Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/rsSaRrvw8KA8UoiNyjhx3vGt8lc.roa
File: rsSaRrvw8KA8UoiNyjhx3vGt8lc.roa (raw, json)
Hash identifier: ypipNO8ePyYgDGjTR6xKA4DOox0KS1P7hkRnGhPtmuY=
Subject key identifier: AE:C4:9A:46:BB:F0:F0:A0:3C:52:88:8D:CA:38:71:DE:F1:AD:F2:57
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 018A184DC8B583F9BA22329E7049868E6E54
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/rsSaRrvw8KA8UoiNyjhx3vGt8lc.roa
Signing time: Mon 21 Aug 2023 13:34:25 +0000
ROA not before: Mon 21 Aug 2023 13:34:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205343
IP address blocks: 89.252.242.0/23 maxlen: 23
89.252.206.0/24 maxlen: 24
89.252.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:18:4d:c8:b5:83:f9:ba:22:32:9e:70:49:86:8e:6e:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Aug 21 13:34:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aec49a46bbf0f0a03c52888dca3871def1adf257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ca:8a:13:78:cb:ac:3b:01:e2:c1:c2:74:a2:
a2:67:8f:60:79:a6:29:de:bb:56:36:5c:1d:a7:30:
ff:78:e2:3a:ec:89:e5:d5:48:2c:95:5f:da:64:ef:
ca:10:61:c9:03:e0:d6:5f:41:33:23:e4:8e:69:b9:
f2:4d:a6:2f:0d:c3:ff:a4:5f:6f:e8:48:51:8e:1f:
b3:5f:a8:b3:9a:bc:b5:3c:01:f4:8b:8b:47:30:94:
73:66:68:76:84:c5:94:e1:2b:18:b2:0b:6c:37:45:
5f:95:77:0f:a1:fd:c7:d5:7d:5a:6d:9b:26:d9:4d:
16:fa:52:fa:9a:1d:b9:97:bb:7e:8b:26:02:02:92:
8b:30:eb:a1:10:af:81:9b:39:16:d3:7e:6a:05:6a:
06:51:a1:a9:6d:c2:e8:fb:73:ca:47:14:a7:70:24:
9a:65:2b:b9:e5:e6:f0:6d:fd:2b:0c:c6:1f:a7:ce:
f5:b2:a8:98:bd:74:12:3e:51:28:b6:fa:52:9c:71:
e5:ec:4c:62:8d:cb:c7:2d:c4:a9:be:33:d6:37:e8:
9f:9b:47:ad:ef:d7:25:87:6d:62:3b:d5:97:25:42:
eb:b1:91:25:ce:10:50:37:d8:5c:38:3c:eb:a7:4d:
2d:ec:6e:6c:0b:4f:d2:ca:04:8c:d0:a3:03:47:b5:
c8:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C4:9A:46:BB:F0:F0:A0:3C:52:88:8D:CA:38:71:DE:F1:AD:F2:57
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/rsSaRrvw8KA8UoiNyjhx3vGt8lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.206.0/23
89.252.242.0/23
Signature Algorithm: sha256WithRSAEncryption
e0:4d:0f:1f:3b:1e:bf:65:71:04:2d:b4:62:e0:73:85:5e:85:
9f:19:08:bc:16:6b:82:52:72:9d:aa:09:92:c7:93:63:5f:21:
b3:5d:5b:7a:13:c5:a5:90:91:e2:d1:6f:4d:c6:77:7b:c4:d2:
3b:7e:72:cb:2d:3e:2f:08:1b:81:24:87:82:07:79:ac:88:1d:
50:53:a4:5a:10:ca:12:4c:f6:ba:b4:06:99:26:41:51:61:c7:
8f:8b:d5:45:60:23:75:32:66:19:7a:48:34:02:8e:1a:87:4a:
13:7f:b8:f0:22:c8:bc:59:0e:d6:08:bd:b9:95:c6:94:14:7d:
49:a1:bf:ab:61:34:e4:e0:4f:9a:00:71:54:c1:8a:08:94:c3:
6f:4d:91:10:a9:51:fa:75:e5:1d:8e:39:bb:83:a1:ac:10:e4:
04:1e:fe:c2:44:65:8d:cf:68:e1:bb:3a:21:99:ef:13:4e:6a:
19:67:55:b1:19:f0:a0:95:7b:5a:eb:fe:62:23:6c:aa:74:9d:
c3:5e:cc:a0:b4:ce:14:dd:cb:11:7f:a6:c6:38:d3:11:cd:b0:
b1:94:8c:9f:8a:72:bd:e5:91:b8:85:7c:d5:26:2c:a5:13:5c:
2b:2f:0f:19:3c:af:f1:5b:36:e0:5a:b6:4a:fc:05:a3:5d:17:
59:91:e5:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoYTci1g/m6IjKecEmGjm5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjMwODIxMTMzNDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWM0OWE0NmJiZjBmMGEwM2M1Mjg4OGRjYTM4NzFkZWYxYWRmMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsqKE3jLrDsB4sHCdKKiZ49geaYp
3rtWNlwdpzD/eOI67Inl1UgslV/aZO/KEGHJA+DWX0EzI+SOabnyTaYvDcP/pF9v
6EhRjh+zX6izmry1PAH0i4tHMJRzZmh2hMWU4SsYsgtsN0VflXcPof3H1X1abZsm
2U0W+lL6mh25l7t+iyYCApKLMOuhEK+BmzkW035qBWoGUaGpbcLo+3PKRxSncCSa
ZSu55ebwbf0rDMYfp871sqiYvXQSPlEotvpSnHHl7ExijcvHLcSpvjPWN+ifm0et
79clh21iO9WXJULrsZElzhBQN9hcODzrp00t7G5sC0/SygSM0KMDR7XItQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK7Emka78PCgPFKIjco4cd7xrfJXMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvcnNTYVJydnc4S0E4VW9pTnlqaHgzdkd0OGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWfzOAwQB
WfzyMA0GCSqGSIb3DQEBCwUAA4IBAQDgTQ8fOx6/ZXEELbRi4HOFXoWfGQi8FmuC
UnKdqgmSx5NjXyGzXVt6E8WlkJHi0W9Nxnd7xNI7fnLLLT4vCBuBJIeCB3msiB1Q
U6RaEMoSTPa6tAaZJkFRYcePi9VFYCN1MmYZekg0Ao4ah0oTf7jwIsi8WQ7WCL25
lcaUFH1Job+rYTTk4E+aAHFUwYoIlMNvTZEQqVH6deUdjjm7g6GsEOQEHv7CRGWN
z2jhuzohme8TTmoZZ1WxGfCglXta6/5iI2yqdJ3DXsygtM4U3csRf6bGONMRzbCx
lIyfinK95ZG4hXzVJiylE1wrLw8ZPK/xWzbgWrZK/AWjXRdZkeUV
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:16 2025 by rpki-client