Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4Hfsxd_kSU0k5SMxnR6uJbBD5f0.roa
File: 4Hfsxd_kSU0k5SMxnR6uJbBD5f0.roa (raw, json)
Hash identifier: 03tuY0Yc0BAjpmdKkMrbxRD5lzqA769EgnQ8EgfVifs=
Subject key identifier: E0:77:EC:C5:DF:E4:49:4D:24:E5:23:31:9D:1E:AE:25:B0:43:E5:FD
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018A02DC476A9A041960563154C298C2D620
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4Hfsxd_kSU0k5SMxnR6uJbBD5f0.roa
Signing time: Thu 17 Aug 2023 09:38:25 +0000
ROA not before: Thu 17 Aug 2023 09:38:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 89.23.105.0/24 maxlen: 24
89.23.106.0/24 maxlen: 24
89.23.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:dc:47:6a:9a:04:19:60:56:31:54:c2:98:c2:d6:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Aug 17 09:38:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e077ecc5dfe4494d24e523319d1eae25b043e5fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:20:8f:60:33:9e:ea:c8:99:87:82:c7:00:b9:
ae:0a:11:6b:54:48:29:14:3e:9d:24:71:d8:09:83:
5a:c5:a4:2f:c6:0e:39:05:72:46:90:c9:d3:23:5d:
34:0c:b9:71:36:9c:bb:20:a4:1e:db:26:8b:32:c3:
8b:b7:04:67:ef:d7:f4:d1:f5:42:7e:df:60:3a:a8:
85:8b:bf:60:0a:ff:e2:f7:57:55:02:3e:e1:0c:08:
53:8d:96:3c:11:87:14:cc:6c:e3:c7:01:a8:96:e7:
08:5c:e1:b5:8f:29:1a:ec:70:44:00:69:22:35:2a:
3d:3b:5e:8e:f8:60:dc:84:42:ed:fd:11:2c:37:5d:
58:69:e7:d9:40:45:8f:2a:d1:fc:b3:2e:f1:23:cd:
25:a3:c0:b9:b9:62:ce:6a:89:9c:f9:68:22:e2:7b:
68:83:e9:20:10:83:68:0b:43:80:55:44:5e:fe:8a:
45:1b:ea:1d:94:e7:93:16:03:65:19:23:5e:9f:d2:
4c:7c:bc:f1:67:57:d1:8a:f8:76:30:bd:81:be:a6:
dd:a7:42:91:7e:ab:69:c8:5a:53:70:5e:fc:66:48:
a8:d7:78:0e:cc:1e:52:88:d9:0f:dd:8f:d2:22:95:
52:09:17:91:ba:be:01:5c:11:45:f8:4f:21:63:17:
fd:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:77:EC:C5:DF:E4:49:4D:24:E5:23:31:9D:1E:AE:25:B0:43:E5:FD
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4Hfsxd_kSU0k5SMxnR6uJbBD5f0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.105.0-89.23.106.255
89.23.110.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:37:4f:f9:28:7c:d5:80:6f:d2:14:1a:d1:08:de:ef:2e:17:
df:61:b2:e1:82:93:89:46:7b:30:ca:4d:92:7d:b8:c1:f4:73:
da:80:81:3f:b0:f4:49:97:a1:5f:8a:78:0e:85:cb:16:f2:ed:
88:e7:b6:d8:d5:08:d1:04:7f:35:43:8e:cd:94:5f:5b:93:f3:
b9:88:fb:64:c1:13:b2:42:c2:a4:d7:ce:37:6f:1e:1f:ce:fd:
f9:4a:fc:29:04:65:00:78:2b:df:64:3d:9c:15:fd:29:84:15:
d7:02:72:cd:97:d8:53:8e:a1:22:36:4c:cf:1d:4e:35:a4:c3:
6b:09:0d:bb:42:bd:2c:bc:79:b8:17:50:a9:2d:c8:2d:f3:22:
1d:df:fb:8f:5d:05:cf:90:38:ef:ac:37:17:6b:ad:aa:24:e8:
ab:a7:6b:58:70:f7:31:92:02:4a:1a:fe:14:92:34:89:99:39:
35:f3:0e:52:a9:6d:4f:0e:f7:9d:a2:01:42:bc:59:4a:e2:32:
bc:47:17:4a:2e:32:c0:a1:7d:0b:23:13:c5:a8:73:07:81:5b:
b9:f8:41:e0:4f:8a:02:89:5f:0f:12:89:df:2c:17:b6:e6:f2:
fd:fd:43:b9:12:01:ae:92:95:77:ed:5c:2c:20:7d:37:5d:ab:
cd:28:d8:30
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYoC3EdqmgQZYFYxVMKYwtYgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwODE3MDkzODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDc3ZWNjNWRmZTQ0OTRkMjRlNTIzMzE5ZDFlYWUyNWIwNDNlNWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjyCPYDOe6siZh4LHALmuChFrVEgp
FD6dJHHYCYNaxaQvxg45BXJGkMnTI100DLlxNpy7IKQe2yaLMsOLtwRn79f00fVC
ft9gOqiFi79gCv/i91dVAj7hDAhTjZY8EYcUzGzjxwGolucIXOG1jyka7HBEAGki
NSo9O16O+GDchELt/REsN11YaefZQEWPKtH8sy7xI80lo8C5uWLOaomc+Wgi4nto
g+kgEINoC0OAVURe/opFG+odlOeTFgNlGSNen9JMfLzxZ1fRivh2ML2Bvqbdp0KR
fqtpyFpTcF78Zkio13gOzB5SiNkP3Y/SIpVSCReRur4BXBFF+E8hYxf9RwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOB37MXf5ElNJOUjMZ0eriWwQ+X9MB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvNEhmc3hkX2tTVTBrNVNNeG5SNnVKYkJENWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZF2kD
BABZF2oDBABZF24wDQYJKoZIhvcNAQELBQADggEBALU3T/kofNWAb9IUGtEI3u8u
F99hsuGCk4lGezDKTZJ9uMH0c9qAgT+w9EmXoV+KeA6Fyxby7YjnttjVCNEEfzVD
js2UX1uT87mI+2TBE7JCwqTXzjdvHh/O/flK/CkEZQB4K99kPZwV/SmEFdcCcs2X
2FOOoSI2TM8dTjWkw2sJDbtCvSy8ebgXUKktyC3zIh3f+49dBc+QOO+sNxdrraok
6Kuna1hw9zGSAkoa/hSSNImZOTXzDlKpbU8O952iAUK8WUriMrxHF0ouMsChfQsj
E8WocweBW7n4QeBPigKJXw8Sid8sF7bm8v39Q7kSAa6SlXftXCwgfTddq80o2DA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:25 2025 by rpki-client