Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/CZOYGRW711wPIy36aiLE5c5zFd8.roa
File: CZOYGRW711wPIy36aiLE5c5zFd8.roa (raw, json)
Hash identifier: /qDGLf/VhWGwKJ8gsaXyMISjYM0cwjUPP0P/zuH4fG0=
Subject key identifier: 09:93:98:19:15:BB:D7:5C:0F:23:2D:FA:6A:22:C4:E5:CE:73:15:DF
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0A25E6EE
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/CZOYGRW711wPIy36aiLE5c5zFd8.roa
Signing time: Thu 28 Apr 2022 07:53:09 +0000
ROA not before: Thu 28 Apr 2022 07:53:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201215
IP address blocks: 89.252.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170256110 (0xa25e6ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Apr 28 07:53:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0993981915bbd75c0f232dfa6a22c4e5ce7315df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0a:72:7c:36:c9:ff:d1:08:7f:82:63:b0:b8:
50:39:75:12:70:25:d3:4e:96:9e:f8:3d:13:9d:61:
f5:31:16:08:7f:66:d8:3e:2e:3c:91:34:0a:dc:6d:
82:49:d8:8e:22:93:96:9b:0b:78:f0:bf:36:d7:14:
b4:0d:68:81:a9:ec:ca:05:94:c8:e0:82:13:a3:9d:
a5:84:2f:fb:e2:88:15:bd:76:16:5d:b7:c3:51:8c:
3c:61:02:21:40:b4:d8:41:de:36:f1:a3:c9:72:2e:
26:9f:e9:04:d1:08:ca:b8:98:28:0e:cf:d0:3b:9a:
ee:7f:12:2f:08:66:39:90:1e:b8:b0:9b:fd:c3:92:
64:4a:69:11:36:3a:94:44:0a:32:a0:6c:f9:c0:ec:
93:a4:de:03:08:5f:45:a3:b2:b5:f1:82:1b:64:b2:
99:30:9d:c1:2a:49:33:bc:10:c1:7e:8b:61:07:c8:
1e:35:c6:e9:8a:92:e3:c3:b0:e5:d5:92:8f:51:d4:
f5:17:5a:21:b1:29:2f:a0:35:8d:48:39:71:5b:c2:
9c:9c:57:2a:ae:73:62:17:80:1b:1b:8c:83:fb:d1:
e4:c2:66:46:3e:de:bb:00:8c:d1:80:8d:23:31:09:
80:10:ec:ee:72:b2:4f:66:ba:c2:d8:93:d8:5a:5c:
1c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:93:98:19:15:BB:D7:5C:0F:23:2D:FA:6A:22:C4:E5:CE:73:15:DF
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/CZOYGRW711wPIy36aiLE5c5zFd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.202.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:a4:22:a9:8e:5c:de:9a:59:0a:bb:8b:43:4b:9e:a7:67:44:
5f:0a:7e:f7:41:4c:ae:aa:58:3f:8a:d5:02:d1:d5:2e:ec:ad:
f3:41:d4:4d:bc:62:49:11:37:8c:27:a9:4b:cf:77:e2:37:85:
6a:ea:df:80:82:12:73:f2:5b:d2:f4:67:a2:a1:e5:8a:80:b4:
b4:9c:03:b3:f3:f9:d9:43:3f:ca:32:4e:44:2b:8a:00:00:46:
15:a9:a1:da:6b:b7:96:28:17:18:aa:3b:dd:3c:d0:e2:04:76:
01:f5:3f:0d:b6:47:45:dd:ec:90:6f:ab:62:01:39:18:74:41:
a6:56:73:36:2c:4d:97:53:dd:d9:9b:07:3c:d1:18:b3:2e:07:
ad:03:ab:db:81:b5:cd:62:be:6c:00:53:4a:a2:cd:89:39:f5:
95:61:f1:25:37:17:53:c9:3c:d3:b4:b2:4a:7d:e7:26:17:6e:
ad:2c:25:f2:b7:11:9d:80:2c:b6:38:45:3e:38:ab:5b:3a:1b:
71:36:75:f3:fc:2a:f9:b3:21:0c:6b:4b:86:43:74:f3:e4:3f:
9c:47:33:c5:5b:f0:f1:e4:19:4e:e7:da:3c:45:2c:6d:4d:69:
07:42:13:76:76:0b:1d:8c:ed:b5:d5:33:75:0e:b0:e3:ad:05:
51:f0:8e:61
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECiXm7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTA0YTQwODIxYzQxNzZjYzQyZTI1NWVmNmMxNzI3NDczYzNmMDBhMB4XDTIyMDQy
ODA3NTMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk5Mzk4MTkxNWJi
ZDc1YzBmMjMyZGZhNmEyMmM0ZTVjZTczMTVkZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALMKcnw2yf/RCH+CY7C4UDl1EnAl006Wnvg9E51h9TEWCH9m
2D4uPJE0CtxtgknYjiKTlpsLePC/NtcUtA1ogansygWUyOCCE6OdpYQv++KIFb12
Fl23w1GMPGECIUC02EHeNvGjyXIuJp/pBNEIyriYKA7P0Dua7n8SLwhmOZAeuLCb
/cOSZEppETY6lEQKMqBs+cDsk6TeAwhfRaOytfGCG2SymTCdwSpJM7wQwX6LYQfI
HjXG6YqS48Ow5dWSj1HU9RdaIbEpL6A1jUg5cVvCnJxXKq5zYheAGxuMg/vR5MJm
Rj7euwCM0YCNIzEJgBDs7nKyT2a6wtiT2FpcHI0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJk5gZFbvXXA8jLfpqIsTlznMV3zAfBgNVHSMEGDAWgBRBBKQIIcQXbMQu
JV72wXJ0c8PwCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FRU2tDQ0hFRjJ6RUxpVmU5c0Z5ZEhQRDhBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvOTY5OTYyLTEyZDMtNDFiMi1hYjQzLWIyN2Q2ZTI3OGUxOC8x
L0NaT1lHUlc3MTF3UEl5MzZhaUxFNWM1ekZkOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
OTY5OTYyLTEyZDMtNDFiMi1hYjQzLWIyN2Q2ZTI3OGUxOC8xL1FRU2tDQ0hFRjJ6
RUxpVmU5c0Z5ZEhQRDhBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFn8yjANBgkqhkiG9w0BAQsFAAOC
AQEASqQiqY5c3ppZCruLQ0uep2dEXwp+90FMrqpYP4rVAtHVLuyt80HUTbxiSRE3
jCepS8934jeFaurfgIISc/Jb0vRnoqHlioC0tJwDs/P52UM/yjJORCuKAABGFamh
2mu3ligXGKo73TzQ4gR2AfU/DbZHRd3skG+rYgE5GHRBplZzNixNl1Pd2ZsHPNEY
sy4HrQOr24G1zWK+bABTSqLNiTn1lWHxJTcXU8k807SySn3nJhdurSwl8rcRnYAs
tjhFPjirWzobcTZ18/wq+bMhDGtLhkN08+Q/nEczxVvw8eQZTufaPEUsbU1pB0IT
dnYLHYzttdUzdQ6w460FUfCOYQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:26 2025 by rpki-client