Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/qB3BQhRrfQ3HvjB_RtOBFvsOHZ4.roa
File: qB3BQhRrfQ3HvjB_RtOBFvsOHZ4.roa (raw, json)
Hash identifier: eorwNE6AfjmkaU0gSP/ytoPvHq/DZ+g1nNfEL2DyrBo=
Subject key identifier: A8:1D:C1:42:14:6B:7D:0D:C7:BE:30:7F:46:D3:81:16:FB:0E:1D:9E
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018BEAB4399B421C6BCADF8CD62AB43725FF
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/qB3BQhRrfQ3HvjB_RtOBFvsOHZ4.roa
Signing time: Mon 20 Nov 2023 03:09:21 +0000
ROA not before: Mon 20 Nov 2023 03:09:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39238
IP address blocks: 89.23.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:ea:b4:39:9b:42:1c:6b:ca:df:8c:d6:2a:b4:37:25:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 20 03:09:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a81dc142146b7d0dc7be307f46d38116fb0e1d9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3c:50:d4:5e:6e:2d:95:a7:d0:16:54:02:18:
0d:aa:49:62:5c:5b:47:d5:b7:d4:60:1f:87:51:da:
86:c5:4c:f2:4e:40:09:fd:db:0b:7e:6c:e0:7e:c4:
d3:5a:47:22:ca:09:d3:b3:9b:01:bd:a8:9e:53:c7:
b0:56:7b:eb:dc:1e:0d:2c:ed:3c:6f:a8:e5:4f:b4:
de:0e:5c:d2:dd:d8:80:18:02:72:ba:75:67:ef:62:
98:01:a8:a0:53:23:28:79:70:f6:98:4b:a9:f5:eb:
df:01:9d:eb:f7:a6:8c:08:a2:74:61:3a:8c:18:db:
e1:d0:35:77:40:ae:ad:62:51:47:e9:04:19:f6:51:
35:53:ea:22:7d:f9:c5:f7:b5:92:70:33:c4:64:ed:
c8:60:39:df:92:41:3d:18:21:7e:d3:ed:4d:ed:f5:
54:83:bf:57:1d:7f:d3:a9:34:ff:3a:e8:f6:a5:2e:
42:59:49:5e:4e:99:60:34:82:94:98:62:d6:c9:37:
aa:7f:e6:21:db:1a:ee:d3:37:7a:00:16:4f:64:30:
e9:0b:13:6e:54:22:28:d9:f8:96:64:cd:b7:8b:40:
c4:b3:7b:ee:a8:dd:06:68:a4:a4:6f:c0:3b:d6:87:
d6:f9:85:06:07:7b:d3:15:4d:ac:8e:75:34:57:3e:
0e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:1D:C1:42:14:6B:7D:0D:C7:BE:30:7F:46:D3:81:16:FB:0E:1D:9E
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/qB3BQhRrfQ3HvjB_RtOBFvsOHZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.114.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:7e:8c:9d:1d:dc:bd:2e:8b:b8:97:ef:f4:a0:b4:47:19:0f:
e7:5f:54:09:8c:df:00:01:e0:47:73:48:c6:35:05:80:62:a4:
d5:c2:29:0b:8c:05:f4:85:1f:bc:fd:0c:d5:cd:dc:84:51:b7:
5c:d5:99:9d:0f:55:c2:7d:55:c7:1f:d5:df:51:76:10:f4:18:
65:da:c9:83:fe:9d:a4:4c:f4:b2:b2:e6:6e:7b:5c:cc:6b:39:
1f:84:22:95:07:dd:4b:ee:99:2e:5e:35:d0:c4:03:57:7d:bc:
6d:76:f2:dd:86:86:89:2d:d0:fd:ec:ca:8a:77:11:4e:d6:92:
2a:9a:40:51:4e:44:9a:95:4e:b2:86:0e:b8:24:33:e5:e2:52:
7c:6a:dd:dd:95:0d:7e:86:71:dd:b1:7b:53:61:a3:8c:a3:c7:
8a:b1:a9:09:ea:2f:a7:64:9e:2b:61:6a:97:9b:f9:6d:81:24:
69:62:d5:72:9f:41:ee:42:4b:7c:b2:8c:c4:df:23:29:d5:a7:
0b:7b:39:6e:a8:fe:82:48:27:7d:b9:1e:df:e8:f3:a8:34:fc:
82:62:1a:50:b3:bb:d5:a5:7e:63:c0:18:16:21:c1:98:d9:d9:
e2:17:9f:57:05:70:b0:69:b3:af:a7:ff:57:58:10:4a:a8:8f:
55:c6:c1:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYvqtDmbQhxryt+M1iq0NyX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMxMTIwMDMwOTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODFkYzE0MjE0NmI3ZDBkYzdiZTMwN2Y0NmQzODExNmZiMGUxZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjxQ1F5uLZWn0BZUAhgNqkliXFtH
1bfUYB+HUdqGxUzyTkAJ/dsLfmzgfsTTWkciygnTs5sBvaieU8ewVnvr3B4NLO08
b6jlT7TeDlzS3diAGAJyunVn72KYAaigUyMoeXD2mEup9evfAZ3r96aMCKJ0YTqM
GNvh0DV3QK6tYlFH6QQZ9lE1U+oiffnF97WScDPEZO3IYDnfkkE9GCF+0+1N7fVU
g79XHX/TqTT/Ouj2pS5CWUleTplgNIKUmGLWyTeqf+Yh2xru0zd6ABZPZDDpCxNu
VCIo2fiWZM23i0DEs3vuqN0GaKSkb8A71ofW+YUGB3vTFU2sjnU0Vz4OHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKgdwUIUa30Nx74wf0bTgRb7Dh2eMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvcUIzQlFoUnJmUTNIdmpCX1J0T0JGdnNPSFo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdyMA0G
CSqGSIb3DQEBCwUAA4IBAQBMfoydHdy9Lou4l+/0oLRHGQ/nX1QJjN8AAeBHc0jG
NQWAYqTVwikLjAX0hR+8/QzVzdyEUbdc1ZmdD1XCfVXHH9XfUXYQ9Bhl2smD/p2k
TPSysuZue1zMazkfhCKVB91L7pkuXjXQxANXfbxtdvLdhoaJLdD97MqKdxFO1pIq
mkBRTkSalU6yhg64JDPl4lJ8at3dlQ1+hnHdsXtTYaOMo8eKsakJ6i+nZJ4rYWqX
m/ltgSRpYtVyn0HuQkt8sozE3yMp1acLezluqP6CSCd9uR7f6POoNPyCYhpQs7vV
pX5jwBgWIcGY2dniF59XBXCwabOvp/9XWBBKqI9VxsEH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:55 2025 by rpki-client