Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/HXL2W1M7AOQFN0R5rAcqO-RqsuQ.roa
File: HXL2W1M7AOQFN0R5rAcqO-RqsuQ.roa (raw, json)
Hash identifier: hsCKktOsbTiCM3VDKkGbydiftUVCx4ZZ+SzoSyywyCo=
Subject key identifier: 1D:72:F6:5B:53:3B:00:E4:05:37:44:79:AC:07:2A:3B:E4:6A:B2:E4
Certificate issuer: /CN=a733bd111fd8cb76f4883bbbcbfda59db66ed2de
Certificate serial: 018570B059D29B647D3B13C2CF8472F958C3
Authority key identifier: A7:33:BD:11:1F:D8:CB:76:F4:88:3B:BB:CB:FD:A5:9D:B6:6E:D2:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/HXL2W1M7AOQFN0R5rAcqO-RqsuQ.roa
Signing time: Mon 02 Jan 2023 04:14:43 +0000
ROA not before: Mon 02 Jan 2023 04:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201010
IP address blocks: 185.89.24.0/22 maxlen: 24
2a05:d500::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:59:d2:9b:64:7d:3b:13:c2:cf:84:72:f9:58:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a733bd111fd8cb76f4883bbbcbfda59db66ed2de
Validity
Not Before: Jan 2 04:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d72f65b533b00e405374479ac072a3be46ab2e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:b6:ad:27:67:cc:88:5b:4c:31:3f:15:76:50:
99:72:87:48:99:5c:b9:0e:2b:f4:30:91:81:47:47:
92:3d:cf:b9:1e:7c:5b:c4:ca:f2:48:0b:9c:14:f6:
96:38:43:f9:10:1b:5c:85:98:95:56:42:67:11:01:
b3:52:7b:54:aa:fc:4f:68:31:d4:b6:43:50:37:2a:
80:e5:be:e4:93:2f:1c:00:9d:d2:92:63:db:6d:32:
02:af:a7:cc:17:fa:38:99:fb:9d:da:54:16:9f:61:
d1:d7:b4:ce:f7:1d:44:7b:cd:e7:30:be:42:29:9c:
ca:c3:61:ae:ad:66:03:8c:b3:05:1b:22:34:12:5c:
61:0c:9c:96:6d:a7:95:e2:5a:bb:10:dd:cb:94:af:
73:b9:7f:fc:e3:b6:52:d1:42:f0:6c:d6:ae:44:9c:
50:15:d5:1b:09:61:a5:be:85:1b:cc:f5:f6:ab:1a:
90:02:02:45:95:06:5f:4b:0c:e0:67:68:97:48:37:
2f:b8:fa:60:86:cf:60:f1:6a:88:f8:fd:2b:2e:61:
3b:e7:88:12:53:e2:cb:a0:79:14:69:56:c0:6b:84:
27:3f:ca:c2:b4:e1:9c:86:eb:62:41:58:01:c0:36:
0f:5a:60:d5:99:13:7d:38:2e:f6:19:d5:e4:99:2c:
f5:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:72:F6:5B:53:3B:00:E4:05:37:44:79:AC:07:2A:3B:E4:6A:B2:E4
X509v3 Authority Key Identifier:
keyid:A7:33:BD:11:1F:D8:CB:76:F4:88:3B:BB:CB:FD:A5:9D:B6:6E:D2:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/HXL2W1M7AOQFN0R5rAcqO-RqsuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/073b19-0839-43ac-8b5b-08ced92c9770/1/pzO9ER_Yy3b0iDu7y_2lnbZu0t4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.24.0/22
IPv6:
2a05:d500::/29
Signature Algorithm: sha256WithRSAEncryption
