Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/HlGFDsqV7v8Y9lskIDPo_8GoNVY.roa
File: HlGFDsqV7v8Y9lskIDPo_8GoNVY.roa (raw, json)
Hash identifier: 6Qlu+mY1NUDjKaaemHhSS6QkhzH+ewQtqD9vOWFmYHs=
Subject key identifier: 1E:51:85:0E:CA:95:EE:FF:18:F6:5B:24:20:33:E8:FF:C1:A8:35:56
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0184A950347894F2DAFD2E765008F2F2BA3D
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/HlGFDsqV7v8Y9lskIDPo_8GoNVY.roa
Signing time: Thu 24 Nov 2022 11:05:16 +0000
ROA not before: Thu 24 Nov 2022 11:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 89.185.24.0/22 maxlen: 24
89.185.28.0/22 maxlen: 24
109.72.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:50:34:78:94:f2:da:fd:2e:76:50:08:f2:f2:ba:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 24 11:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e51850eca95eeff18f65b242033e8ffc1a83556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:01:7a:b3:9b:2d:2b:e9:4f:84:19:97:14:da:
ed:bd:2d:3c:26:60:e2:5f:6d:ad:1a:c7:4f:3c:42:
6a:7a:d6:7b:e6:b3:cf:4a:be:5e:94:08:22:40:07:
23:e5:3d:44:60:37:82:16:88:11:b0:52:57:f9:40:
1a:c7:dc:e1:ac:34:6a:46:4e:ea:6d:da:76:95:25:
87:24:70:b0:bb:7e:95:4d:e1:df:2c:35:1e:98:bc:
9a:90:f7:c9:dd:30:0b:19:0c:94:f1:00:ea:b0:1e:
74:f2:0f:69:c7:5c:57:b7:14:0c:2e:75:03:d3:5b:
1e:9b:d0:d4:2d:59:6b:22:b0:70:94:7f:2c:84:e1:
73:12:44:b9:11:b6:7b:9e:da:ff:98:1a:ae:2f:72:
b4:b7:a7:db:89:6c:e5:8e:da:79:32:91:2e:86:6c:
b5:e6:cf:a6:39:b0:f3:7a:f8:a2:ce:4c:8f:61:2b:
e0:57:dd:96:82:69:b1:ea:5e:9c:83:41:50:34:ca:
46:4c:29:ca:15:04:38:af:62:bb:1e:64:48:c5:c1:
97:ac:49:dc:35:5b:77:af:9b:05:96:14:40:d1:44:
1f:ec:cb:66:54:fa:db:9a:da:b1:1b:04:9e:17:53:
98:56:68:ec:71:f4:a8:2d:ff:92:e7:6f:1a:6c:f2:
b1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:51:85:0E:CA:95:EE:FF:18:F6:5B:24:20:33:E8:FF:C1:A8:35:56
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/HlGFDsqV7v8Y9lskIDPo_8GoNVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.24.0/21
109.72.124.0/22
Signature Algorithm: sha256WithRSAEncryption
82:27:25:7e:e3:97:42:aa:be:e1:c9:7f:4d:03:86:dc:21:3b:
4b:c1:7f:d1:7b:d3:50:fd:f6:76:48:a3:11:46:5e:07:cd:e5:
a5:cf:03:73:7e:1d:4e:46:f9:1c:c3:c9:54:41:01:00:2a:a4:
bc:59:dc:64:40:e8:73:b4:f3:76:b4:72:c6:de:72:ec:73:31:
ee:3a:83:c9:07:c8:86:b5:fc:23:5e:ed:35:c0:42:a5:da:b6:
a4:93:9b:49:31:01:00:b4:63:8b:7f:c7:9e:91:85:5a:fc:2b:
d8:8e:48:a4:3c:da:4c:38:83:b6:d7:f1:15:33:1b:75:bb:5f:
60:4c:8e:89:c4:6b:f3:11:61:df:61:71:c4:62:7b:f3:93:93:
40:fa:a5:08:bf:14:59:6a:85:34:a1:35:5c:8f:ec:f6:13:7f:
e7:c2:4b:2d:34:aa:f0:09:97:2d:19:32:56:28:ce:06:85:6b:
d1:59:7c:00:00:6b:0d:70:2a:af:ea:01:a3:7d:39:84:fc:87:
39:68:a3:15:85:83:e2:e4:18:80:76:5a:8e:ab:7b:41:e3:39:
5e:60:4b:a8:48:4a:85:06:34:65:91:a8:56:8c:7b:af:49:f5:
75:0b:98:aa:9c:16:09:de:c6:81:ac:63:34:38:b2:2d:ae:cb:
2a:e0:f7:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSpUDR4lPLa/S52UAjy8ro9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMTI0MTEwNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTUxODUwZWNhOTVlZWZmMThmNjViMjQyMDMzZThmZmMxYTgzNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQF6s5stK+lPhBmXFNrtvS08JmDi
X22tGsdPPEJqetZ75rPPSr5elAgiQAcj5T1EYDeCFogRsFJX+UAax9zhrDRqRk7q
bdp2lSWHJHCwu36VTeHfLDUemLyakPfJ3TALGQyU8QDqsB508g9px1xXtxQMLnUD
01sem9DULVlrIrBwlH8shOFzEkS5EbZ7ntr/mBquL3K0t6fbiWzljtp5MpEuhmy1
5s+mObDzeviizkyPYSvgV92Wgmmx6l6cg0FQNMpGTCnKFQQ4r2K7HmRIxcGXrEnc
NVt3r5sFlhRA0UQf7MtmVPrbmtqxGwSeF1OYVmjscfSoLf+S528abPKxkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB5RhQ7Kle7/GPZbJCAz6P/BqDVWMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvSGxHRkRzcVY3djhZOWxza0lEUG9fOEdvTlZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWbkYAwQC
bUh8MA0GCSqGSIb3DQEBCwUAA4IBAQCCJyV+45dCqr7hyX9NA4bcITtLwX/Re9NQ
/fZ2SKMRRl4HzeWlzwNzfh1ORvkcw8lUQQEAKqS8WdxkQOhztPN2tHLG3nLsczHu
OoPJB8iGtfwjXu01wEKl2rakk5tJMQEAtGOLf8eekYVa/CvYjkikPNpMOIO21/EV
Mxt1u19gTI6JxGvzEWHfYXHEYnvzk5NA+qUIvxRZaoU0oTVcj+z2E3/nwkstNKrw
CZctGTJWKM4GhWvRWXwAAGsNcCqv6gGjfTmE/Ic5aKMVhYPi5BiAdlqOq3tB4zle
YEuoSEqFBjRlkahWjHuvSfV1C5iqnBYJ3saBrGM0OLItrssq4Pfr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org