Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xQNft_e21f60-fyMgvpp3vNoz28.roa
File: xQNft_e21f60-fyMgvpp3vNoz28.roa (raw, json)
Hash identifier: eSVT0qMuLo/1L2+7yGMjfiWKQUij65kDJSdl9A1OX+U=
Subject key identifier: C5:03:5F:B7:F7:B6:D5:FE:B4:F9:FC:8C:82:FA:69:DE:F3:68:CF:6F
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 01841EAD6CA65BBC08D5A491D62F9940F7BD
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xQNft_e21f60-fyMgvpp3vNoz28.roa
Signing time: Fri 28 Oct 2022 12:59:52 +0000
ROA not before: Fri 28 Oct 2022 12:59:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47550
IP address blocks: 89.23.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:ad:6c:a6:5b:bc:08:d5:a4:91:d6:2f:99:40:f7:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Oct 28 12:59:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5035fb7f7b6d5feb4f9fc8c82fa69def368cf6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:bd:22:b8:72:dd:9a:94:5b:08:8b:69:38:ac:
dc:76:48:20:34:38:89:27:c7:d2:5b:5c:25:47:7c:
7f:4a:88:b3:55:26:71:8a:65:15:d3:dd:d4:3e:a1:
d6:9b:71:94:07:c7:6a:5e:6c:f8:89:74:07:94:b4:
88:eb:e9:d5:65:54:b4:fd:00:b0:19:9f:af:32:7f:
cb:7c:8f:60:3c:a6:58:e0:8c:5a:9c:3f:98:12:6c:
a8:18:1b:db:aa:50:cb:99:ac:20:4e:d4:19:5b:4b:
fa:3f:48:24:b6:f9:b0:d6:f0:5f:12:39:89:0d:05:
08:4b:61:17:97:f4:ac:81:63:cf:50:38:f1:fc:01:
5a:eb:a5:21:84:bd:18:dd:31:d0:b4:9d:b4:7a:84:
38:ec:1f:e7:a7:9e:21:c3:a4:1c:24:2f:15:58:77:
be:ca:6a:dc:45:3f:d9:1f:71:2d:81:69:70:6e:3b:
8d:c5:de:bb:c0:a2:a8:1d:e4:c0:7b:2a:6c:3f:09:
d2:21:dd:87:7b:8b:ce:27:5a:c4:82:6b:e1:ae:99:
d1:f5:aa:fd:10:6f:46:a7:54:1e:0d:86:2a:42:be:
d8:8e:02:56:28:82:42:77:0d:1f:71:47:48:f6:64:
70:5e:5f:3d:11:53:6d:1d:d8:db:16:f9:c0:0f:4d:
eb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:03:5F:B7:F7:B6:D5:FE:B4:F9:FC:8C:82:FA:69:DE:F3:68:CF:6F
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/xQNft_e21f60-fyMgvpp3vNoz28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.111.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:4c:15:95:a7:e2:d6:18:66:ad:39:5a:69:61:62:89:a7:51:
fc:7e:38:34:a2:f9:d1:4d:f3:e4:3b:19:79:d8:ef:93:f1:d5:
8c:d4:51:37:68:ed:dc:b7:b5:0d:87:49:97:19:b0:ec:41:c4:
aa:b6:c5:d1:23:46:cd:21:b4:b5:cf:93:45:6e:41:9f:30:37:
f1:3f:49:4d:ae:3f:07:ec:75:48:f6:58:da:a1:5f:97:93:4c:
30:7c:f6:99:90:49:00:6a:1f:ef:49:d8:c7:8a:ba:27:8a:b8:
cb:1b:b0:e0:ac:74:c8:b9:2d:17:a7:64:70:ce:e8:fd:bf:62:
c8:c5:ca:21:8f:cd:70:cb:25:ae:81:89:6a:fe:03:d2:1d:72:
1e:5b:3e:89:1b:c0:6a:ad:2d:45:48:bc:ce:04:76:6a:27:c4:
c8:b9:35:05:46:de:59:9b:fc:ce:e1:be:98:3d:2e:ae:ec:b3:
a1:10:10:8a:47:ed:f1:e0:b7:49:dd:07:74:f1:84:cb:a2:91:
ea:c9:32:7a:dd:9d:84:10:3a:ee:ac:9e:bc:23:48:18:b4:94:
1e:97:7f:44:2f:3c:18:18:00:e8:4e:03:ab:5a:71:34:d0:1f:
4d:41:59:cc:81:92:53:22:6c:6a:51:60:01:7f:33:0f:01:ab:
fe:47:1d:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQerWymW7wI1aSR1i+ZQPe9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjIxMDI4MTI1OTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTAzNWZiN2Y3YjZkNWZlYjRmOWZjOGM4MmZhNjlkZWYzNjhjZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxr0iuHLdmpRbCItpOKzcdkggNDiJ
J8fSW1wlR3x/SoizVSZximUV093UPqHWm3GUB8dqXmz4iXQHlLSI6+nVZVS0/QCw
GZ+vMn/LfI9gPKZY4IxanD+YEmyoGBvbqlDLmawgTtQZW0v6P0gktvmw1vBfEjmJ
DQUIS2EXl/SsgWPPUDjx/AFa66UhhL0Y3THQtJ20eoQ47B/np54hw6QcJC8VWHe+
ymrcRT/ZH3EtgWlwbjuNxd67wKKoHeTAeypsPwnSId2He4vOJ1rEgmvhrpnR9ar9
EG9Gp1QeDYYqQr7YjgJWKIJCdw0fcUdI9mRwXl89EVNtHdjbFvnAD03rOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMUDX7f3ttX+tPn8jIL6ad7zaM9vMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEveFFOZnRfZTIxZjYwLWZ5TWd2cHAzdk5vejI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdvMA0G
CSqGSIb3DQEBCwUAA4IBAQCOTBWVp+LWGGatOVppYWKJp1H8fjg0ovnRTfPkOxl5
2O+T8dWM1FE3aO3ct7UNh0mXGbDsQcSqtsXRI0bNIbS1z5NFbkGfMDfxP0lNrj8H
7HVI9ljaoV+Xk0wwfPaZkEkAah/vSdjHironirjLG7DgrHTIuS0Xp2Rwzuj9v2LI
xcohj81wyyWugYlq/gPSHXIeWz6JG8BqrS1FSLzOBHZqJ8TIuTUFRt5Zm/zO4b6Y
PS6u7LOhEBCKR+3x4LdJ3Qd08YTLopHqyTJ63Z2EEDrurJ68I0gYtJQel39ELzwY
GADoTgOrWnE00B9NQVnMgZJTImxqUWABfzMPAav+Rx27
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:38 2025 by rpki-client