Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/IN4SFSniRy92RVYfAW17TSX9gUw.roa
File: IN4SFSniRy92RVYfAW17TSX9gUw.roa (raw, json)
Hash identifier: yyE46TGLUid5J5bFpk3wQrs5hTEtBQjHpEY3jRB1RrI=
Subject key identifier: 20:DE:12:15:29:E2:47:2F:76:45:56:1F:01:6D:7B:4D:25:FD:81:4C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0184E7D36258A99B58F869C76144F0AD3C07
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/IN4SFSniRy92RVYfAW17TSX9gUw.roa
Signing time: Tue 06 Dec 2022 14:25:00 +0000
ROA not before: Tue 06 Dec 2022 14:25:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 92.52.214.0/24 maxlen: 24
88.209.249.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:d3:62:58:a9:9b:58:f8:69:c7:61:44:f0:ad:3c:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 6 14:25:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20de121529e2472f7645561f016d7b4d25fd814c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:42:2f:0f:e0:4c:c0:60:f2:73:fc:88:88:33:
52:b0:62:bd:04:fe:a1:1e:01:d1:45:7c:2d:77:5f:
17:12:a0:91:c2:96:52:24:96:09:50:b4:7a:d7:93:
0b:3b:06:46:e4:2d:86:a5:a5:4b:23:56:41:bd:16:
87:ce:68:ab:4e:3d:e3:f8:35:d8:43:0d:e2:91:ac:
6a:86:35:4e:30:2e:c1:67:69:58:71:9f:fb:52:3d:
a8:6e:d1:3a:94:30:b0:b3:ce:ca:50:d5:5e:f9:48:
5f:e9:e2:35:0a:2b:40:21:d2:5a:f8:64:84:0e:6a:
42:86:a4:36:50:b2:53:9a:fc:6f:17:7e:42:95:2b:
95:e6:df:92:cb:5b:d9:a7:1d:ca:1d:56:a3:03:41:
4d:22:de:3a:5a:a0:31:66:ff:b4:49:a9:c5:a6:ba:
23:d3:e7:ca:ab:2f:da:74:64:2f:43:f5:6f:d5:b3:
39:a6:1a:4c:28:7d:dc:e3:7b:36:64:a5:4f:a3:29:
33:72:34:74:9d:64:48:ce:6f:3c:ec:ad:e8:27:bd:
ce:08:f0:a6:2b:9a:6c:0c:cf:30:2d:2f:09:82:85:
a6:61:20:01:89:cf:26:1a:48:65:fd:ee:58:9b:18:
48:e1:be:29:68:ff:ae:92:12:52:f7:55:a4:e8:3b:
3f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:DE:12:15:29:E2:47:2F:76:45:56:1F:01:6D:7B:4D:25:FD:81:4C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/IN4SFSniRy92RVYfAW17TSX9gUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.201.0/24
88.209.249.0/24
92.52.214.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:5f:e4:7a:63:ca:66:19:40:4d:37:e0:c2:c2:9d:6b:70:81:
a8:a7:91:50:88:4d:fa:37:1e:02:c1:7a:04:36:bc:47:b5:67:
1a:4f:a9:a8:aa:af:65:e3:a1:61:ee:41:70:9f:72:8a:4d:ea:
b9:33:0b:6c:27:61:57:73:cb:97:41:55:4c:68:cf:3c:c0:b5:
c9:9a:de:6a:d6:fa:15:04:06:07:37:dd:26:5b:e9:39:22:3b:
4b:68:66:21:fd:25:8f:30:b7:9e:b7:be:e5:67:7b:02:b2:64:
77:25:99:77:ad:3e:c5:3b:97:c6:6c:fd:db:c4:7e:e1:3f:4e:
02:9b:28:21:32:93:d3:2b:4b:1b:19:e6:28:e3:ca:b6:33:63:
36:2f:3e:c5:d2:25:97:be:88:f9:4e:be:c8:25:36:71:9d:e5:
7d:7f:4b:40:59:85:79:27:67:b8:32:8f:9c:b4:c9:48:2a:a7:
52:ae:fd:82:6e:e3:6f:fd:7b:ac:70:e9:95:10:a4:63:ba:d2:
97:54:ef:13:26:3e:54:fe:e2:e8:a9:9b:70:8e:1c:1b:f8:15:
ec:04:9f:0e:de:f4:2e:54:cd:f3:bf:e6:82:aa:93:4d:a4:c0:
d0:26:eb:d3:06:aa:1b:75:5e:36:64:bc:33:ea:e6:3c:a7:79:
88:4d:06:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTn02JYqZtY+GnHYUTwrTwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMjA2MTQyNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGRlMTIxNTI5ZTI0NzJmNzY0NTU2MWYwMTZkN2I0ZDI1ZmQ4MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0IvD+BMwGDyc/yIiDNSsGK9BP6h
HgHRRXwtd18XEqCRwpZSJJYJULR615MLOwZG5C2GpaVLI1ZBvRaHzmirTj3j+DXY
Qw3ikaxqhjVOMC7BZ2lYcZ/7Uj2obtE6lDCws87KUNVe+Uhf6eI1CitAIdJa+GSE
DmpChqQ2ULJTmvxvF35ClSuV5t+Sy1vZpx3KHVajA0FNIt46WqAxZv+0SanFproj
0+fKqy/adGQvQ/Vv1bM5phpMKH3c43s2ZKVPoykzcjR0nWRIzm887K3oJ73OCPCm
K5psDM8wLS8JgoWmYSABic8mGkhl/e5YmxhI4b4paP+ukhJS91Wk6Ds/4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCDeEhUp4kcvdkVWHwFte00l/YFMMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSU40U0ZTbmlSeTkyUlZZZkFXMTdUU1g5Z1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNHJAwQA
WNH5AwQAXDTWMA0GCSqGSIb3DQEBCwUAA4IBAQClX+R6Y8pmGUBNN+DCwp1rcIGo
p5FQiE36Nx4CwXoENrxHtWcaT6moqq9l46Fh7kFwn3KKTeq5MwtsJ2FXc8uXQVVM
aM88wLXJmt5q1voVBAYHN90mW+k5IjtLaGYh/SWPMLeet77lZ3sCsmR3JZl3rT7F
O5fGbP3bxH7hP04CmyghMpPTK0sbGeYo48q2M2M2Lz7F0iWXvoj5Tr7IJTZxneV9
f0tAWYV5J2e4Mo+ctMlIKqdSrv2CbuNv/XuscOmVEKRjutKXVO8TJj5U/uLoqZtw
jhwb+BXsBJ8O3vQuVM3zv+aCqpNNpMDQJuvTBqobdV42ZLwz6uY8p3mITQaM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org