Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/hqK4696mnlOLqXrT9qjz7gLSDlc.roa
File: hqK4696mnlOLqXrT9qjz7gLSDlc.roa (raw, json)
Hash identifier: xMhG8HUKD+hXLtuNCx9dlofF9S7In1+vkVu9NDg07q0=
Subject key identifier: 86:A2:B8:EB:DE:A6:9E:53:8B:A9:7A:D3:F6:A8:F3:EE:02:D2:0E:57
Certificate issuer: /CN=327ce64ace02ccd330ceef98d05df0fb20317a91
Certificate serial: 018570FBA442B588018D8A6048AE403EF26E
Authority key identifier: 32:7C:E6:4A:CE:02:CC:D3:30:CE:EF:98:D0:5D:F0:FB:20:31:7A:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MnzmSs4CzNMwzu-Y0F3w-yAxepE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/hqK4696mnlOLqXrT9qjz7gLSDlc.roa
Signing time: Mon 02 Jan 2023 05:36:57 +0000
ROA not before: Mon 02 Jan 2023 05:36:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198024
IP address blocks: 45.88.44.0/22 maxlen: 22
2a07:3b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:a4:42:b5:88:01:8d:8a:60:48:ae:40:3e:f2:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=327ce64ace02ccd330ceef98d05df0fb20317a91
Validity
Not Before: Jan 2 05:36:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86a2b8ebdea69e538ba97ad3f6a8f3ee02d20e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e3:1c:7e:8b:e3:3d:17:ec:66:35:df:7f:12:
39:c2:0b:a5:1b:4a:af:05:75:54:07:33:10:27:65:
db:36:bb:c0:2f:b6:33:94:b6:83:31:44:a8:86:e1:
53:b8:97:b4:5d:7e:45:a6:18:ba:0e:ec:69:15:5d:
30:98:83:00:f5:77:78:13:89:f8:86:00:aa:0c:fa:
b6:00:17:ce:ed:c6:53:4b:08:81:81:2c:0f:2b:d8:
bf:dc:e6:b1:45:6e:d6:92:b9:3d:87:37:bc:66:fe:
89:aa:10:61:b5:76:0f:bb:fa:87:74:98:9f:15:d2:
11:db:1b:dd:5c:1c:45:92:ef:c2:89:29:bd:c2:74:
2d:e9:5d:ea:6f:8f:f9:5f:1d:72:45:22:2e:dd:48:
8e:85:ce:4e:2f:94:6f:d8:29:74:cb:d8:a4:20:e8:
f8:9a:77:4f:84:e2:97:86:94:ea:20:b3:21:7d:d9:
07:8c:3d:56:f2:55:2b:62:63:91:09:f9:ae:6d:e2:
59:de:d7:c6:37:e4:53:07:63:52:ba:05:89:c1:3d:
cd:62:1f:f4:7f:8f:61:c8:0e:87:95:bd:59:a9:83:
6a:e6:49:61:e3:19:e9:82:20:21:d5:15:50:3b:cd:
a5:98:17:03:4b:22:ec:4e:bc:f2:63:2b:bc:4e:d1:
99:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A2:B8:EB:DE:A6:9E:53:8B:A9:7A:D3:F6:A8:F3:EE:02:D2:0E:57
X509v3 Authority Key Identifier:
keyid:32:7C:E6:4A:CE:02:CC:D3:30:CE:EF:98:D0:5D:F0:FB:20:31:7A:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MnzmSs4CzNMwzu-Y0F3w-yAxepE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/hqK4696mnlOLqXrT9qjz7gLSDlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/9de5da-2db2-4e06-8563-a3d9d614f197/1/MnzmSs4CzNMwzu-Y0F3w-yAxepE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.44.0/22
IPv6:
