Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/lJfYHipavm3zx0HdwUmC627NRxE.roa
File: lJfYHipavm3zx0HdwUmC627NRxE.roa (raw, json)
Hash identifier: xrlRLI8NJtgff4cU6UNOGwWl8CB6PA7pHfdtArWHMtY=
Subject key identifier: 94:97:D8:1E:2A:5A:BE:6D:F3:C7:41:DD:C1:49:82:EB:6E:CD:47:11
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0183A46CEEA49AA805194FFD54DE8DCB1F71
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/lJfYHipavm3zx0HdwUmC627NRxE.roa
Signing time: Tue 04 Oct 2022 19:15:45 +0000
ROA not before: Tue 04 Oct 2022 19:15:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205343
IP address blocks: 89.252.242.0/23 maxlen: 23
176.67.238.0/24 maxlen: 24
89.252.206.0/24 maxlen: 24
89.252.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a4:6c:ee:a4:9a:a8:05:19:4f:fd:54:de:8d:cb:1f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Oct 4 19:15:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9497d81e2a5abe6df3c741ddc14982eb6ecd4711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a1:75:82:f9:0e:58:10:2c:be:82:cc:63:06:
dc:3e:d3:d4:41:92:14:28:33:e8:3a:e5:ea:69:c5:
c8:4c:83:71:f2:fb:49:bb:1b:e8:95:45:dd:19:fb:
c7:10:24:26:0d:9e:64:05:ae:e1:7b:37:44:46:43:
c4:6a:a3:7c:d1:1e:3e:5e:78:de:d7:97:b0:68:d7:
a0:7e:f1:c3:be:df:be:1b:cb:81:41:ea:6b:96:c5:
1a:a1:cc:23:d9:b9:cf:1d:73:af:f3:f9:6f:af:fa:
b2:0b:42:8d:ab:fc:97:fe:a2:06:49:bf:e3:3f:5e:
84:7c:67:76:2f:20:18:bc:1c:db:86:67:37:02:54:
a0:fe:2b:9b:bd:2a:90:e6:37:63:93:5c:c3:f2:3b:
41:93:31:23:22:24:1e:17:6f:1d:df:55:7f:57:6d:
68:5f:a8:90:31:1b:fd:e6:65:ee:08:ee:3d:ae:0b:
bf:6b:94:1d:a5:e2:c2:a1:d8:cf:2e:55:91:6e:ba:
ce:52:8f:09:6c:63:fc:ab:ec:53:e6:d5:b8:7c:e6:
49:ea:e3:da:16:0f:05:67:3c:ee:43:cc:7e:8f:a0:
af:6b:35:de:ff:ba:4c:08:32:be:21:62:f1:0f:fb:
f5:17:fd:fa:0e:ed:0e:74:84:94:5f:73:90:5a:df:
a9:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:97:D8:1E:2A:5A:BE:6D:F3:C7:41:DD:C1:49:82:EB:6E:CD:47:11
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/lJfYHipavm3zx0HdwUmC627NRxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.206.0/23
89.252.242.0/23
176.67.238.0/24
Signature Algorithm: sha256WithRSAEncryption
10:ed:05:a4:2a:b9:e6:37:80:69:25:35:72:ae:1a:33:8e:7a:
8c:23:a4:07:ad:2d:51:7a:f2:ef:b5:43:44:38:5e:c0:bd:ad:
62:d4:1b:52:ff:c3:b3:0d:79:ee:5a:22:f2:83:1a:a5:e4:eb:
35:57:82:fe:d6:12:df:18:02:04:f7:3a:8c:10:f9:15:80:3b:
e1:37:05:9e:ae:e0:21:f7:d1:94:31:ae:21:4e:1a:50:fa:ee:
42:ca:9c:1c:28:25:f4:dd:34:37:56:b2:25:84:00:c9:04:19:
af:78:6d:90:32:dd:2e:9e:d8:4e:27:b9:f2:45:f9:43:0d:40:
8d:f4:24:91:b1:d9:82:11:d9:f2:00:89:3d:ce:62:77:c9:1f:
20:81:00:6c:15:f0:ec:ce:8b:36:26:f6:3b:13:d1:1a:3d:fc:
8c:c4:89:40:a6:1e:21:32:7c:f7:22:6f:74:93:8a:e5:62:69:
17:31:d8:29:47:ea:79:eb:29:e0:04:91:9c:f7:e6:56:59:ee:
22:a4:4b:4a:7e:5c:52:75:1c:37:6a:4c:c0:51:86:0c:c7:f8:
92:86:9f:dc:23:99:53:b9:65:fa:3e:4c:a1:5b:ac:cd:51:c7:
18:55:65:f9:78:33:03:fe:74:0d:0d:c3:05:d2:5a:72:e7:a7:
7e:fe:2f:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOkbO6kmqgFGU/9VN6Nyx9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjIxMDA0MTkxNTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk3ZDgxZTJhNWFiZTZkZjNjNzQxZGRjMTQ5ODJlYjZlY2Q0NzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKF1gvkOWBAsvoLMYwbcPtPUQZIU
KDPoOuXqacXITINx8vtJuxvolUXdGfvHECQmDZ5kBa7hezdERkPEaqN80R4+Xnje
15ewaNegfvHDvt++G8uBQeprlsUaocwj2bnPHXOv8/lvr/qyC0KNq/yX/qIGSb/j
P16EfGd2LyAYvBzbhmc3AlSg/iubvSqQ5jdjk1zD8jtBkzEjIiQeF28d31V/V21o
X6iQMRv95mXuCO49rgu/a5QdpeLCodjPLlWRbrrOUo8JbGP8q+xT5tW4fOZJ6uPa
Fg8FZzzuQ8x+j6CvazXe/7pMCDK+IWLxD/v1F/36Du0OdISUX3OQWt+pbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJSX2B4qWr5t88dB3cFJgutuzUcRMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvbEpmWUhpcGF2bTN6eDBIZHdVbUM2MjdOUnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWfzOAwQB
WfzyAwQAsEPuMA0GCSqGSIb3DQEBCwUAA4IBAQAQ7QWkKrnmN4BpJTVyrhozjnqM
I6QHrS1RevLvtUNEOF7Ava1i1BtS/8OzDXnuWiLygxql5Os1V4L+1hLfGAIE9zqM
EPkVgDvhNwWeruAh99GUMa4hThpQ+u5CypwcKCX03TQ3VrIlhADJBBmveG2QMt0u
nthOJ7nyRflDDUCN9CSRsdmCEdnyAIk9zmJ3yR8ggQBsFfDszos2JvY7E9EaPfyM
xIlAph4hMnz3Im90k4rlYmkXMdgpR+p56yngBJGc9+ZWWe4ipEtKflxSdRw3akzA
UYYMx/iShp/cI5lTuWX6PkyhW6zNUccYVWX5eDMD/nQNDcMF0lpy56d+/i9F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org