Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/e60107-19f3-4194-bc2f-99a0d29ba563/1/Hq2Hn-tqWogEm3GH09pKKFpv_hw.roa
File: Hq2Hn-tqWogEm3GH09pKKFpv_hw.roa (raw, json)
Hash identifier: SegQH/rG4iGSKzu6tSlHNhsDOtR6/nf5zXT26oWsIOg=
Subject key identifier: 1E:AD:87:9F:EB:6A:5A:88:04:9B:71:87:D3:DA:4A:28:5A:6F:FE:1C
Certificate issuer: /CN=79a304ba34b61a15e3797ffd4d1ae8c218c1c7bf
Certificate serial: 018BA984169C5FFF1385558F431B58605BCD
Authority key identifier: 79:A3:04:BA:34:B6:1A:15:E3:79:7F:FD:4D:1A:E8:C2:18:C1:C7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eaMEujS2GhXjeX_9TRrowhjBx78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/e60107-19f3-4194-bc2f-99a0d29ba563/1/Hq2Hn-tqWogEm3GH09pKKFpv_hw.roa
Signing time: Tue 07 Nov 2023 11:21:27 +0000
ROA not before: Tue 07 Nov 2023 11:21:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47951
IP address blocks: 185.23.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a9:84:16:9c:5f:ff:13:85:55:8f:43:1b:58:60:5b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79a304ba34b61a15e3797ffd4d1ae8c218c1c7bf
Validity
Not Before: Nov 7 11:21:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1ead879feb6a5a88049b7187d3da4a285a6ffe1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:bc:18:b7:21:3b:05:f8:c9:c7:83:b5:d1:93:
9d:ef:b3:00:9a:b8:92:60:d0:74:39:ec:ca:46:15:
65:3d:9f:5a:92:68:3c:79:c5:5c:94:c0:ce:75:71:
9b:6e:82:89:66:25:52:d0:3e:06:fd:5e:4d:8f:13:
fa:01:f2:49:f5:78:35:3f:3a:97:11:e4:34:f2:09:
ae:05:cc:94:ef:0a:1a:17:6e:72:1b:b0:a2:95:ee:
e2:ff:2f:62:73:f5:61:3a:e3:79:8c:fd:1d:04:3d:
7d:f2:69:51:8a:74:68:f7:dd:a7:ad:85:a6:10:cd:
80:dd:5e:29:ba:a9:5c:19:dd:06:d8:6c:cb:e2:6d:
46:55:91:f1:00:dc:6d:0f:d9:bf:9e:07:48:60:aa:
b2:4a:10:da:6a:d9:ff:39:28:ae:dd:15:4f:4a:e4:
fc:a6:d5:1a:9f:26:72:81:08:db:bf:5b:61:52:07:
e3:ef:0f:33:a0:90:7a:fd:2a:49:f4:20:89:18:9b:
f8:70:32:b4:9f:b3:5f:6d:10:c9:09:7d:20:62:4d:
90:60:8f:f8:75:dd:e3:b8:c8:eb:2f:3b:10:e4:b1:
e6:a1:d5:aa:23:13:bd:e3:80:fa:87:4d:a3:c4:c0:
5c:d0:e5:d8:88:9b:e1:4d:43:d2:a6:91:71:57:97:
f8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AD:87:9F:EB:6A:5A:88:04:9B:71:87:D3:DA:4A:28:5A:6F:FE:1C
X509v3 Authority Key Identifier:
keyid:79:A3:04:BA:34:B6:1A:15:E3:79:7F:FD:4D:1A:E8:C2:18:C1:C7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eaMEujS2GhXjeX_9TRrowhjBx78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e60107-19f3-4194-bc2f-99a0d29ba563/1/Hq2Hn-tqWogEm3GH09pKKFpv_hw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/e60107-19f3-4194-bc2f-99a0d29ba563/1/eaMEujS2GhXjeX_9TRrowhjBx78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.111.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:9c:2e:94:fc:87:4b:48:b5:a0:24:ee:f3:23:81:eb:e4:d0:
