Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/ab2iEbtn9OhTr2xlu0b-Ya2pBLE.roa
File: ab2iEbtn9OhTr2xlu0b-Ya2pBLE.roa (raw, json)
Hash identifier: jH6CDn/4ydM92NfYkyVBghwue+XTUr27asW2CrZH9Tc=
Subject key identifier: 69:BD:A2:11:BB:67:F4:E8:53:AF:6C:65:BB:46:FE:61:AD:A9:04:B1
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315FAF7C4FC319008193591AFB82EC4
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/ab2iEbtn9OhTr2xlu0b-Ya2pBLE.roa
Signing time: Mon 02 Jan 2023 15:24:58 +0000
ROA not before: Mon 02 Jan 2023 15:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197184
IP address blocks: 89.252.222.0/24 maxlen: 24
85.14.54.0/23 maxlen: 23
85.14.52.0/23 maxlen: 23
85.14.52.0/22 maxlen: 22
85.14.8.0/22 maxlen: 22
82.119.88.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:fa:f7:c4:fc:31:90:08:19:35:91:af:b8:2e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=69bda211bb67f4e853af6c65bb46fe61ada904b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:51:90:4d:e6:8e:2d:08:10:d2:4d:87:9f:67:
1e:7f:9f:79:9c:3a:11:0f:9e:6f:21:4b:b3:3c:f2:
e2:71:54:c8:c4:87:68:26:91:c9:dc:6b:6c:76:34:
2c:d6:09:d0:72:40:60:48:4b:e2:85:06:8e:06:8c:
ce:4c:e2:10:69:bf:a9:cc:ac:09:be:da:a6:4f:e6:
fa:41:65:d8:ba:97:2b:95:8a:4f:91:18:ab:35:f9:
0f:22:6e:fc:a4:4b:90:f6:9e:ea:bf:6c:79:01:b6:
ad:e5:c4:93:6e:6f:04:29:3c:6e:6f:ff:6f:a8:a6:
ce:c0:55:2e:96:e4:a7:ec:9f:14:57:73:e9:8a:b3:
64:18:c4:24:20:56:71:eb:81:2f:8e:cd:f4:6f:35:
58:23:97:1e:47:df:71:8b:07:16:d3:5d:a8:22:2f:
c6:b9:b2:e2:89:8f:40:87:ed:4d:1a:02:1d:6a:af:
85:76:6a:ab:63:f3:e4:be:78:b1:2f:ca:75:f3:2a:
78:c6:03:7f:f7:3b:8b:74:e3:66:7b:26:f9:73:78:
a6:8e:de:89:53:6f:21:60:cb:3a:56:43:b0:58:f6:
11:3d:67:64:d3:e6:7c:eb:a7:69:f8:9c:0c:80:d4:
f6:25:60:89:01:1c:ad:0b:fd:a4:b4:bf:f0:e4:0e:
a9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BD:A2:11:BB:67:F4:E8:53:AF:6C:65:BB:46:FE:61:AD:A9:04:B1
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/ab2iEbtn9OhTr2xlu0b-Ya2pBLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.88.0/23
85.14.8.0/22
85.14.52.0/22
89.252.222.0/24
Signature Algorithm: sha256WithRSAEncryption
77:d8:52:bd:22:01:ce:78:1c:98:ee:13:dd:20:11:51:6e:76:
b2:5f:0e:98:91:f5:94:9b:e8:ab:bb:87:90:c7:f8:43:3a:78:
13:e3:5d:90:c4:16:51:10:66:2e:dc:1b:d3:5b:98:53:a5:85:
57:e0:c9:0f:34:17:e9:e2:06:91:b1:dc:c1:c9:00:b1:21:c9:
9f:3e:4e:d4:12:86:c3:1d:43:4c:89:3d:81:dd:c4:86:dc:2a:
cb:0b:37:2f:07:80:9f:49:32:bc:c2:22:bd:8c:f3:18:3c:b7:
e0:74:5d:4e:9d:ff:de:ca:fe:59:01:09:18:82:2e:71:d8:bc:
19:02:93:43:0c:04:e8:f8:7e:26:d9:ee:ad:33:42:c3:7a:6d:
f6:8b:8f:a0:8c:63:e5:b1:bc:44:61:5e:fd:d6:05:e9:ac:a3:
0e:4b:9f:b9:bf:df:68:75:d8:00:42:28:4e:1d:5a:e9:ab:00:
df:48:68:4d:f8:a8:de:b7:4f:d7:9d:14:ca:99:6e:7e:f2:c2:
2a:ee:54:62:ec:3f:a9:4f:cf:65:9a:be:88:20:24:9e:7b:b1:
b6:38:1f:a4:f7:53:a0:32:fc:09:0a:2f:e5:2d:32:7b:97:78:
fe:be:9f:0d:ee:20:88:a7:53:21:d9:a5:dd:75:cb:3a:34:dd:
21:eb:3a:dc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVzFfr3xPwxkAgZNZGvuC7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWJkYTIxMWJiNjdmNGU4NTNhZjZjNjViYjQ2ZmU2MWFkYTkwNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVGQTeaOLQgQ0k2Hn2cef595nDoR
D55vIUuzPPLicVTIxIdoJpHJ3GtsdjQs1gnQckBgSEvihQaOBozOTOIQab+pzKwJ
vtqmT+b6QWXYupcrlYpPkRirNfkPIm78pEuQ9p7qv2x5Abat5cSTbm8EKTxub/9v
qKbOwFUuluSn7J8UV3PpirNkGMQkIFZx64Evjs30bzVYI5ceR99xiwcW012oIi/G
ubLiiY9Ah+1NGgIdaq+FdmqrY/PkvnixL8p18yp4xgN/9zuLdONmeyb5c3imjt6J
U28hYMs6VkOwWPYRPWdk0+Z866dp+JwMgNT2JWCJARytC/2ktL/w5A6pEQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGm9ohG7Z/ToU69sZbtG/mGtqQSxMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvYWIyaUVidG45T2hUcjJ4bHUwYi1ZYTJwQkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUndYAwQC
VQ4IAwQCVQ40AwQAWfzeMA0GCSqGSIb3DQEBCwUAA4IBAQB32FK9IgHOeByY7hPd
IBFRbnayXw6YkfWUm+iru4eQx/hDOngT412QxBZREGYu3BvTW5hTpYVX4MkPNBfp
4gaRsdzByQCxIcmfPk7UEobDHUNMiT2B3cSG3CrLCzcvB4CfSTK8wiK9jPMYPLfg
dF1Onf/eyv5ZAQkYgi5x2LwZApNDDATo+H4m2e6tM0LDem32i4+gjGPlsbxEYV79
1gXprKMOS5+5v99oddgAQihOHVrpqwDfSGhN+Kjet0/XnRTKmW5+8sIq7lRi7D+p
T89lmr6IICSee7G2OB+k91OgMvwJCi/lLTJ7l3j+vp8N7iCIp1Mh2aXddcs6NN0h
6zrc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:57 2025 by rpki-client