Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QHjc4fdlTMGuDdqjtcIxU12llVs.roa
File: QHjc4fdlTMGuDdqjtcIxU12llVs.roa (raw, json)
Hash identifier: 7OmWcOR6GdPvI6fSRyfjZWQZIwSc7ZBUodzDI7kZeCk=
Subject key identifier: 40:78:DC:E1:F7:65:4C:C1:AE:0D:DA:A3:B5:C2:31:53:5D:A5:95:5B
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01830396993D421A1707F11D67F019F3CE18
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QHjc4fdlTMGuDdqjtcIxU12llVs.roa
Signing time: Sat 03 Sep 2022 13:42:24 +0000
ROA not before: Sat 03 Sep 2022 13:42:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 89.185.24.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:03:96:99:3d:42:1a:17:07:f1:1d:67:f0:19:f3:ce:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 3 13:42:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4078dce1f7654cc1ae0ddaa3b5c231535da5955b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:be:31:db:85:3d:71:02:0d:f4:56:67:b4:49:
90:67:cc:ed:7d:0b:9e:3e:97:94:50:bc:8b:f2:f3:
64:96:96:f9:e6:14:55:95:58:f3:33:c7:f4:ef:a0:
30:40:43:21:81:f4:bf:fd:14:31:16:27:54:22:d8:
09:98:89:5c:cb:47:fc:18:aa:da:24:bb:f9:52:af:
0f:eb:e9:b2:16:0b:1d:5d:ba:f5:0b:52:2b:95:c3:
03:cd:95:70:82:2f:14:68:ca:61:3b:9d:3d:f2:28:
5d:ef:8e:d5:48:5f:4f:69:74:e9:fa:b3:80:e9:fb:
7d:96:50:6f:52:a2:bf:34:ed:9f:06:e5:b0:80:62:
e8:16:51:2e:71:ec:51:bb:08:cb:3a:66:25:32:32:
18:b2:e1:55:13:f9:1e:24:26:3c:4b:d9:89:b3:bc:
63:3b:c4:bc:d2:24:af:9f:ee:4a:f6:57:c3:e9:a0:
81:79:a4:58:5a:e3:93:fc:27:17:06:52:fc:82:0a:
6f:dc:19:25:ae:b0:a7:11:84:1e:ab:7a:96:f6:c5:
fb:ad:e9:37:fb:72:41:20:f8:ea:11:23:2b:e0:4f:
e2:a0:b6:c5:51:8f:ed:af:1b:a6:0f:2f:77:b6:34:
63:a8:87:cf:59:38:9a:d4:3e:19:f8:82:35:a9:f3:
be:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:78:DC:E1:F7:65:4C:C1:AE:0D:DA:A3:B5:C2:31:53:5D:A5:95:5B
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/QHjc4fdlTMGuDdqjtcIxU12llVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.24.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:b2:94:1e:d5:87:4d:e3:9d:26:3a:71:d0:9d:b1:df:e7:81:
6a:ee:a2:f9:1d:c6:6a:db:7d:b3:e7:34:6d:73:02:58:dc:5a:
1f:29:b4:e2:0b:14:f9:2f:a1:e7:bf:5f:74:ea:d0:ee:b7:7d:
5d:7e:87:6c:be:16:ef:66:14:63:8b:fa:95:06:8e:a2:36:29:
30:b4:26:89:9c:74:8a:22:60:15:cb:2b:73:41:e1:e2:68:34:
95:d9:c8:b6:1f:6b:d4:bf:d9:40:88:c9:dd:29:eb:4b:73:80:
8b:59:b1:4b:28:31:2b:57:6d:c2:6a:73:50:28:e5:bb:02:95:
f8:51:c4:9f:d9:be:4e:d2:cf:4e:5a:83:19:4e:58:b0:93:e0:
30:9f:ef:49:7d:33:73:a0:4d:9d:b7:c0:f4:24:94:91:9a:90:
83:d5:bd:78:ad:7a:ee:62:f4:d2:ea:a0:f8:5f:7a:f2:b9:0a:
6b:f1:85:b8:36:ff:44:41:15:5a:c4:38:43:74:6d:90:b2:94:
11:75:e3:35:c4:48:45:1a:a4:81:31:a2:51:cc:1f:22:a8:15:
9a:f0:a9:ed:4e:ed:fa:d1:fa:c7:23:f2:04:54:60:d6:01:c4:
16:d3:3e:ab:ee:62:97:d2:83:03:a1:21:72:73:90:f5:93:dc:
a4:ed:24:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMDlpk9QhoXB/EdZ/AZ884YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIwOTAzMTM0MjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDc4ZGNlMWY3NjU0Y2MxYWUwZGRhYTNiNWMyMzE1MzVkYTU5NTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL4x24U9cQIN9FZntEmQZ8ztfQue
PpeUULyL8vNklpb55hRVlVjzM8f076AwQEMhgfS//RQxFidUItgJmIlcy0f8GKra
JLv5Uq8P6+myFgsdXbr1C1IrlcMDzZVwgi8UaMphO5098ihd747VSF9PaXTp+rOA
6ft9llBvUqK/NO2fBuWwgGLoFlEucexRuwjLOmYlMjIYsuFVE/keJCY8S9mJs7xj
O8S80iSvn+5K9lfD6aCBeaRYWuOT/CcXBlL8ggpv3BklrrCnEYQeq3qW9sX7rek3
+3JBIPjqESMr4E/ioLbFUY/trxumDy93tjRjqIfPWTia1D4Z+II1qfO+WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEB43OH3ZUzBrg3ao7XCMVNdpZVbMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvUUhqYzRmZGxUTUd1RGRxanRjSXhVMTJsbFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWbkYMA0G
CSqGSIb3DQEBCwUAA4IBAQAespQe1YdN450mOnHQnbHf54Fq7qL5HcZq232z5zRt
cwJY3FofKbTiCxT5L6Hnv1906tDut31dfodsvhbvZhRji/qVBo6iNikwtCaJnHSK
ImAVyytzQeHiaDSV2ci2H2vUv9lAiMndKetLc4CLWbFLKDErV23CanNQKOW7ApX4
UcSf2b5O0s9OWoMZTliwk+Awn+9JfTNzoE2dt8D0JJSRmpCD1b14rXruYvTS6qD4
X3ryuQpr8YW4Nv9EQRVaxDhDdG2QspQRdeM1xEhFGqSBMaJRzB8iqBWa8KntTu36
0frHI/IEVGDWAcQW0z6r7mKX0oMDoSFyc5D1k9yk7SRh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:07 2023 by rpki-client on console-fra.rpki-client.org