96:10:a1:00:a3:db:6e:46:1c:28:38:37:bb:1b:8d:0b:98:3a:
a6:8a:92:d3:d0:62:fc:e5:eb:54:ff:06:5f:e9:bb:f1:eb:fb:
2c:7f:ae:03:92:d8:ca:dc:8a:0c:5f:a1:0f:1b:47:b6:29:81:
fd:78:b4:17:35:38:e3:35:71:ef:56:9e:2e:1f:f1:a6:fd:65:
45:ad:75:27:c4:c3:51:fe:df:64:c5:06:3c:d6:22:3d:69:43:
2b:f5:55:f5:04:8b:44:13:6c:72:a5:d7:57:99:74:3c:1e:39:
f1:d5:e8:f9:be:1a:50:2f:3a:d7:e7:b3:dd:ba:3f:22:54:b7:
7b:87:fc:a6:b8:75:cb:f5:d4:0a:b0:b6:f6:ec:d9:65:9d:4d:
37:0d:b4:54:6c:30:b0:be:72:a3:64:e9:6a:4e:75:3a:a0:db:
9c:9d:e5:cd:e8:07:04:2d:35:27:70:0b:0d:ee:89:e3:5b:58:
22:69:43:73:ce:86:16:8c:79:06:52:ca:89:dd:52:d2:1f:a9:
0d:8a:4e:d3:f3:cb:88:92:a0:77:a8:39:1d:1b:fe:bb:0a:5d:
07:50:8f:f0:54:b4:9a:d6:bd:e4:f5:ea:5a:20:ae:75:60:d2:
a8:6b:e2:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYuphBacX/8ThVWPQxtYYFvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5YTMwNGJhMzRiNjFhMTVlMzc5N2ZmZDRkMWFlOGMyMThj
MWM3YmYwHhcNMjMxMTA3MTEyMTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFkODc5ZmViNmE1YTg4MDQ5YjcxODdkM2RhNGEyODVhNmZmZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrwYtyE7BfjJx4O10ZOd77MAmriS
YNB0OezKRhVlPZ9akmg8ecVclMDOdXGbboKJZiVS0D4G/V5NjxP6AfJJ9Xg1PzqX
EeQ08gmuBcyU7woaF25yG7Cile7i/y9ic/VhOuN5jP0dBD198mlRinRo992nrYWm
EM2A3V4puqlcGd0G2GzL4m1GVZHxANxtD9m/ngdIYKqyShDaatn/OSiu3RVPSuT8
ptUanyZygQjbv1thUgfj7w8zoJB6/SpJ9CCJGJv4cDK0n7NfbRDJCX0gYk2QYI/4
dd3juMjrLzsQ5LHmodWqIxO944D6h02jxMBc0OXYiJvhTUPSppFxV5f4PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6th5/ralqIBJtxh9PaSihab/4cMB8GA1UdIwQY
MBaAFHmjBLo0thoV43l//U0a6MIYwce/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWFNRXVqUzJHaFhqZVhfOVRScm93aGpCeDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9lNjAxMDctMTlmMy00MTk0LWJjMmYt
OTlhMGQyOWJhNTYzLzEvSHEySG4tdHFXb2dFbTNHSDA5cEtLRnB2X2h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9lNjAxMDctMTlmMy00MTk0LWJjMmYtOTlhMGQyOWJhNTYz
LzEvZWFNRXVqUzJHaFhqZVhfOVRScm93aGpCeDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRdvMA0G
CSqGSIb3DQEBCwUAA4IBAQAPnC6U/IdLSLWgJO7zI4Hr5NCWEKEAo9tuRhwoODe7
G40LmDqmipLT0GL85etU/wZf6bvx6/ssf64DktjK3IoMX6EPG0e2KYH9eLQXNTjj
NXHvVp4uH/Gm/WVFrXUnxMNR/t9kxQY81iI9aUMr9VX1BItEE2xypddXmXQ8Hjnx
1ej5vhpQLzrX57Pduj8iVLd7h/ymuHXL9dQKsLb27NllnU03DbRUbDCwvnKjZOlq
TnU6oNucneXN6AcELTUncAsN7onjW1giaUNzzoYWjHkGUsqJ3VLSH6kNik7T88uI
kqB3qDkdG/67Cl0HUI/wVLSa1r3k9epaIK51YNKoa+Jt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:47 2025 by rpki-client