VzhMYmPrly7+k/wETwkTWr0e
eo3Fx2Av5JaalOIAX+32jJTU9wgbbsNO/+vjX5dX44q9ZFafQXa08YsP/+A+bdqS
YSmhQXhhrxYa7jPka85r+NjZcZWWHI59kQNxKfWkDDycopzbBc2xbHNwgOf6xaQM
jEf9eVYyy+7TDXuO0e8Ttaimb0NujXGSLESJXt4pQhb8oZrxRSx9KZ1lk39xSXYT
gBBbCOW3/DupiENJXbPlpP4d4d2aZaOVtJKtyhF2WL1jbY3hR9gxEaHoF752SS/d
lISakbFl8mpaLkJnzLyhtESieZFRT4OPuivN2SbAzIQ3R80XUAsICjibmwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCUMZYx3DGMGmHLoRNcfjcvRcAYEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSlF4bGpIY01Zd2FZY3VoRTF4LU55OUZ3QmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZ1YUD
BAJZ1YgwDQYJKoZIhvcNAQELBQADggEBACSt5JqWTJGZ3v9nPjY0zI/W1qnwWLVh
Gtb2L1UkwkdfqzQgYx8eBKdFJ2wrzaUrtZgncIo4J6BOEcUy1Y/hlTriWuazng4n
8P4gdg+HvJDHg8fL5QkqFo9vVpkUElWMHG6hs2GzixFPek00vYsmdkwNqh7BHh2D
yewDqtdO2gHQRIGpx+2XAFhMdlqmjs0z8kwEGVClUsy2WgSfv0sQYOEOvPsp4lLh
44K2Jli8vz/5hbmHzRZqsetTvkm5Mb2bkTS1jtzsBlIjJqoGLZnRkIrMP5sY4Jac
tPrOEuoU4wdLFa6GIa74IGNuax0pOVrdHML0nUbHqe/4cai2ajko1ww=
-----END CERTIFICATE-----
Generated at Sat May 17 02:27:03 2025 by rpki-client