Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/dGtqv-olsXbV6DUtQ_jpeBdqStg.roa
File: dGtqv-olsXbV6DUtQ_jpeBdqStg.roa (raw, json)
Hash identifier: Ry9tAnMIYNsQECX8FpAO0fCcrFDmZukauRIDbyxzhUA=
Subject key identifier: 74:6B:6A:BF:EA:25:B1:76:D5:E8:35:2D:43:F8:E9:78:17:6A:4A:D8
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 01857315F83460E5D81A93A3D89F9B50D1AC
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/dGtqv-olsXbV6DUtQ_jpeBdqStg.roa
Signing time: Mon 02 Jan 2023 15:24:57 +0000
ROA not before: Mon 02 Jan 2023 15:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51189
IP address blocks: 89.252.252.0/22 maxlen: 22
89.252.252.0/23 maxlen: 23
89.252.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:15:f8:34:60:e5:d8:1a:93:a3:d8:9f:9b:50:d1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 2 15:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=746b6abfea25b176d5e8352d43f8e978176a4ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:4e:8c:51:a2:95:0a:08:6c:e4:11:17:fe:24:
d1:13:fe:85:eb:43:ee:97:d6:ae:bb:3c:c1:93:4a:
0c:d1:15:4f:aa:45:5b:e8:44:f4:1b:58:cb:5a:f7:
92:71:61:85:5d:8f:96:3d:2c:76:3c:bd:bc:c1:76:
80:d0:0c:03:8d:c1:e7:04:04:2b:07:60:79:9b:eb:
62:85:c8:51:42:10:90:28:92:44:fb:e1:14:d6:08:
3f:43:62:d0:d3:8f:75:00:60:df:ac:73:a4:63:61:
23:95:fb:6d:14:cd:12:04:ab:a3:ca:9e:e6:d7:4b:
30:3b:3a:43:bc:f0:7f:98:f0:8c:b4:fe:54:91:b4:
6f:8c:1f:3f:0c:e4:bb:9d:0e:f7:f0:2a:7e:c2:93:
56:ea:d7:d2:c6:44:97:e0:f5:72:8c:b2:fb:5c:b9:
04:55:5e:53:a2:f8:6b:6a:5a:c1:8e:b7:a8:d5:ba:
f4:95:56:0b:d8:89:0e:e1:74:58:74:83:9e:98:76:
60:fa:ae:3b:8b:27:52:38:ad:ef:02:8e:fe:ff:b9:
b1:b4:0b:b0:24:8e:7b:31:ee:d8:a0:a9:13:67:13:
93:89:02:af:67:d8:21:58:ed:9f:48:12:33:48:b6:
ca:59:e4:5a:63:a5:9b:9c:cb:0b:8d:65:3e:2b:cc:
56:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6B:6A:BF:EA:25:B1:76:D5:E8:35:2D:43:F8:E9:78:17:6A:4A:D8
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/dGtqv-olsXbV6DUtQ_jpeBdqStg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.252.0/22
Signature Algorithm: sha256WithRSAEncryption
64:b8:bc:3f:99:d6:51:fc:5d:75:a8:32:d2:83:65:6e:f3:67:
e9:83:c6:9b:1b:18:97:9c:11:fc:0c:e4:9b:4e:35:e9:e2:47:
46:0c:69:66:c7:49:46:57:5d:f9:b5:54:80:96:5a:f9:39:66:
e0:2d:8d:f5:65:ed:dc:0a:a2:b1:57:13:74:6a:0d:ea:40:b8:
d5:25:12:10:c9:9b:64:e3:93:c2:c2:2e:7f:52:32:e3:cf:8e:
1c:2d:58:1f:70:5a:48:76:a2:db:89:ef:f2:fc:c2:26:2f:1a:
b1:ac:78:ed:c6:c1:93:a9:33:ee:10:28:a5:80:65:9a:13:fd:
97:f4:e1:2c:a0:1d:d9:dc:a6:ab:b6:c9:a8:6f:ea:1f:43:fe:
22:5a:ec:81:34:56:b6:23:09:57:3c:ce:0b:6b:82:21:06:37:
97:13:ab:8a:42:12:c1:a9:7e:52:29:78:f0:76:5c:0f:d2:76:
05:04:02:65:fc:64:d9:2b:9b:04:a3:9d:6c:57:2e:93:de:40:
ac:1d:52:7a:8b:03:7b:ba:c7:cf:30:c6:a6:c7:8e:8b:88:2f:
95:1f:fb:78:8c:e0:67:91:fc:e1:47:ed:77:c7:10:f9:99:7f:
b4:89:65:62:97:48:2c:bf:1e:53:4a:09:6d:bb:88:9f:42:78:
61:86:29:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzFfg0YOXYGpOj2J+bUNGsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwMTAyMTUyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDZiNmFiZmVhMjViMTc2ZDVlODM1MmQ0M2Y4ZTk3ODE3NmE0YWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgk6MUaKVCghs5BEX/iTRE/6F60Pu
l9auuzzBk0oM0RVPqkVb6ET0G1jLWveScWGFXY+WPSx2PL28wXaA0AwDjcHnBAQr
B2B5m+tihchRQhCQKJJE++EU1gg/Q2LQ0491AGDfrHOkY2EjlfttFM0SBKujyp7m
10swOzpDvPB/mPCMtP5UkbRvjB8/DOS7nQ738Cp+wpNW6tfSxkSX4PVyjLL7XLkE
VV5TovhralrBjreo1br0lVYL2IkO4XRYdIOemHZg+q47iydSOK3vAo7+/7mxtAuw
JI57Me7YoKkTZxOTiQKvZ9ghWO2fSBIzSLbKWeRaY6WbnMsLjWU+K8xWPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHRrar/qJbF21eg1LUP46XgXakrYMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvZEd0cXYtb2xzWGJWNkRVdFFfanBlQmRxU3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWfz8MA0G
CSqGSIb3DQEBCwUAA4IBAQBkuLw/mdZR/F11qDLSg2Vu82fpg8abGxiXnBH8DOSb
TjXp4kdGDGlmx0lGV135tVSAllr5OWbgLY31Ze3cCqKxVxN0ag3qQLjVJRIQyZtk
45PCwi5/UjLjz44cLVgfcFpIdqLbie/y/MImLxqxrHjtxsGTqTPuECilgGWaE/2X
9OEsoB3Z3Kartsmob+ofQ/4iWuyBNFa2IwlXPM4La4IhBjeXE6uKQhLBqX5SKXjw
dlwP0nYFBAJl/GTZK5sEo51sVy6T3kCsHVJ6iwN7usfPMMamx46LiC+VH/t4jOBn
kfzhR+13xxD5mX+0iWVil0gsvx5TSgltu4ifQnhhhimw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:11 2025 by rpki-client