Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/sqpFA-pZB2klm0SqU1T1F0vDnFo.roa
File: sqpFA-pZB2klm0SqU1T1F0vDnFo.roa (raw, json)
Hash identifier: Rmz87/3ERDW68BszMcbxVGOAJXSN/4wGet/GC9elifU=
Subject key identifier: B2:AA:45:03:EA:59:07:69:25:9B:44:AA:53:54:F5:17:4B:C3:9C:5A
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0CB753CE
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/sqpFA-pZB2klm0SqU1T1F0vDnFo.roa
Signing time: Wed 04 May 2022 13:20:44 +0000
ROA not before: Wed 04 May 2022 13:20:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35348
IP address blocks: 89.44.228.0/24 maxlen: 24
89.44.229.0/24 maxlen: 24
89.44.230.0/24 maxlen: 24
89.36.20.0/24 maxlen: 24
89.36.198.0/24 maxlen: 24
85.204.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213341134 (0xcb753ce)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: May 4 13:20:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2aa4503ea590769259b44aa5354f5174bc39c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:53:65:66:a2:ce:7d:e5:3a:45:ea:1c:e6:29:
7c:cc:15:30:6a:ce:be:c2:9c:19:db:a0:12:e6:36:
76:87:5c:7f:90:07:32:58:7b:72:7e:39:48:11:9e:
cf:d1:c6:b4:83:73:cb:95:ae:f2:a6:61:cf:75:36:
4e:09:59:62:20:e6:ae:3d:60:26:79:21:9b:c9:87:
00:75:d4:34:bc:9f:e3:79:fc:e5:61:52:97:6f:45:
72:8b:cc:59:a4:f9:11:72:39:41:b0:c6:13:b7:bb:
39:7d:33:08:16:6e:03:4d:79:72:75:92:08:9a:71:
16:1f:5a:73:78:6d:cd:f7:67:76:80:49:84:6e:13:
8d:a0:2e:4a:56:b0:35:6a:77:b0:b8:06:25:df:b5:
d3:7f:71:8a:44:be:d5:0f:8f:c4:26:23:f7:43:6f:
d3:82:9a:50:bd:f3:54:fb:0b:f6:61:b3:01:17:01:
5d:ac:43:2d:53:dc:ef:b3:bf:b9:7a:6f:d9:19:da:
c8:1c:1a:cc:de:a1:f1:c0:27:65:5a:de:a6:38:e9:
1c:62:12:a7:55:00:5d:bd:93:e3:b7:49:6d:c6:97:
a8:95:c8:d1:4c:80:96:80:bd:21:62:5c:23:c4:59:
c5:85:ae:89:e5:27:22:d3:bf:a0:48:61:7e:6c:28:
fc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:AA:45:03:EA:59:07:69:25:9B:44:AA:53:54:F5:17:4B:C3:9C:5A
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/sqpFA-pZB2klm0SqU1T1F0vDnFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.98.0/24
89.36.20.0/24
89.36.198.0/24
89.44.228.0-89.44.230.255
Signature Algorithm: sha256WithRSAEncryption
c8:7c:69:72:4a:c7:c0:54:68:d1:71:4a:ff:00:ee:8e:a5:fa:
dc:06:2d:67:53:bc:ff:a0:25:55:c2:04:34:ef:2e:a0:1b:ca:
88:87:68:6e:89:96:a1:27:9c:19:89:63:1d:4e:3c:53:5c:eb:
0a:d2:be:84:fb:79:df:92:41:19:92:98:19:de:07:9a:62:ef:
89:88:0e:30:de:ac:c4:3c:ff:85:c2:ab:02:73:20:08:80:9c:
2c:08:21:68:cf:f1:f5:77:e4:7e:ca:ba:06:8f:6d:7e:cf:f1:
86:a2:53:61:ac:ad:11:fe:9d:53:ad:a6:3d:cf:0f:9d:57:49:
7a:12:47:a7:53:c3:fd:85:15:8d:77:54:8e:cf:f5:3b:b0:79:
a8:a8:87:2c:9a:7e:e9:2e:fc:0c:fe:de:e5:f7:fe:a7:ad:16:
8f:62:c6:7b:b8:de:8f:ab:2d:19:84:e6:89:34:b9:fe:5c:f6:
b9:13:24:39:3e:d3:f7:36:8e:9b:c8:25:83:25:e4:23:66:c3:
ce:d4:3e:50:35:ab:91:40:4e:39:9f:fd:74:52:f5:47:2e:99:
e4:9b:6e:af:f9:04:5b:a6:cd:d0:e2:29:8c:71:65:22:e3:bf:
15:ab:45:e4:75:59:a9:3d:f0:9d:99:fe:0a:83:1d:cf:21:b0:
87:71:61:75
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEDLdTzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDUw
NDEzMjA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJhYTQ1MDNlYTU5
MDc2OTI1OWI0NGFhNTM1NGY1MTc0YmMzOWM1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBTZWaizn3lOkXqHOYpfMwVMGrOvsKcGdugEuY2dodcf5AH
Mlh7cn45SBGez9HGtINzy5Wu8qZhz3U2TglZYiDmrj1gJnkhm8mHAHXUNLyf43n8
5WFSl29FcovMWaT5EXI5QbDGE7e7OX0zCBZuA015cnWSCJpxFh9ac3htzfdndoBJ
hG4TjaAuSlawNWp3sLgGJd+1039xikS+1Q+PxCYj90Nv04KaUL3zVPsL9mGzARcB
XaxDLVPc77O/uXpv2RnayBwazN6h8cAnZVrepjjpHGISp1UAXb2T47dJbcaXqJXI
0UyAloC9IWJcI8RZxYWuieUnItO/oEhhfmwo/HMCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSyqkUD6lkHaSWbRKpTVPUXS8OcWjAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L3NxcEZBLXBaQjJrbG0wU3FVMVQxRjB2RG5Gby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAFXMYgMEAFkkFAMEAFkkxjAMAwQC
WSzkAwQAWSzmMA0GCSqGSIb3DQEBCwUAA4IBAQDIfGlySsfAVGjRcUr/AO6Opfrc
Bi1nU7z/oCVVwgQ07y6gG8qIh2huiZahJ5wZiWMdTjxTXOsK0r6E+3nfkkEZkpgZ
3geaYu+JiA4w3qzEPP+FwqsCcyAIgJwsCCFoz/H1d+R+yroGj21+z/GGolNhrK0R
/p1TraY9zw+dV0l6EkenU8P9hRWNd1SOz/U7sHmoqIcsmn7pLvwM/t7l9/6nrRaP
YsZ7uN6Pqy0ZhOaJNLn+XPa5EyQ5PtP3No6byCWDJeQjZsPO1D5QNauRQE45n/10
UvVHLpnkm26v+QRbps3Q4imMcWUi478Vq0XkdVmpPfCdmf4Kgx3PIbCHcWF1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-fra.rpki-client.org