Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/1QhWwIhaimOGpFVleCwYYid8ffM.roa
File: 1QhWwIhaimOGpFVleCwYYid8ffM.roa (raw, json)
Hash identifier: 9JDCRqWnWOEN8Adb0JLlzmBxH50f8z1Rkwk8REU8PQ4=
Subject key identifier: D5:08:56:C0:88:5A:8A:63:86:A4:55:65:78:2C:18:62:27:7C:7D:F3
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 01856E6FA04675DA98265224EC2667CD5813
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/1QhWwIhaimOGpFVleCwYYid8ffM.roa
Signing time: Sun 01 Jan 2023 17:44:47 +0000
ROA not before: Sun 01 Jan 2023 17:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61250
IP address blocks: 89.43.15.0/24 maxlen: 24
89.43.14.0/23 maxlen: 23
89.43.14.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:a0:46:75:da:98:26:52:24:ec:26:67:cd:58:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 1 17:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d50856c0885a8a6386a45565782c1862277c7df3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c0:f5:b1:56:10:75:fd:d4:c8:94:7c:a5:0b:
c5:df:91:2e:48:0a:da:0f:ac:93:9b:6c:cf:dd:e7:
ab:9c:7b:75:cd:8e:f6:3f:2e:58:6f:b0:26:03:b8:
25:42:35:3c:ee:26:f4:7e:77:af:f4:ef:cf:22:11:
87:03:b2:22:84:32:f0:00:a2:83:43:4a:08:95:40:
db:08:1e:46:a5:96:ee:14:71:ee:8a:3c:34:01:3a:
dc:41:e3:7e:c2:ec:fd:e6:ca:c9:f5:1c:e5:ce:bf:
fa:94:72:20:db:44:a3:42:73:7e:55:2e:10:bc:76:
80:67:4a:98:f0:59:cc:57:09:ed:fd:bf:0e:22:96:
84:e4:06:5e:3a:b0:64:db:43:7b:d1:a6:51:a0:c9:
36:45:46:e6:8a:62:bd:71:d1:37:57:7e:35:79:8b:
77:e8:9f:92:54:1b:64:d0:32:d6:71:10:b9:6d:60:
6a:ba:a8:a9:d9:9b:09:55:47:3a:ef:e5:56:0d:4f:
84:06:9b:3c:9a:6d:53:05:5b:06:85:e1:c9:8f:62:
45:3f:55:b1:de:81:c3:4a:26:ac:c6:7d:c7:21:09:
00:03:51:db:ac:1d:c4:4a:10:87:34:0f:d2:12:6e:
a6:29:e5:ae:b3:16:4c:45:66:0b:91:bc:07:5b:23:
71:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:08:56:C0:88:5A:8A:63:86:A4:55:65:78:2C:18:62:27:7C:7D:F3
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/1QhWwIhaimOGpFVleCwYYid8ffM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.14.0/23
Signature Algorithm: sha256WithRSAEncryption
52:41:54:54:69:ac:5d:b5:46:3b:af:b9:42:0f:88:5c:20:9e:
66:2e:45:66:fe:4a:e3:40:cf:f5:f6:1a:f4:db:60:06:55:65:
30:87:cd:53:bb:15:81:06:0d:0d:5c:14:25:5e:af:0a:29:52:
eb:18:b0:27:b8:8d:e1:7a:15:aa:ca:05:07:65:8d:b6:39:28:
2d:56:3d:de:79:e2:e6:9f:d1:1f:1d:75:f9:ee:51:05:da:b1:
95:1a:b1:ee:4d:ed:ec:b5:44:f9:ca:c9:e4:a0:e1:06:55:4b:
dd:88:f4:2f:23:e8:94:74:ba:18:b5:5b:8a:37:33:36:52:62:
9e:a6:c1:f8:e7:b9:5d:34:c8:dc:78:69:d4:6d:5d:fa:50:cc:
01:50:d9:a6:93:09:ab:95:30:33:a2:e2:e2:08:6c:41:ab:a0:
d2:d0:19:32:c1:17:09:e5:d7:60:10:67:9e:f1:53:af:a8:d8:
ee:e7:30:6a:ed:d7:3d:20:5e:72:f1:fb:bb:54:23:93:dd:2a:
d9:df:f8:f3:ba:22:f5:b9:fe:1e:8c:87:05:cc:4a:78:01:e1:
b9:23:2c:91:f6:9b:a7:07:a1:b3:b2:2a:f1:49:e4:78:f7:51:
2e:d0:e2:e1:d7:12:b8:f6:84:88:c1:7b:cb:ad:e4:17:a3:33:
1a:52:20:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVub6BGddqYJlIk7CZnzVgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjMwMTAxMTc0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTA4NTZjMDg4NWE4YTYzODZhNDU1NjU3ODJjMTg2MjI3N2M3ZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsD1sVYQdf3UyJR8pQvF35EuSAra
D6yTm2zP3eernHt1zY72Py5Yb7AmA7glQjU87ib0fnev9O/PIhGHA7IihDLwAKKD
Q0oIlUDbCB5GpZbuFHHuijw0ATrcQeN+wuz95srJ9Rzlzr/6lHIg20SjQnN+VS4Q
vHaAZ0qY8FnMVwnt/b8OIpaE5AZeOrBk20N70aZRoMk2RUbmimK9cdE3V341eYt3
6J+SVBtk0DLWcRC5bWBquqip2ZsJVUc67+VWDU+EBps8mm1TBVsGheHJj2JFP1Wx
3oHDSiasxn3HIQkAA1HbrB3EShCHNA/SEm6mKeWusxZMRWYLkbwHWyNxqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNUIVsCIWopjhqRVZXgsGGInfH3zMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvMVFoV3dJaGFpbU9HcEZWbGVDd1lZaWQ4ZmZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSsOMA0G
CSqGSIb3DQEBCwUAA4IBAQBSQVRUaaxdtUY7r7lCD4hcIJ5mLkVm/krjQM/19hr0
22AGVWUwh81TuxWBBg0NXBQlXq8KKVLrGLAnuI3hehWqygUHZY22OSgtVj3eeeLm
n9EfHXX57lEF2rGVGrHuTe3stUT5ysnkoOEGVUvdiPQvI+iUdLoYtVuKNzM2UmKe
psH457ldNMjceGnUbV36UMwBUNmmkwmrlTAzouLiCGxBq6DS0BkywRcJ5ddgEGee
8VOvqNju5zBq7dc9IF5y8fu7VCOT3SrZ3/jzuiL1uf4ejIcFzEp4AeG5IyyR9pun
B6GzsirxSeR491Eu0OLh1xK49oSIwXvLreQXozMaUiCd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:54 2025 by rpki-client