5c:c9:34:20:6f:72:88:2f:a7:df:82:2c:79:8d:cc:5a:f2:c0:
37:42:bf:83:37:41:57:e0:60:30:b3:12:d0:be:c6:85:8c:f9:
f1:29:64:5e:f8:c4:65:42:66:86:3e:28:fa:f5:23:d0:68:9d:
8e:ba:26:4f:e3:ae:5b:e2:05:87:4a:64:b3:ac:d0:f3:76:9f:
cd:50:ec:a9:98:0b:50:2b:5b:ef:36:65:1e:c0:35:26:d8:41:
46:74:13:23:0b:fb:08:db:fc:35:ac:8c:00:ab:5b:a8:d2:a6:
8c:89:a7:aa:c8:0e:85:be:e3:6a:ce:3a:ae:d8:79:4d:73:e5:
9d:d3:07:8e:89:e3:be:51:e3:a0:b3:e8:25:b0:84:8d:67:92:
f1:3e:0f:42:7c:44:94:a1:b8:52:f3:f4:f2:bd:4c:bb:89:7d:
dc:03:ca:6d:ad:42:e4:35:aa:e3:d0:7e:35:7b:97:e5:ca:e5:
af:d1:b4:89:86:49:35:9d:0f:ae:19:02:56:e4:cd:f8:f5:01:
b9:35:d6:e1:e9:66:c5:33:67:03:54:84:78:0b:eb:6d:13:32:
a4:7c:e3:54:29:1f:2a:65:93:fc:c1:f6:c8:7c:d5:3c:b3:28:
46:0e:5c:aa:8e:69:14:bf:ee:ec:38:a1:38:f2:50:e4:26:72:
f0:c6:85:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVwsFnSm2R9OxPCz4Ry+VjDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MzNiZDExMWZkOGNiNzZmNDg4M2JiYmNiZmRhNTlkYjY2
ZWQyZGUwHhcNMjMwMTAyMDQxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDcyZjY1YjUzM2IwMGU0MDUzNzQ0NzlhYzA3MmEzYmU0NmFiMmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA67atJ2fMiFtMMT8VdlCZcodImVy5
Div0MJGBR0eSPc+5HnxbxMrySAucFPaWOEP5EBtchZiVVkJnEQGzUntUqvxPaDHU
tkNQNyqA5b7kky8cAJ3SkmPbbTICr6fMF/o4mfud2lQWn2HR17TO9x1Ee83nML5C
KZzKw2GurWYDjLMFGyI0ElxhDJyWbaeV4lq7EN3LlK9zuX/847ZS0ULwbNauRJxQ
FdUbCWGlvoUbzPX2qxqQAgJFlQZfSwzgZ2iXSDcvuPpghs9g8WqI+P0rLmE754gS
U+LLoHkUaVbAa4QnP8rCtOGchutiQVgBwDYPWmDVmRN9OC72GdXkmSz1twIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB1y9ltTOwDkBTdEeawHKjvkarLkMB8GA1UdIwQY
MBaAFKczvREf2Mt29Ig7u8v9pZ22btLeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHpPOUVSX1l5M2IwaUR1N3lfMmxuYlp1MHQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wNzNiMTktMDgzOS00M2FjLThiNWIt
MDhjZWQ5MmM5NzcwLzEvSFhMMlcxTTdBT1FGTjBSNXJBY3FPLVJxc3VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wNzNiMTktMDgzOS00M2FjLThiNWItMDhjZWQ5MmM5Nzcw
LzEvcHpPOUVSX1l5M2IwaUR1N3lfMmxuYlp1MHQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVkYMA0E
AgACMAcDBQMqBdUAMA0GCSqGSIb3DQEBCwUAA4IBAQBcyTQgb3KIL6ffgix5jcxa
8sA3Qr+DN0FX4GAwsxLQvsaFjPnxKWRe+MRlQmaGPij69SPQaJ2OuiZP465b4gWH
SmSzrNDzdp/NUOypmAtQK1vvNmUewDUm2EFGdBMjC/sI2/w1rIwAq1uo0qaMiaeq
yA6FvuNqzjqu2HlNc+Wd0weOieO+UeOgs+glsISNZ5LxPg9CfESUobhS8/TyvUy7
iX3cA8ptrULkNarj0H41e5flyuWv0bSJhkk1nQ+uGQJW5M349QG5Ndbh6WbFM2cD
VIR4C+ttEzKkfONUKR8qZZP8wfbIfNU8syhGDlyqjmkUv+7sOKE48lDkJnLwxoXL
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:54 2025 by rpki-client