Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/fsJSwY8Tb_iytR4-TlDU60tEkVw.roa
File: fsJSwY8Tb_iytR4-TlDU60tEkVw.roa (raw, json)
Hash identifier: zAeEu6beduYFoDL9lQsKIiHGGXMVCD/Z9oJ9ekMar7o=
Subject key identifier: 7E:C2:52:C1:8F:13:6F:F8:B2:B5:1E:3E:4E:50:D4:EB:4B:44:91:5C
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0A1CD795
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/fsJSwY8Tb_iytR4-TlDU60tEkVw.roa
Signing time: Thu 28 Apr 2022 07:53:05 +0000
ROA not before: Thu 28 Apr 2022 07:53:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51189
IP address blocks: 89.252.252.0/22 maxlen: 22
89.252.252.0/23 maxlen: 23
89.252.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169662357 (0xa1cd795)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Apr 28 07:53:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7ec252c18f136ff8b2b51e3e4e50d4eb4b44915c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b3:35:4b:ac:8c:eb:ae:d2:c8:e1:bc:8d:51:
ee:68:2f:90:61:05:a4:0e:79:1b:39:05:b5:ed:1f:
47:ff:db:da:ee:16:50:4f:26:07:f3:70:b5:51:36:
13:b3:46:bc:3a:72:72:60:cd:1a:5f:3c:9f:05:fa:
51:80:53:b6:6b:57:51:99:ea:14:55:a1:e6:d6:d5:
b0:6b:46:3d:d7:45:95:0b:c8:75:3a:95:fc:f4:6d:
c6:93:8e:4d:5b:13:d2:1a:9d:61:ee:6f:75:25:77:
11:59:80:00:cb:f7:ed:d3:1c:8b:4c:51:0b:76:c8:
3d:f1:3e:43:a5:40:b3:2d:e9:cb:fa:d5:5e:aa:55:
4a:ef:b3:85:86:9f:03:75:a5:7e:24:c5:55:5a:46:
8e:cd:ca:45:d0:29:b7:4d:42:65:dc:a8:06:a0:0f:
15:cb:c7:a6:0b:60:bc:0e:27:eb:21:00:76:18:1f:
0b:09:e5:a0:3f:3b:8e:54:d9:03:14:16:8c:18:5a:
30:21:a1:c1:57:bc:63:ef:6f:c6:e7:99:0a:0e:52:
fe:ab:52:34:b6:29:b9:7d:49:77:f6:14:3c:08:f1:
58:3a:1b:88:b3:db:2b:1c:05:a7:76:dd:31:e0:22:
c9:4c:f9:44:9b:d6:81:0f:5a:0d:90:a6:55:a7:e1:
16:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:C2:52:C1:8F:13:6F:F8:B2:B5:1E:3E:4E:50:D4:EB:4B:44:91:5C
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/fsJSwY8Tb_iytR4-TlDU60tEkVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.252.0/22
Signature Algorithm: sha256WithRSAEncryption
dd:69:66:f8:31:af:11:b3:5c:22:74:35:8b:e8:df:2d:66:fe:
51:55:46:5c:bb:19:1a:0b:5e:25:a7:f6:68:7a:f1:ef:75:70:
ed:73:f1:86:8c:4c:e8:60:8d:f5:ea:ce:2f:f8:b8:55:66:a7:
78:19:4b:89:31:fc:df:db:89:e4:5a:a2:28:58:91:de:bc:90:
cf:30:63:3a:f7:f1:d9:ab:a6:75:5a:e9:49:81:83:3d:ae:df:
83:7e:70:08:ae:a1:94:28:de:5c:6d:7a:b2:08:6b:74:30:0b:
6f:cb:76:ab:e6:90:d8:df:94:9a:61:ed:1d:29:32:93:13:5a:
47:2f:cc:63:63:b1:e6:db:df:18:04:34:0c:92:53:39:f2:ab:
1e:2c:9e:ce:62:ae:ae:a5:01:4b:10:9d:0d:b7:5d:44:39:92:
e3:a2:fb:c1:2b:00:a9:60:47:6c:ad:77:96:3f:be:0f:e4:f9:
84:bf:bd:36:34:85:f4:56:e5:73:ee:c7:d9:23:4f:84:7a:2d:
51:19:a0:95:4f:e7:50:f5:3b:ff:49:21:e1:00:fb:31:f7:27:
1a:cd:bc:db:6b:7f:41:87:63:69:3c:d5:1e:64:c5:f5:68:60:
f6:40:d9:e9:29:c3:f8:0d:a5:43:57:50:90:35:53:1a:6a:6c:
28:f9:17:86
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEChzXlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTA0YTQwODIxYzQxNzZjYzQyZTI1NWVmNmMxNzI3NDczYzNmMDBhMB4XDTIyMDQy
ODA3NTMwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2VjMjUyYzE4ZjEz
NmZmOGIyYjUxZTNlNGU1MGQ0ZWI0YjQ0OTE1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+zNUusjOuu0sjhvI1R7mgvkGEFpA55GzkFte0fR//b2u4W
UE8mB/NwtVE2E7NGvDpycmDNGl88nwX6UYBTtmtXUZnqFFWh5tbVsGtGPddFlQvI
dTqV/PRtxpOOTVsT0hqdYe5vdSV3EVmAAMv37dMci0xRC3bIPfE+Q6VAsy3py/rV
XqpVSu+zhYafA3WlfiTFVVpGjs3KRdApt01CZdyoBqAPFcvHpgtgvA4n6yEAdhgf
CwnloD87jlTZAxQWjBhaMCGhwVe8Y+9vxueZCg5S/qtSNLYpuX1Jd/YUPAjxWDob
iLPbKxwFp3bdMeAiyUz5RJvWgQ9aDZCmVafhFvsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR+wlLBjxNv+LK1Hj5OUNTrS0SRXDAfBgNVHSMEGDAWgBRBBKQIIcQXbMQu
JV72wXJ0c8PwCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FRU2tDQ0hFRjJ6RUxpVmU5c0Z5ZEhQRDhBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvOTY5OTYyLTEyZDMtNDFiMi1hYjQzLWIyN2Q2ZTI3OGUxOC8x
L2ZzSlN3WThUYl9peXRSNC1UbERVNjB0RWtWdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
OTY5OTYyLTEyZDMtNDFiMi1hYjQzLWIyN2Q2ZTI3OGUxOC8xL1FRU2tDQ0hFRjJ6
RUxpVmU5c0Z5ZEhQRDhBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAln8/DANBgkqhkiG9w0BAQsFAAOC
AQEA3Wlm+DGvEbNcInQ1i+jfLWb+UVVGXLsZGgteJaf2aHrx73Vw7XPxhoxM6GCN
9erOL/i4VWaneBlLiTH839uJ5FqiKFiR3ryQzzBjOvfx2aumdVrpSYGDPa7fg35w
CK6hlCjeXG16sghrdDALb8t2q+aQ2N+UmmHtHSkykxNaRy/MY2Ox5tvfGAQ0DJJT
OfKrHiyezmKurqUBSxCdDbddRDmS46L7wSsAqWBHbK13lj++D+T5hL+9NjSF9Fbl
c+7H2SNPhHotURmglU/nUPU7/0kh4QD7MfcnGs2822t/QYdjaTzVHmTF9Whg9kDZ
6SnD+A2lQ1dQkDVTGmpsKPkXhg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:46 2025 by rpki-client