2a07:3b00::/29
Signature Algorithm: sha256WithRSAEncryption
95:2a:68:1d:72:8a:5f:a7:4a:03:8f:9c:11:1c:93:56:08:81:
95:ac:1c:8b:53:de:99:e0:9d:f5:09:60:64:22:59:5c:c1:37:
87:86:11:ba:4b:78:93:9f:da:90:68:92:0f:88:ff:c2:fd:30:
94:72:53:73:74:34:db:bc:34:96:11:b7:d6:c4:b8:05:0c:a0:
81:c8:a6:43:64:96:f1:fa:4b:5a:55:c5:87:33:de:9f:5a:dc:
eb:c3:aa:49:c6:73:46:6f:63:7b:d0:15:74:45:99:8f:03:eb:
d2:a7:bd:a7:d5:86:ad:48:bc:9c:47:0c:13:00:a7:7d:da:c4:
e1:02:16:50:4a:2e:a9:8e:d2:50:70:cb:a6:cf:5e:59:b5:76:
0d:30:c3:a7:63:a8:b3:bf:3e:05:e9:35:93:0b:7a:6f:ce:37:
f9:bd:12:a1:ac:d4:9a:29:81:e5:f9:1d:7c:8d:a2:0e:1d:d4:
66:3a:f1:3a:a3:6e:1c:ad:e8:4a:19:83:8c:d0:55:38:70:0e:
2d:f1:2b:4c:25:57:97:d2:88:55:54:d8:e3:8a:b9:31:aa:fa:
00:5d:f3:36:25:c0:6f:2f:c5:ba:c4:10:d1:3e:95:8a:df:42:
4d:f3:f3:4f:de:8b:4a:17:d0:16:7d:8b:14:51:3f:0e:1f:0d:
1d:ca:31:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw+6RCtYgBjYpgSK5APvJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyN2NlNjRhY2UwMmNjZDMzMGNlZWY5OGQwNWRmMGZiMjAz
MTdhOTEwHhcNMjMwMTAyMDUzNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmEyYjhlYmRlYTY5ZTUzOGJhOTdhZDNmNmE4ZjNlZTAyZDIwZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+McfovjPRfsZjXffxI5wgulG0qv
BXVUBzMQJ2XbNrvAL7YzlLaDMUSohuFTuJe0XX5Fphi6DuxpFV0wmIMA9Xd4E4n4
hgCqDPq2ABfO7cZTSwiBgSwPK9i/3OaxRW7Wkrk9hze8Zv6JqhBhtXYPu/qHdJif
FdIR2xvdXBxFku/CiSm9wnQt6V3qb4/5Xx1yRSIu3UiOhc5OL5Rv2Cl0y9ikIOj4
mndPhOKXhpTqILMhfdkHjD1W8lUrYmORCfmubeJZ3tfGN+RTB2NSugWJwT3NYh/0
f49hyA6Hlb1ZqYNq5klh4xnpgiAh1RVQO82lmBcDSyLsTrzyYyu8TtGZ/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIaiuOvepp5Ti6l60/ao8+4C0g5XMB8GA1UdIwQY
MBaAFDJ85krOAszTMM7vmNBd8PsgMXqRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW56bVNzNEN6Tk13enUtWTBGM3cteUF4ZXBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS85ZGU1ZGEtMmRiMi00ZTA2LTg1NjMt
YTNkOWQ2MTRmMTk3LzEvaHFLNDY5Nm1ubE9McVhyVDlxano3Z0xTRGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS85ZGU1ZGEtMmRiMi00ZTA2LTg1NjMtYTNkOWQ2MTRmMTk3
LzEvTW56bVNzNEN6Tk13enUtWTBGM3cteUF4ZXBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVgsMA0E
AgACMAcDBQMqBzsAMA0GCSqGSIb3DQEBCwUAA4IBAQCVKmgdcopfp0oDj5wRHJNW
CIGVrByLU96Z4J31CWBkIllcwTeHhhG6S3iTn9qQaJIPiP/C/TCUclNzdDTbvDSW
EbfWxLgFDKCByKZDZJbx+ktaVcWHM96fWtzrw6pJxnNGb2N70BV0RZmPA+vSp72n
1YatSLycRwwTAKd92sThAhZQSi6pjtJQcMumz15ZtXYNMMOnY6izvz4F6TWTC3pv
zjf5vRKhrNSaKYHl+R18jaIOHdRmOvE6o24crehKGYOM0FU4cA4t8StMJVeX0ohV
VNjjirkxqvoAXfM2JcBvL8W6xBDRPpWK30JN8/NP3otKF9AWfYsUUT8OHw0dyjFn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:03 2025 by rpki-client