Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/QIdlLaYG5xzxw9YoPCEg0_v3sx8.roa
File: QIdlLaYG5xzxw9YoPCEg0_v3sx8.roa (raw, json)
Hash identifier: Y6CU6xJsr7c3X71q+404OXiFWrPwxfcLBJyNZhdWfaY=
Subject key identifier: 40:87:65:2D:A6:06:E7:1C:F1:C3:D6:28:3C:21:20:D3:FB:F7:B3:1F
Certificate issuer: /CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Certificate serial: 03663C79
Authority key identifier: 0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/QIdlLaYG5xzxw9YoPCEg0_v3sx8.roa
Signing time: Sat 01 Jan 2022 11:54:06 +0000
ROA not before: Sat 01 Jan 2022 11:54:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49367
IP address blocks: 152.89.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57031801 (0x3663c79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bf543e23e29fb03748d0939726f30fe9affa19e
Validity
Not Before: Jan 1 11:54:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4087652da606e71cf1c3d6283c2120d3fbf7b31f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:01:23:55:57:17:70:7c:8b:c0:73:81:f7:49:
6a:64:5e:48:50:45:06:22:c1:2c:07:a9:42:c6:d4:
2e:3d:47:90:0c:30:e6:4b:6b:e1:dd:b3:4b:dc:00:
89:71:98:aa:03:f5:17:4c:10:76:e7:8d:d6:74:fa:
54:7c:64:8b:15:76:d3:39:bb:7f:2c:b5:c2:29:53:
8a:bc:b9:43:81:71:1c:45:6a:0d:ae:30:87:29:df:
38:a4:53:46:7e:29:60:06:56:0f:a2:64:5a:00:3b:
02:c4:93:63:e2:45:eb:42:fd:ce:8d:fa:17:b0:71:
7c:63:ee:50:38:56:7e:c8:a8:35:c8:74:63:7a:81:
bd:ef:0b:0f:1e:94:5e:cf:72:07:d5:fb:41:3f:f5:
6b:22:9c:23:ee:eb:1d:7b:b3:98:b8:11:6a:d7:6c:
34:e2:ff:f7:7d:5c:c4:f5:d2:73:16:ab:ab:3b:97:
55:21:83:64:cb:b3:cc:29:75:8d:1a:f5:7f:f3:77:
b4:50:aa:73:7c:bb:8c:f6:6d:af:62:3b:66:14:54:
54:04:a6:59:23:da:32:6c:a0:93:5e:f3:79:57:a4:
1b:1d:75:75:98:1d:da:39:c5:09:90:02:b7:02:3c:
6b:d6:c9:63:b5:4b:42:fe:77:b3:d8:e7:16:d8:92:
e6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:87:65:2D:A6:06:E7:1C:F1:C3:D6:28:3C:21:20:D3:FB:F7:B3:1F
X509v3 Authority Key Identifier:
keyid:0B:F5:43:E2:3E:29:FB:03:74:8D:09:39:72:6F:30:FE:9A:FF:A1:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/QIdlLaYG5xzxw9YoPCEg0_v3sx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/afa34c-f3f0-405c-b083-a35fc438d4ca/1/C_VD4j4p-wN0jQk5cm8w_pr_oZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.168.0/24
Signature Algorithm: sha256WithRSAEncryption
60:13:19:e3:8d:03:b6:a4:a4:6e:c4:08:35:66:95:41:65:71:
ad:f6:58:8c:f8:74:b9:97:92:fc:37:65:46:fc:48:ca:1b:65:
