Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/wLpzDpz-KPVsLmu-_n1MAq29P6c.roa
File: wLpzDpz-KPVsLmu-_n1MAq29P6c.roa (raw, json)
Hash identifier: H/ffEw7DSeDUDFuqU/wAqwKFg1BD0G8dqwp9Zs35fYo=
Subject key identifier: C0:BA:73:0E:9C:FE:28:F5:6C:2E:6B:BE:FE:7D:4C:02:AD:BD:3F:A7
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0189BFCCD023AD5231BAAB521EF248DA893A
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/wLpzDpz-KPVsLmu-_n1MAq29P6c.roa
Signing time: Fri 04 Aug 2023 09:06:58 +0000
ROA not before: Fri 04 Aug 2023 09:06:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 89.23.103.0/24 maxlen: 24
2a11:fc80::/30 maxlen: 30
2a11:fc84::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bf:cc:d0:23:ad:52:31:ba:ab:52:1e:f2:48:da:89:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Aug 4 09:06:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c0ba730e9cfe28f56c2e6bbefe7d4c02adbd3fa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:52:0a:77:ca:b3:07:ef:49:45:7e:9d:91:6a:
54:7c:65:82:66:f1:05:a8:93:e3:77:d7:cf:4f:a3:
ce:1c:6c:da:0e:92:1e:22:5f:17:e1:51:72:93:64:
c7:49:9f:a8:72:9a:9f:2a:f7:73:3d:f8:5c:07:eb:
e5:17:5f:5d:e3:8e:c6:37:26:8c:66:3e:75:82:8d:
f4:8a:82:b4:6b:43:e7:5a:4f:52:cf:4e:f9:b6:3f:
0c:88:0d:e0:e1:18:11:eb:c9:cd:6e:6f:55:73:0e:
b5:27:9d:b4:e0:31:f4:ce:eb:35:dd:2f:cf:e6:fe:
ee:5f:e4:ca:f0:59:04:3f:9d:2b:6e:cd:84:8b:ea:
aa:1b:db:77:83:40:19:30:1d:49:76:4d:36:0d:90:
bf:c4:5d:c3:51:33:28:2e:07:cb:78:63:de:85:2e:
92:36:c9:5f:7a:10:b9:e8:13:8b:c2:d6:33:5d:f4:
a8:95:cf:6f:c0:e0:71:0f:9f:ae:35:98:76:4a:ef:
31:d5:a9:1f:6c:55:56:75:b3:b6:56:cc:d0:e0:97:
fa:87:24:67:3c:21:b9:2e:e0:9f:f4:7a:d6:51:81:
b1:69:59:12:09:c4:a4:97:30:ba:91:eb:8a:93:be:
09:4b:a9:e9:af:ab:cc:f3:86:af:dd:95:6e:ca:1c:
d4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:BA:73:0E:9C:FE:28:F5:6C:2E:6B:BE:FE:7D:4C:02:AD:BD:3F:A7
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/wLpzDpz-KPVsLmu-_n1MAq29P6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.103.0/24
IPv6:
2a11:fc80::/29
Signature Algorithm: sha256WithRSAEncryption
6c:5a:e3:27:ef:82:87:0a:aa:21:c3:42:f8:88:d5:6b:9d:56:
0e:13:eb:80:c6:03:4f:dc:fe:33:7d:90:e2:0e:c9:28:91:e5:
5c:f9:ec:ef:8a:e7:02:d8:96:cf:fc:ad:1a:34:d7:7c:26:0a:
5e:de:99:af:54:ef:20:84:93:8f:36:04:40:80:65:34:52:41:
91:a3:10:8f:e3:b9:d7:61:9c:44:8c:cf:bc:a5:2d:55:c0:a2:
05:46:88:60:88:a9:62:8b:e9:38:3c:04:9d:63:c8:a3:72:f0:
f6:bf:d4:aa:0d:5b:e5:73:ba:59:08:d3:9e:21:35:a3:07:59:
5c:58:d8:f3:3d:7a:5c:bf:ba:37:2f:08:ee:47:23:93:23:2e:
f4:bd:e0:96:d9:75:2b:c3:12:3c:52:0c:a4:11:1e:47:9a:ef:
15:fa:74:5f:ca:c2:1f:cf:7d:60:c6:70:e4:b9:8e:b4:1b:0e:
b6:b9:dd:1a:25:dd:f2:2a:91:be:85:92:ee:3d:3d:22:65:a4:
89:fc:d1:ef:55:fa:d8:36:84:6c:a0:25:6d:17:3c:4a:14:cf:
a7:81:d9:18:02:62:fd:a3:5c:ae:1e:04:27:9b:57:39:d1:a9:
24:d1:91:17:95:d9:a7:bb:58:27:33:eb:15:e8:fc:66:3b:60:
3b:36:c8:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYm/zNAjrVIxuqtSHvJI2ok6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjMwODA0MDkwNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGJhNzMwZTljZmUyOGY1NmMyZTZiYmVmZTdkNGMwMmFkYmQzZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1IKd8qzB+9JRX6dkWpUfGWCZvEF
qJPjd9fPT6POHGzaDpIeIl8X4VFyk2THSZ+ocpqfKvdzPfhcB+vlF19d447GNyaM
Zj51go30ioK0a0PnWk9Sz075tj8MiA3g4RgR68nNbm9Vcw61J5204DH0zus13S/P
5v7uX+TK8FkEP50rbs2Ei+qqG9t3g0AZMB1Jdk02DZC/xF3DUTMoLgfLeGPehS6S
NslfehC56BOLwtYzXfSolc9vwOBxD5+uNZh2Su8x1akfbFVWdbO2VszQ4Jf6hyRn
PCG5LuCf9HrWUYGxaVkSCcSklzC6keuKk74JS6npr6vM84av3ZVuyhzU5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMC6cw6c/ij1bC5rvv59TAKtvT+nMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvd0xwekRwei1LUFZzTG11LV9uMU1BcTI5UDZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWRdnMA0E
AgACMAcDBQMqEfyAMA0GCSqGSIb3DQEBCwUAA4IBAQBsWuMn74KHCqohw0L4iNVr
nVYOE+uAxgNP3P4zfZDiDskokeVc+ezviucC2JbP/K0aNNd8Jgpe3pmvVO8ghJOP
NgRAgGU0UkGRoxCP47nXYZxEjM+8pS1VwKIFRohgiKlii+k4PASdY8ijcvD2v9Sq
DVvlc7pZCNOeITWjB1lcWNjzPXpcv7o3LwjuRyOTIy70veCW2XUrwxI8UgykER5H
mu8V+nRfysIfz31gxnDkuY60Gw62ud0aJd3yKpG+hZLuPT0iZaSJ/NHvVfrYNoRs
oCVtFzxKFM+ngdkYAmL9o1yuHgQnm1c50akk0ZEXldmnu1gnM+sV6PxmO2A7NsgX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:54 2025 by rpki-client