Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/Q-DZoIEJEPS6sN08DYvEYwUNwrg.roa
File: Q-DZoIEJEPS6sN08DYvEYwUNwrg.roa (raw, json)
Hash identifier: ZMyA6lRiQeKFQcBUFPqUzavpXdFJflIboSvMixtys14=
Subject key identifier: 43:E0:D9:A0:81:09:10:F4:BA:B0:DD:3C:0D:8B:C4:63:05:0D:C2:B8
Certificate issuer: /CN=bb4a0af156332d3c7ecb585faee3a90d9bf2a096
Certificate serial: 03C948B8
Authority key identifier: BB:4A:0A:F1:56:33:2D:3C:7E:CB:58:5F:AE:E3:A9:0D:9B:F2:A0:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0oK8VYzLTx-y1hfruOpDZvyoJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/Q-DZoIEJEPS6sN08DYvEYwUNwrg.roa
Signing time: Sat 01 Jan 2022 06:55:20 +0000
ROA not before: Sat 01 Jan 2022 06:55:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202513
IP address blocks: 87.239.54.0/24 maxlen: 24
87.239.52.0/23 maxlen: 24
87.239.52.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63523000 (0x3c948b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4a0af156332d3c7ecb585faee3a90d9bf2a096
Validity
Not Before: Jan 1 06:55:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=43e0d9a0810910f4bab0dd3c0d8bc463050dc2b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:71:49:76:fe:76:6c:d7:9d:8b:a1:dc:4e:4d:
91:79:4b:cc:7a:ad:9c:2b:cc:87:07:95:ea:95:fe:
74:f1:71:87:3d:00:dd:87:e8:24:c2:14:a8:4e:36:
04:9d:3c:a1:3f:e5:07:d9:1b:a4:83:2b:f3:ba:65:
cd:f4:5f:52:c7:03:e4:52:ca:62:c0:65:27:68:1b:
4f:e6:8b:5d:a0:ad:d2:d6:3d:54:42:d6:b4:b5:70:
67:78:4b:73:7d:4a:a4:6b:8c:5a:f3:af:74:7b:df:
15:d2:7b:91:3a:31:c4:ae:ed:1b:23:c6:e6:22:77:
6d:57:c4:6f:c7:fc:53:7b:6a:ff:ed:70:18:bf:67:
57:33:61:ff:6e:d2:2a:d4:96:67:c6:28:95:59:be:
fb:d8:fd:de:e4:9f:10:14:04:e3:e5:7a:c8:33:6b:
5c:fe:40:04:77:76:e0:a7:fa:28:be:45:8e:0d:16:
57:04:96:ac:c7:60:0b:dc:56:f1:04:42:62:62:71:
a0:6c:61:ea:8d:5a:04:8b:da:ca:f9:5c:ca:9d:a8:
51:93:7a:b6:3e:16:ef:54:b8:2b:4b:3d:e4:6f:f3:
64:d5:d3:a2:d9:1a:15:98:d6:3b:62:2d:8c:ae:02:
f2:40:f6:b7:6d:48:6a:6f:f1:b8:b4:8a:61:00:f6:
a2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:E0:D9:A0:81:09:10:F4:BA:B0:DD:3C:0D:8B:C4:63:05:0D:C2:B8
X509v3 Authority Key Identifier:
keyid:BB:4A:0A:F1:56:33:2D:3C:7E:CB:58:5F:AE:E3:A9:0D:9B:F2:A0:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0oK8VYzLTx-y1hfruOpDZvyoJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/Q-DZoIEJEPS6sN08DYvEYwUNwrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/u0oK8VYzLTx-y1hfruOpDZvyoJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.52.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:fb:15:c5:67:58:48:e6:2a:3b:b4:9f:b0:ea:05:70:94:8c:
