Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/hPrCMp0FadB4-Nl1jRgRdHpYkMk.roa
File: hPrCMp0FadB4-Nl1jRgRdHpYkMk.roa (raw, json)
Hash identifier: qfDGb2J3QQPIHWtMCdVI5lMVZ8kcoPpTV6s1XokHrck=
Subject key identifier: 84:FA:C2:32:9D:05:69:D0:78:F8:D9:75:8D:18:11:74:7A:58:90:C9
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018535B14F6CBD0596995B94F86D0192781D
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/hPrCMp0FadB4-Nl1jRgRdHpYkMk.roa
Signing time: Wed 21 Dec 2022 17:18:10 +0000
ROA not before: Wed 21 Dec 2022 17:18:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 89.43.45.0/24 maxlen: 24
188.215.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:b1:4f:6c:bd:05:96:99:5b:94:f8:6d:01:92:78:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Dec 21 17:18:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84fac2329d0569d078f8d9758d1811747a5890c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:28:44:c4:fc:72:a3:54:dc:9d:4a:b0:52:15:
87:3d:82:e6:f5:a2:22:3c:7d:78:27:f1:02:26:ad:
e9:10:d9:71:7c:59:10:eb:81:88:8d:f0:3d:9d:53:
0e:77:13:14:94:0c:8e:ff:9f:41:a4:be:1f:8c:af:
01:8c:4d:f9:9b:e7:15:72:95:a4:98:89:e2:c5:21:
f1:c7:c1:48:3b:1c:31:ad:62:ab:3d:f3:31:91:0b:
03:da:41:c7:28:8e:bd:b8:27:e9:77:ec:24:fa:9c:
38:69:e1:ad:19:94:c0:d6:93:23:3f:75:33:dd:dd:
b1:7d:88:90:6d:8b:0d:a9:c1:70:d1:24:89:42:cd:
f8:45:c1:37:cc:2f:d5:f7:3a:a6:42:b6:bf:cc:73:
81:ef:9f:10:1e:6e:61:b2:7f:b2:e6:16:9c:b8:93:
b0:6e:7c:c7:fa:db:c9:8d:65:cd:fa:34:14:f5:1c:
eb:46:8e:bb:df:63:59:54:17:bf:1c:aa:5f:ca:30:
da:48:ab:5a:16:df:10:0d:d6:44:46:da:56:14:b1:
df:40:74:e2:63:85:7c:8c:27:04:26:5a:54:da:aa:
be:01:b8:ec:46:1c:7e:6c:b9:82:a7:e0:0d:69:c2:
c5:00:8a:e6:dd:ad:13:ff:63:a6:3b:a3:30:00:77:
d5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:FA:C2:32:9D:05:69:D0:78:F8:D9:75:8D:18:11:74:7A:58:90:C9
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/hPrCMp0FadB4-Nl1jRgRdHpYkMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.45.0/24
188.215.73.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b5:c0:46:e1:d8:d9:66:27:69:e3:43:a8:e2:e6:dc:6b:86:
de:4d:a3:fc:20:99:3a:33:e1:41:e6:c3:31:e9:af:97:58:4a:
bc:fe:72:7e:41:bd:39:48:aa:d3:ba:8f:c5:dc:89:dd:45:d1:
d0:5f:fb:86:cd:d7:05:e5:70:f0:ee:8e:b0:92:28:82:87:ab:
e5:98:27:ce:fa:c7:78:db:10:e3:07:33:06:68:a4:1d:ed:65:
c9:3e:e3:9f:0c:ce:61:f8:3e:31:75:01:21:f2:16:31:e9:80:
de:74:88:b2:d4:e0:e7:90:3d:28:66:f2:15:11:62:ff:8b:63:
b8:7a:66:b8:46:af:f8:ca:1f:4b:dd:a4:6f:33:6a:98:c4:50:
c5:a6:19:b4:74:0b:64:19:32:a2:1b:6a:69:35:ff:17:9b:74:
4a:4f:5f:97:8b:59:bb:af:42:6b:4c:1f:45:c0:6c:17:1c:5a:
b0:b5:72:da:59:04:f1:25:0d:8e:5b:33:ae:f4:ca:e4:14:97:
03:39:b7:e3:50:a0:70:1f:e4:6d:98:d9:30:ef:64:5c:43:92:
69:21:b1:a5:d2:f4:9f:88:c7:5c:97:2d:df:fa:7c:b9:59:df:
b0:c7:46:ee:60:39:f8:c4:c6:f3:5f:09:84:30:d9:40:c1:c0:
e1:40:7c:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU1sU9svQWWmVuU+G0BkngdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIxMjIxMTcxODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGZhYzIzMjlkMDU2OWQwNzhmOGQ5NzU4ZDE4MTE3NDdhNTg5MGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ihExPxyo1TcnUqwUhWHPYLm9aIi
PH14J/ECJq3pENlxfFkQ64GIjfA9nVMOdxMUlAyO/59BpL4fjK8BjE35m+cVcpWk
mInixSHxx8FIOxwxrWKrPfMxkQsD2kHHKI69uCfpd+wk+pw4aeGtGZTA1pMjP3Uz
3d2xfYiQbYsNqcFw0SSJQs34RcE3zC/V9zqmQra/zHOB758QHm5hsn+y5hacuJOw
bnzH+tvJjWXN+jQU9RzrRo6732NZVBe/HKpfyjDaSKtaFt8QDdZERtpWFLHfQHTi
Y4V8jCcEJlpU2qq+AbjsRhx+bLmCp+ANacLFAIrm3a0T/2OmO6MwAHfVVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIT6wjKdBWnQePjZdY0YEXR6WJDJMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvaFByQ01wMEZhZEI0LU5sMWpSZ1JkSHBZa01rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSstAwQA
vNdJMA0GCSqGSIb3DQEBCwUAA4IBAQATtcBG4djZZidp40Oo4ubca4beTaP8IJk6
M+FB5sMx6a+XWEq8/nJ+Qb05SKrTuo/F3IndRdHQX/uGzdcF5XDw7o6wkiiCh6vl
mCfO+sd42xDjBzMGaKQd7WXJPuOfDM5h+D4xdQEh8hYx6YDedIiy1ODnkD0oZvIV
EWL/i2O4ema4Rq/4yh9L3aRvM2qYxFDFphm0dAtkGTKiG2ppNf8Xm3RKT1+Xi1m7
r0JrTB9FwGwXHFqwtXLaWQTxJQ2OWzOu9MrkFJcDObfjUKBwH+RtmNkw72RcQ5Jp
IbGl0vSfiMdcly3f+ny5Wd+wx0buYDn4xMbzXwmEMNlAwcDhQHwN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:29 2024 by rpki-client on console-fra.rpki-client.org