Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/HocOPV2FVpGYEsdPN70wrwAvBjw.roa
File: HocOPV2FVpGYEsdPN70wrwAvBjw.roa (raw, json)
Hash identifier: oNwFaGG+3s8iI0lqqtdpNH6QLoUVwE6pbDlWtqjV2Aw=
Subject key identifier: 1E:87:0E:3D:5D:85:56:91:98:12:C7:4F:37:BD:30:AF:00:2F:06:3C
Certificate issuer: /CN=a8d52cc870606a3f3f32c0fff97cf6931fa65ca3
Certificate serial: 03343A8D
Authority key identifier: A8:D5:2C:C8:70:60:6A:3F:3F:32:C0:FF:F9:7C:F6:93:1F:A6:5C:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qNUsyHBgaj8_MsD_-Xz2kx-mXKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/HocOPV2FVpGYEsdPN70wrwAvBjw.roa
Signing time: Sat 01 Jan 2022 14:04:53 +0000
ROA not before: Sat 01 Jan 2022 14:04:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 89.22.224.0/20 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53754509 (0x3343a8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8d52cc870606a3f3f32c0fff97cf6931fa65ca3
Validity
Not Before: Jan 1 14:04:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e870e3d5d8556919812c74f37bd30af002f063c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:82:c1:a4:b9:c0:59:7d:c5:a2:2e:f5:b7:64:
1b:5c:a8:63:bb:17:0b:e6:82:d8:d4:09:22:a8:d2:
36:37:cb:6f:49:22:a0:47:2b:09:bc:46:2a:fa:6f:
88:2c:a6:40:50:53:7d:57:3f:35:82:1b:a7:84:16:
1c:15:d8:b8:da:80:da:37:ef:bb:ef:37:45:d8:93:
42:23:8b:7f:25:64:1b:5d:ea:d4:81:42:be:de:a8:
ea:f2:00:b0:53:f9:8b:2b:ad:7d:78:8d:8f:f2:60:
5b:7c:ba:88:63:d6:d2:53:8d:d1:6b:35:8e:b3:4b:
a7:0e:be:76:90:87:f9:73:e3:70:01:1d:bd:56:80:
4f:cd:94:a3:9a:66:2c:34:38:e6:a1:b7:34:8a:27:
ab:bb:83:f8:40:42:48:75:b2:ad:57:c4:11:8f:6c:
3d:40:4f:36:16:1d:5a:ad:2b:d8:45:45:a7:20:0e:
23:05:c4:17:0d:b8:0d:cb:ad:58:1b:07:4c:99:43:
68:91:37:f4:98:e3:68:13:1a:a5:99:8f:7b:f7:87:
d0:2a:d1:30:5b:5d:8e:4e:72:90:b6:90:b8:cb:59:
b7:3c:a2:4d:2a:5d:bb:40:84:fc:24:61:35:39:ab:
73:b9:ae:a2:c8:c8:68:98:01:d3:95:26:bb:85:de:
1e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:87:0E:3D:5D:85:56:91:98:12:C7:4F:37:BD:30:AF:00:2F:06:3C
X509v3 Authority Key Identifier:
keyid:A8:D5:2C:C8:70:60:6A:3F:3F:32:C0:FF:F9:7C:F6:93:1F:A6:5C:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qNUsyHBgaj8_MsD_-Xz2kx-mXKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/HocOPV2FVpGYEsdPN70wrwAvBjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/fe131d-aa10-4c6b-8128-f55bc8af1506/1/qNUsyHBgaj8_MsD_-Xz2kx-mXKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.22.224.0/20
Signature Algorithm: sha256WithRSAEncryption