c2:59:b6:fe:ef:70:5e:53:ef:ba:68:75:fd:c0:71:7a:1b:9f:
42:81:a0:67:f8:f7:f7:9c:5e:21:b9:18:d9:e1:36:8d:5d:57:
81:e2:96:f0:b2:c2:74:04:b5:88:cd:b4:6d:0e:7f:e7:93:78:
58:b8:5f:b9:22:0d:30:4d:bc:6b:b4:1b:90:0c:54:dd:59:2a:
3b:f2:8f:72:38:bc:62:ab:b4:a3:94:f4:61:c0:fb:77:e0:37:
a8:72:f6:50:45:fc:81:37:90:64:cb:b8:02:86:df:94:4b:52:
d5:35:f7:66:28:bb:83:82:6c:df:67:4c:5d:2f:2b:11:94:07:
35:d4:0d:a4:bc:14:b5:98:f5:89:7c:3b:94:5a:07:2e:71:14:
1a:78:cf:42:de:46:b8:6b:84:88:32:95:6e:3e:87:ef:53:55:
54:1f:d6:19:a3:1d:a9:01:ae:9b:20:65:71:c6:c5:69:9a:3d:
94:c8:c0:2e:af:7c:57:42:ad:e8:4d:ff:be:be:b9:e9:f1:0a:
fe:2f:30:85:05:a3:c9:78:57:df:04:7a:f3:1d:19:dc:6c:5f:
55:f1:22:cf:d6:5f:79:3c:24:2c:3c:1c:06:e0:f9:08:11:43:
ef:e0:40:ac
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA8lIuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjRhMGFmMTU2MzMyZDNjN2VjYjU4NWZhZWUzYTkwZDliZjJhMDk2MB4XDTIyMDEw
MTA2NTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDNlMGQ5YTA4MTA5
MTBmNGJhYjBkZDNjMGQ4YmM0NjMwNTBkYzJiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOVxSXb+dmzXnYuh3E5NkXlLzHqtnCvMhweV6pX+dPFxhz0A
3YfoJMIUqE42BJ08oT/lB9kbpIMr87plzfRfUscD5FLKYsBlJ2gbT+aLXaCt0tY9
VELWtLVwZ3hLc31KpGuMWvOvdHvfFdJ7kToxxK7tGyPG5iJ3bVfEb8f8U3tq/+1w
GL9nVzNh/27SKtSWZ8YolVm++9j93uSfEBQE4+V6yDNrXP5ABHd24Kf6KL5Fjg0W
VwSWrMdgC9xW8QRCYmJxoGxh6o1aBIvayvlcyp2oUZN6tj4W71S4K0s95G/zZNXT
otkaFZjWO2ItjK4C8kD2t21Iam/xuLSKYQD2ot8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRD4NmggQkQ9Lqw3TwNi8RjBQ3CuDAfBgNVHSMEGDAWgBS7SgrxVjMtPH7L
WF+u46kNm/KgljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Uwb0s4Vll6TFR4LXkxaGZydU9wRFp2eW9KWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvMWIwOTk4LWFiODEtNGNjZS04YzQ2LWYyMTI2NjY3MjViNC8x
L1EtRFpvSUVKRVBTNnNOMDhEWXZFWXdVTndyZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
MWIwOTk4LWFiODEtNGNjZS04YzQ2LWYyMTI2NjY3MjViNC8xL3Uwb0s4Vll6TFR4
LXkxaGZydU9wRFp2eW9KWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlfvNDANBgkqhkiG9w0BAQsFAAOC
AQEADPsVxWdYSOYqO7SfsOoFcJSMwlm2/u9wXlPvumh1/cBxehufQoGgZ/j395xe
IbkY2eE2jV1XgeKW8LLCdAS1iM20bQ5/55N4WLhfuSINME28a7QbkAxU3VkqO/KP
cji8Yqu0o5T0YcD7d+A3qHL2UEX8gTeQZMu4AobflEtS1TX3Zii7g4Js32dMXS8r
EZQHNdQNpLwUtZj1iXw7lFoHLnEUGnjPQt5GuGuEiDKVbj6H71NVVB/WGaMdqQGu
myBlccbFaZo9lMjALq98V0Kt6E3/vr656fEK/i8whQWjyXhX3wR68x0Z3GxfVfEi
z9ZfeTwkLDwcBuD5CBFD7+BArA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:35 2024 by rpki-client on console-fra.rpki-client.org