Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Fx3raip1f67fPtwrRuoqrnytZ_A.roa
File: Fx3raip1f67fPtwrRuoqrnytZ_A.roa (raw, json)
Hash identifier: MqhJgkxZQNFzWPxIJ620Pf4z50pxirn7DV9nE74jolo=
Subject key identifier: 17:1D:EB:6A:2A:75:7F:AE:DF:3E:DC:2B:46:EA:2A:AE:7C:AD:67:F0
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315FA68EC52DED7BD44CC7ACDEE9AD8
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Fx3raip1f67fPtwrRuoqrnytZ_A.roa
Signing time: Mon 02 Jan 2023 15:24:58 +0000
ROA not before: Mon 02 Jan 2023 15:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61301
IP address blocks: 89.252.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:fa:68:ec:52:de:d7:bd:44:cc:7a:cd:ee:9a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=171deb6a2a757faedf3edc2b46ea2aae7cad67f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:4c:9a:15:da:6c:e4:ae:0e:20:2e:51:64:19:
87:c9:7e:ea:d1:0d:43:16:22:60:9c:52:45:a8:b3:
5f:6a:ec:ef:2c:20:ef:9a:e1:70:ed:d7:2d:5f:03:
40:4c:6e:1a:62:1c:e1:5c:4b:34:fa:df:4f:70:e0:
c4:42:23:c6:2c:dc:9d:cd:d5:41:2b:4c:15:b8:46:
4c:da:c4:a8:75:f1:69:46:10:e3:e9:93:11:7b:c2:
2e:ab:ce:ac:79:36:d4:a4:60:09:59:76:73:fc:12:
74:c3:80:8b:3d:ae:9e:b9:c7:08:84:9d:ef:70:12:
67:2b:49:3c:b4:83:d0:4d:c4:7c:89:9b:d7:67:43:
0a:54:26:b6:f7:f9:93:fb:15:eb:85:d7:98:99:ac:
85:67:c5:e4:32:44:5c:e0:06:13:d3:70:40:c4:99:
52:a2:02:64:3a:db:5a:27:df:b5:2e:c8:57:6d:4e:
22:e5:7b:bd:bc:2c:05:b1:58:4a:4c:99:21:41:76:
a8:5e:21:d3:d2:f2:52:f6:e4:3c:b4:87:32:64:63:
22:f6:d8:d9:51:e0:be:c9:1f:e9:0c:8e:c2:41:ad:
7d:31:a3:2c:56:dd:a8:59:a7:32:1e:16:f6:b2:7a:
a2:41:9e:9c:fb:5b:8c:c4:ff:80:4e:1c:d7:94:c2:
67:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:1D:EB:6A:2A:75:7F:AE:DF:3E:DC:2B:46:EA:2A:AE:7C:AD:67:F0
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/Fx3raip1f67fPtwrRuoqrnytZ_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.201.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:ca:fb:c9:1a:6e:7c:36:0b:f0:26:d3:a7:11:fe:a9:86:19:
32:47:a7:3c:91:13:b6:e8:31:27:e0:a2:21:de:34:21:46:8a:
57:a6:46:fe:8e:6a:93:a1:73:bc:3c:3f:1b:52:fe:bb:22:1e:
48:bd:0f:5f:cb:a3:17:08:ad:f6:52:f3:88:32:65:42:5b:77:
cf:36:29:1a:b4:43:53:ba:76:ca:99:77:92:3b:fc:4a:2f:03:
e6:b1:3a:ce:3e:94:df:5d:fa:94:c5:cb:78:6a:90:02:4b:72:
01:2b:8e:e3:f6:1c:50:53:7f:a5:9f:d8:ce:67:e4:57:ee:6f:
44:38:a5:b1:36:4d:5d:be:d3:84:30:c1:6c:17:ba:fe:58:60:
35:6b:86:c8:ce:9f:6f:c2:41:42:54:d6:cc:1a:33:82:fb:f5:
83:e6:8e:37:e7:3d:ef:fd:6c:7e:be:71:97:41:14:a7:4c:e9:
c3:b0:12:2a:ff:e4:9c:b0:a1:99:73:8e:f4:8a:e1:44:79:58:
fc:34:b9:5e:aa:6f:d8:d1:23:77:b9:be:80:cb:5f:bc:a5:eb:
71:2c:de:3c:1a:ca:6b:d0:60:c7:d7:93:0f:b3:1f:6c:23:88:
19:5d:c9:e7:ee:61:7a:d9:38:b8:6c:53:21:4f:c6:c5:d9:36:
b3:65:63:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFfpo7FLe171EzHrN7prYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzFkZWI2YTJhNzU3ZmFlZGYzZWRjMmI0NmVhMmFhZTdjYWQ2N2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUyaFdps5K4OIC5RZBmHyX7q0Q1D
FiJgnFJFqLNfauzvLCDvmuFw7dctXwNATG4aYhzhXEs0+t9PcODEQiPGLNydzdVB
K0wVuEZM2sSodfFpRhDj6ZMRe8Iuq86seTbUpGAJWXZz/BJ0w4CLPa6euccIhJ3v
cBJnK0k8tIPQTcR8iZvXZ0MKVCa29/mT+xXrhdeYmayFZ8XkMkRc4AYT03BAxJlS
ogJkOttaJ9+1LshXbU4i5Xu9vCwFsVhKTJkhQXaoXiHT0vJS9uQ8tIcyZGMi9tjZ
UeC+yR/pDI7CQa19MaMsVt2oWacyHhb2snqiQZ6c+1uMxP+AThzXlMJnjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBcd62oqdX+u3z7cK0bqKq58rWfwMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvRngzcmFpcDFmNjdmUHR3clJ1b3Fybnl0Wl9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfzJMA0G
CSqGSIb3DQEBCwUAA4IBAQC4yvvJGm58NgvwJtOnEf6phhkyR6c8kRO26DEn4KIh
3jQhRopXpkb+jmqToXO8PD8bUv67Ih5IvQ9fy6MXCK32UvOIMmVCW3fPNikatENT
unbKmXeSO/xKLwPmsTrOPpTfXfqUxct4apACS3IBK47j9hxQU3+ln9jOZ+RX7m9E
OKWxNk1dvtOEMMFsF7r+WGA1a4bIzp9vwkFCVNbMGjOC+/WD5o435z3v/Wx+vnGX
QRSnTOnDsBIq/+ScsKGZc470iuFEeVj8NLleqm/Y0SN3ub6Ay1+8petxLN48Gspr
0GDH15MPsx9sI4gZXcnn7mF62Ti4bFMhT8bF2TazZWOo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:08 2025 by rpki-client