Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/qlNCdyh3LnnkihAO15YRivfGqRc.roa
File: qlNCdyh3LnnkihAO15YRivfGqRc.roa (raw, json)
Hash identifier: FnjZT0XjQU8Ckz+6mv5vYLUPJ02D+srUSvkEPoAOPag=
Subject key identifier: AA:53:42:77:28:77:2E:79:E4:8A:10:0E:D7:96:11:8A:F7:C6:A9:17
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 099A6F
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/qlNCdyh3LnnkihAO15YRivfGqRc.roa
Signing time: Wed 23 Mar 2022 15:14:02 +0000
ROA not before: Wed 23 Mar 2022 15:14:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8551
IP address blocks: 89.38.28.0/23 maxlen: 23
89.38.28.0/22 maxlen: 22
89.38.30.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 629359 (0x99a6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Mar 23 15:14:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa53427728772e79e48a100ed796118af7c6a917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:51:68:02:b4:6d:32:5b:82:7f:d1:d6:da:8b:
dd:4e:db:58:44:9c:c4:76:7b:8e:2a:05:2f:c2:56:
ee:55:a7:a4:1d:83:ba:a4:cb:8b:21:8e:c9:36:a8:
20:55:f9:34:4c:b4:05:45:00:30:79:3c:35:8b:7f:
7b:d6:b7:96:8f:94:6f:68:58:4d:5b:09:e8:9b:c0:
6e:87:b8:04:d7:98:8f:e0:59:1f:ce:37:f8:93:95:
73:57:80:27:f7:2b:55:1f:05:01:b6:db:7c:cb:a8:
ce:fb:5b:8f:73:9a:97:1c:c6:bc:c7:c7:90:ad:d8:
fb:e9:d9:2a:95:a2:53:eb:87:38:c4:30:56:7b:f8:
05:1b:35:41:9e:af:a9:fa:52:c9:7e:bc:5d:ef:05:
b3:cb:cd:0d:9c:f1:33:87:b5:68:ba:2f:fe:94:f5:
08:14:4b:cb:ab:61:4f:f0:12:dc:ab:40:33:5d:dc:
6a:43:7a:25:10:03:7a:7e:ef:53:2b:ad:f7:1d:e8:
7d:c1:5f:4c:75:ac:a2:8f:86:c0:d4:fd:29:08:ed:
5e:a4:8b:89:6e:b2:c0:8f:9f:0e:f1:2e:c1:8b:4c:
35:48:d5:bd:0b:e4:ff:0d:a0:86:f0:34:62:41:02:
c1:2f:15:7b:de:5c:60:e9:73:c9:28:af:27:c9:f1:
e0:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:53:42:77:28:77:2E:79:E4:8A:10:0E:D7:96:11:8A:F7:C6:A9:17
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/qlNCdyh3LnnkihAO15YRivfGqRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.28.0/22
Signature Algorithm: sha256WithRSAEncryption
10:cc:ca:87:b2:30:b1:89:3d:79:ed:70:12:4f:fd:5e:60:1a:
41:be:70:cf:ec:9e:8e:55:a7:71:5e:2e:6f:0b:74:d2:ea:96:
59:2a:09:af:ef:86:af:9b:0c:11:96:80:86:9c:22:4b:f7:42:
72:d7:a7:f3:a2:e3:85:ea:c6:13:8d:d0:d8:da:0a:7f:ba:94:
c5:97:93:40:df:13:4d:95:a4:c8:d4:d6:97:34:92:61:1b:4c:
a3:7a:44:b9:ef:86:ca:21:06:10:c7:ce:49:fd:67:4e:c2:5d:
63:cd:98:0c:85:76:da:72:5b:c7:59:e8:a1:0e:c9:3a:75:14:
b3:50:f4:e5:d7:3e:4f:bc:46:c0:cc:78:fb:b5:31:5f:42:69:
ca:4b:1c:a5:e5:32:a3:9f:30:9a:98:86:ca:41:48:d8:dc:ca:
8f:cd:f5:6a:6c:5c:79:4e:48:1e:41:f6:a6:1b:47:1c:10:b5:
d0:d6:bb:1f:46:ce:6b:fd:03:91:f1:6b:d0:84:2e:2a:49:70:
fa:3e:2f:39:ee:25:94:45:bf:8a:9a:67:60:08:c6:67:d2:d2:
46:3f:03:5c:ac:86:81:39:dc:6c:7d:7b:30:df:55:42:8c:80:
5a:94:7b:25:00:d3:9d:08:67:f9:d1:38:d1:f9:7f:38:13:2a:
6f:9b:b1:41
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDCZpvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ5
ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkwYWI3NzAwHhcNMjIwMzIz
MTUxNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhYTUzNDI3NzI4Nzcy
ZTc5ZTQ4YTEwMGVkNzk2MTE4YWY3YzZhOTE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAs1FoArRtMluCf9HW2ovdTttYRJzEdnuOKgUvwlbuVaekHYO6
pMuLIY7JNqggVfk0TLQFRQAweTw1i3971reWj5RvaFhNWwnom8Buh7gE15iP4Fkf
zjf4k5VzV4An9ytVHwUBttt8y6jO+1uPc5qXHMa8x8eQrdj76dkqlaJT64c4xDBW
e/gFGzVBnq+p+lLJfrxd7wWzy80NnPEzh7Voui/+lPUIFEvLq2FP8BLcq0AzXdxq
Q3olEAN6fu9TK633Heh9wV9Mdayij4bA1P0pCO1epIuJbrLAj58O8S7Bi0w1SNW9
C+T/DaCG8DRiQQLBLxV73lxg6XPJKK8nyfHgjQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKpTQncody555IoQDteWEYr3xqkXMB8GA1UdIwQYMBaAFNnv6dNvX4j98EdC
xBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4LzEv
cWxOQ2R5aDNMbm5raWhBTzE1WVJpdmZHcVJjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81
NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4LzEvMmVfcDAyOWZpUDN3
UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSYcMA0GCSqGSIb3DQEBCwUAA4IB
AQAQzMqHsjCxiT157XAST/1eYBpBvnDP7J6OVadxXi5vC3TS6pZZKgmv74avmwwR
loCGnCJL90Jy16fzouOF6sYTjdDY2gp/upTFl5NA3xNNlaTI1NaXNJJhG0yjekS5
74bKIQYQx85J/WdOwl1jzZgMhXbaclvHWeihDsk6dRSzUPTl1z5PvEbAzHj7tTFf
QmnKSxyl5TKjnzCamIbKQUjY3MqPzfVqbFx5TkgeQfamG0ccELXQ1rsfRs5r/QOR
8WvQhC4qSXD6Pi857iWURb+KmmdgCMZn0tJGPwNcrIaBOdxsfXsw31VCjIBalHsl
ANOdCGf50TjR+X84Eypvm7FB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:55 2024 by rpki-client on console-fra.rpki-client.org