51:71:46:89:9f:a8:1c:11:7e:60:25:0a:81:1a:c1:e1:ac:87:
ac:4f:1e:bd:7a:78:64:4e:87:61:b8:3b:77:c4:e9:e6:65:a3:
d0:12:a3:63:64:55:c7:d9:d5:08:5d:43:92:a0:e9:9b:6c:c2:
ff:22:c0:3a:b4:92:83:5d:14:7a:63:c0:68:7b:f0:e8:e3:a4:
94:c8:06:d0:00:d3:82:52:cb:62:94:c6:e8:6d:e5:55:7e:97:
2a:da:1c:32:2d:81:47:9c:de:54:f4:73:7a:b5:6f:5d:4d:f9:
30:a9:77:6b:43:e7:04:5a:7d:c4:83:92:d9:31:9b:08:96:8e:
7e:ca:c2:3f:6d:dd:af:11:c4:8f:83:20:db:d9:b8:b0:e7:16:
a0:33:b6:e6:1e:c7:97:2c:bd:3d:58:b1:72:b5:83:3f:93:f6:
13:f4:b9:73:98:c1:92:2b:44:46:04:bc:8d:be:39:07:df:5a:
90:b6:f4:f6:61:64:f9:0d:3e:55:45:58:d5:aa:b8:40:52:de:
fc:a4:f4:ee:27:63:18:00:33:ca:5e:1b:ed:9b:69:f8:b0:ba:
26:57:ca:bc:85:53:03:44:b3:76:6c:38:a8:0d:93:a2:61:22:
1a:1f:cf:4f:35:13:61:4c:40:ff:03:17:53:eb:e3:fe:f1:d0:
a7:71:f6:96
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAzQ6jTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OGQ1MmNjODcwNjA2YTNmM2YzMmMwZmZmOTdjZjY5MzFmYTY1Y2EzMB4XDTIyMDEw
MTE0MDQ1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU4NzBlM2Q1ZDg1
NTY5MTk4MTJjNzRmMzdiZDMwYWYwMDJmMDYzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiCwaS5wFl9xaIu9bdkG1yoY7sXC+aC2NQJIqjSNjfLb0ki
oEcrCbxGKvpviCymQFBTfVc/NYIbp4QWHBXYuNqA2jfvu+83RdiTQiOLfyVkG13q
1IFCvt6o6vIAsFP5iyutfXiNj/JgW3y6iGPW0lON0Ws1jrNLpw6+dpCH+XPjcAEd
vVaAT82Uo5pmLDQ45qG3NIonq7uD+EBCSHWyrVfEEY9sPUBPNhYdWq0r2EVFpyAO
IwXEFw24DcutWBsHTJlDaJE39JjjaBMapZmPe/eH0CrRMFtdjk5ykLaQuMtZtzyi
TSpdu0CE/CRhNTmrc7muosjIaJgB05Umu4XeHhcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQehw49XYVWkZgSx083vTCvAC8GPDAfBgNVHSMEGDAWgBSo1SzIcGBqPz8y
wP/5fPaTH6ZcozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FOVXN5SEJnYWo4X01zRF8tWHoya3gtbVhLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvZmUxMzFkLWFhMTAtNGM2Yi04MTI4LWY1NWJjOGFmMTUwNi8x
L0hvY09QVjJGVnBHWUVzZFBONzB3cndBdkJqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
ZmUxMzFkLWFhMTAtNGM2Yi04MTI4LWY1NWJjOGFmMTUwNi8xL3FOVXN5SEJnYWo4
X01zRF8tWHoya3gtbVhLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFkW4DANBgkqhkiG9w0BAQsFAAOC
AQEAUXFGiZ+oHBF+YCUKgRrB4ayHrE8evXp4ZE6HYbg7d8Tp5mWj0BKjY2RVx9nV
CF1DkqDpm2zC/yLAOrSSg10UemPAaHvw6OOklMgG0ADTglLLYpTG6G3lVX6XKtoc
Mi2BR5zeVPRzerVvXU35MKl3a0PnBFp9xIOS2TGbCJaOfsrCP23drxHEj4Mg29m4
sOcWoDO25h7Hlyy9PVixcrWDP5P2E/S5c5jBkitERgS8jb45B99akLb09mFk+Q0+
VUVY1aq4QFLe/KT07idjGAAzyl4b7Ztp+LC6JlfKvIVTA0Szdmw4qA2TomEiGh/P
TzUTYUxA/wMXU+vj/vHQp3H2lg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:11 2025 by rpki-client