Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/QbclqIsOi26UcpnRuqCFaZS_eJk.roa
File: QbclqIsOi26UcpnRuqCFaZS_eJk.roa (raw, json)
Hash identifier: iLhdmXtEp6WDuqkxRQyCnqK+38rGf7dv4d29BP5/bUQ=
Subject key identifier: 41:B7:25:A8:8B:0E:8B:6E:94:72:99:D1:BA:A0:85:69:94:BF:78:99
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 01856B812086E8DD60A346455844AB11ABB3
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/QbclqIsOi26UcpnRuqCFaZS_eJk.roa
Signing time: Sun 01 Jan 2023 04:05:02 +0000
ROA not before: Sun 01 Jan 2023 04:05:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210646
IP address blocks: 89.25.119.0/24 maxlen: 24
89.25.24.0/24 maxlen: 24
213.145.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:20:86:e8:dd:60:a3:46:45:58:44:ab:11:ab:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 1 04:05:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=41b725a88b0e8b6e947299d1baa0856994bf7899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:92:f6:36:a7:96:9f:5c:1a:ac:84:6c:10:57:
bc:74:af:26:f0:66:cb:47:9a:8f:67:72:8a:c2:da:
26:de:e6:f4:85:e2:01:7f:69:93:dd:ae:4a:a1:54:
83:56:a6:dc:c1:c5:0c:41:16:74:bd:65:14:17:1f:
c9:ca:a3:16:b6:5c:bf:74:c9:81:1c:33:31:c0:4f:
09:48:50:d5:2f:91:52:16:8c:8f:9c:fe:84:0c:61:
aa:08:75:d8:61:0d:a9:5c:de:0e:25:eb:98:a6:c7:
13:1b:57:96:65:a4:fb:96:6a:39:a8:eb:3e:ff:f4:
5b:75:40:c2:f6:72:bd:0d:69:4c:6d:90:31:52:f1:
92:59:22:8a:37:a6:9d:cc:e7:23:b5:80:30:6f:f9:
09:f1:cf:ce:34:c2:1f:19:5b:fe:c2:22:cf:c4:6c:
c7:ba:46:1d:9e:3f:3d:aa:4f:df:df:27:7b:8f:fe:
e0:ab:34:29:bb:5f:14:b5:32:cb:73:f4:fc:5c:91:
48:58:68:34:91:32:9d:c7:dc:5c:ca:7e:cb:f1:2a:
82:ad:d9:4a:cb:da:05:3c:a4:92:8a:be:02:05:9f:
b0:4f:2d:99:87:d9:61:ef:c2:69:8a:c4:18:17:82:
45:74:b4:c9:17:90:99:6e:a9:c8:d7:19:0b:07:49:
8d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:B7:25:A8:8B:0E:8B:6E:94:72:99:D1:BA:A0:85:69:94:BF:78:99
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/QbclqIsOi26UcpnRuqCFaZS_eJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.25.24.0/24
89.25.119.0/24
213.145.105.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:b1:1f:34:3f:d4:38:66:86:e3:4e:4d:62:2f:8e:7b:1f:61:
51:4b:25:1f:04:df:3a:5b:a5:6a:3b:32:cf:53:86:cb:eb:16:
80:07:92:32:ed:e8:6a:32:84:4d:ba:68:fa:ed:93:72:a8:0c:
d8:3e:cb:5a:44:88:b3:fc:4f:32:fc:ce:b4:13:ee:6e:4e:14:
8a:94:0d:aa:eb:69:54:11:6e:62:5a:88:8e:ce:e1:7e:fb:ac:
4a:6e:c9:54:12:14:02:9c:9c:fb:35:76:5b:db:0a:28:31:ae:
6d:24:f5:cc:ac:84:20:f9:50:fd:88:de:cc:48:c0:e0:f3:2d:
ee:d3:61:aa:76:18:76:3a:4e:33:13:7d:5f:55:7c:04:6a:a6:
97:ad:3e:2b:16:03:3f:7a:8e:dd:49:61:c2:0f:6c:bd:3d:55:
a8:2a:52:8a:f5:d4:da:0f:64:9f:ef:db:c6:4b:c1:38:a6:72:
71:c9:11:97:8b:47:3b:5c:71:a2:ee:7f:c0:83:0a:e2:1e:47:
8a:dd:ef:e1:e3:84:73:fe:7e:2f:8d:b5:31:6b:85:34:3a:91:
79:6c:0b:06:24:d1:41:51:2b:20:f2:d0:36:8c:a2:92:61:b6:
7f:06:b5:75:19:8e:e5:a6:11:97:db:43:6c:8e:6a:d8:9e:ba:
0b:6e:72:25
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVrgSCG6N1go0ZFWESrEauzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjMwMTAxMDQwNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MWI3MjVhODhiMGU4YjZlOTQ3Mjk5ZDFiYWEwODU2OTk0YmY3ODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJL2NqeWn1warIRsEFe8dK8m8GbL
R5qPZ3KKwtom3ub0heIBf2mT3a5KoVSDVqbcwcUMQRZ0vWUUFx/JyqMWtly/dMmB
HDMxwE8JSFDVL5FSFoyPnP6EDGGqCHXYYQ2pXN4OJeuYpscTG1eWZaT7lmo5qOs+
//RbdUDC9nK9DWlMbZAxUvGSWSKKN6adzOcjtYAwb/kJ8c/ONMIfGVv+wiLPxGzH
ukYdnj89qk/f3yd7j/7gqzQpu18UtTLLc/T8XJFIWGg0kTKdx9xcyn7L8SqCrdlK
y9oFPKSSir4CBZ+wTy2Zh9lh78JpisQYF4JFdLTJF5CZbqnI1xkLB0mNRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEG3JaiLDotulHKZ0bqghWmUv3iZMB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvUWJjbHFJc09pMjZVY3BuUnVxQ0ZhWlNfZUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWRkYAwQA
WRl3AwQA1ZFpMA0GCSqGSIb3DQEBCwUAA4IBAQAssR80P9Q4ZobjTk1iL457H2FR
SyUfBN86W6VqOzLPU4bL6xaAB5Iy7ehqMoRNumj67ZNyqAzYPstaRIiz/E8y/M60
E+5uThSKlA2q62lUEW5iWoiOzuF++6xKbslUEhQCnJz7NXZb2wooMa5tJPXMrIQg
+VD9iN7MSMDg8y3u02Gqdhh2Ok4zE31fVXwEaqaXrT4rFgM/eo7dSWHCD2y9PVWo
KlKK9dTaD2Sf79vGS8E4pnJxyRGXi0c7XHGi7n/AgwriHkeK3e/h44Rz/n4vjbUx
a4U0OpF5bAsGJNFBUSsg8tA2jKKSYbZ/BrV1GY7lphGX20NsjmrYnroLbnIl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:48 2025 by rpki-client