66:b3:c7:de:c0:60:00:22:4d:f5:a6:bd:26:22:5b:43:88:73:
9f:c2:3d:15:36:38:20:08:34:a4:12:91:0a:9e:19:8a:b5:e6:
ec:f3:c6:6d:df:a7:b0:d6:2b:71:1f:21:ef:2e:db:de:14:14:
8e:cb:9b:65:04:ba:eb:1a:ed:60:a0:b5:49:d6:28:61:ca:90:
20:2a:49:a7:f2:64:1c:6d:7a:e6:f0:1c:09:65:06:af:c9:80:
90:bf:49:06:32:be:b9:39:6d:51:83:b3:86:91:19:6e:db:5b:
89:08:b8:da:99:b2:5a:e5:a0:fb:25:61:c1:11:f4:df:05:62:
21:61:01:9d:da:f4:68:80:94:59:a9:54:31:99:45:48:42:04:
78:5c:89:33:88:ff:2a:6b:f6:ef:c8:68:02:80:1c:34:51:c8:
42:e3:70:ab:a1:08:8d:17:33:cf:94:a1:83:11:4b:22:ff:f5:
57:50:14:01:fe:a5:e6:08:ac:aa:66:ee:0d:7d:1f:be:ee:d9:
5d:88:46:86:fd:ce:45:48:8c:62:9a:19:dc:13:3b:92:fe:9e:
ed:cf:12:8b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA2Y8eTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YmY1NDNlMjNlMjlmYjAzNzQ4ZDA5Mzk3MjZmMzBmZTlhZmZhMTllMB4XDTIyMDEw
MTExNTQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDA4NzY1MmRhNjA2
ZTcxY2YxYzNkNjI4M2MyMTIwZDNmYmY3YjMxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPEBI1VXF3B8i8BzgfdJamReSFBFBiLBLAepQsbULj1HkAww
5ktr4d2zS9wAiXGYqgP1F0wQdueN1nT6VHxkixV20zm7fyy1wilTiry5Q4FxHEVq
Da4whynfOKRTRn4pYAZWD6JkWgA7AsSTY+JF60L9zo36F7BxfGPuUDhWfsioNch0
Y3qBve8LDx6UXs9yB9X7QT/1ayKcI+7rHXuzmLgRatdsNOL/931cxPXScxarqzuX
VSGDZMuzzCl1jRr1f/N3tFCqc3y7jPZtr2I7ZhRUVASmWSPaMmygk17zeVekGx11
dZgd2jnFCZACtwI8a9bJY7VLQv53s9jnFtiS5lECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRAh2UtpgbnHPHD1ig8ISDT+/ezHzAfBgNVHSMEGDAWgBQL9UPiPin7A3SN
CTlybzD+mv+hnjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NfVkQ0ajRwLXdOMGpRazVjbTh3X3ByX29aNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvYWZhMzRjLWYzZjAtNDA1Yy1iMDgzLWEzNWZjNDM4ZDRjYS8x
L1FJZGxMYVlHNXh6eHc5WW9QQ0VnMF92M3N4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
YWZhMzRjLWYzZjAtNDA1Yy1iMDgzLWEzNWZjNDM4ZDRjYS8xL0NfVkQ0ajRwLXdO
MGpRazVjbTh3X3ByX29aNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJhZqDANBgkqhkiG9w0BAQsFAAOC
AQEAYBMZ440DtqSkbsQINWaVQWVxrfZYjPh0uZeS/DdlRvxIyhtlZrPH3sBgACJN
9aa9JiJbQ4hzn8I9FTY4IAg0pBKRCp4ZirXm7PPGbd+nsNYrcR8h7y7b3hQUjsub
ZQS66xrtYKC1SdYoYcqQICpJp/JkHG165vAcCWUGr8mAkL9JBjK+uTltUYOzhpEZ
bttbiQi42pmyWuWg+yVhwRH03wViIWEBndr0aICUWalUMZlFSEIEeFyJM4j/Kmv2
78hoAoAcNFHIQuNwq6EIjRczz5ShgxFLIv/1V1AUAf6l5gisqmbuDX0fvu7ZXYhG
hv3ORUiMYpoZ3BM7kv6e7c8Siw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:23:56 2025 by rpki-client