Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/42wXPvJdH83fECNktVN2jSUfZfo.roa
File: 42wXPvJdH83fECNktVN2jSUfZfo.roa (raw, json)
Hash identifier: cAmFXYXh8Z63ZjuadFsuSwnL4vuSrSw3czlpFJyMAAE=
Subject key identifier: E3:6C:17:3E:F2:5D:1F:CD:DF:10:23:64:B5:53:76:8D:25:1F:65:FA
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0A27569B
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/42wXPvJdH83fECNktVN2jSUfZfo.roa
Signing time: Thu 28 Apr 2022 07:53:11 +0000
ROA not before: Thu 28 Apr 2022 07:53:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205343
IP address blocks: 89.252.242.0/23 maxlen: 23
176.67.239.0/24 maxlen: 24
176.67.238.0/24 maxlen: 24
89.252.206.0/24 maxlen: 24
89.252.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170350235 (0xa27569b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Apr 28 07:53:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e36c173ef25d1fcddf102364b553768d251f65fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:97:f2:d1:74:78:bd:c1:dd:f2:72:a4:a5:fb:
14:1b:99:d0:db:60:d9:05:5c:33:1e:00:3e:af:16:
be:6f:4f:92:70:5c:3c:6a:6f:26:54:bf:c2:35:16:
4f:9f:3b:bf:bb:9c:46:c8:d2:a5:ab:49:88:47:a1:
e0:de:7b:a5:09:67:b2:75:19:ec:2f:9c:32:62:c3:
99:fe:8e:22:45:5a:57:e5:5b:45:c6:e6:69:1b:18:
77:88:9d:72:1f:9c:ac:a8:f7:d9:cd:2c:41:45:13:
6b:8b:f0:57:55:99:7c:60:3c:f4:c1:5a:49:51:b5:
ae:71:08:cc:b2:cb:34:af:7d:c9:f2:18:7b:d0:3e:
04:7c:d5:4e:80:46:03:64:28:ab:9b:ba:0e:2f:51:
9e:00:2a:a0:56:be:76:1d:a1:71:4c:37:35:2c:61:
1a:69:1c:a5:86:d4:4e:f8:8b:48:43:af:43:c3:32:
e7:f1:87:fa:48:68:ab:5c:bc:d2:20:9b:94:79:57:
1a:5b:b7:36:60:66:59:b0:2e:82:d9:1e:d0:09:8d:
68:70:3c:c8:f6:59:c3:9f:40:21:3c:e3:89:f8:2d:
94:b1:e7:fb:93:0f:c9:b3:cf:34:7f:f2:cb:8b:db:
4f:05:74:28:f5:f0:6b:b2:b9:e2:41:7e:0c:80:4e:
01:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:6C:17:3E:F2:5D:1F:CD:DF:10:23:64:B5:53:76:8D:25:1F:65:FA
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/42wXPvJdH83fECNktVN2jSUfZfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.206.0/23
89.252.242.0/23
176.67.238.0/23
Signature Algorithm: sha256WithRSAEncryption
63:6e:b3:ed:61:b8:d6:e3:60:33:b1:25:d9:d5:57:44:56:b5:
8f:e9:b9:7d:07:ed:fd:e5:32:51:bb:24:ba:8b:89:7b:95:a8:
6f:64:4f:22:e2:55:f5:99:75:51:35:2d:ac:81:76:e7:8a:e4:
35:9e:13:7a:30:b1:b7:2f:3f:65:91:ae:e4:36:6e:0f:cb:d4:
73:01:59:f5:bd:92:95:39:82:22:d5:5b:5f:9b:01:31:9e:f2:
8f:ab:e8:ca:87:a0:5a:45:ce:9a:04:7c:c0:57:9e:b4:cf:6a:
be:1b:3a:60:a1:54:43:a3:1b:59:20:c0:97:31:46:db:d6:23:
7f:1d:26:1c:86:1b:40:3b:d7:9a:3c:47:3b:b7:5e:7b:47:81:
2c:ac:0d:9e:76:6c:b8:19:12:90:22:16:2a:03:1e:fb:0c:8f:
37:a3:c7:0a:46:cb:a3:92:f5:a1:bc:10:0e:e7:94:da:06:4b:
bf:bd:b3:2d:c2:93:0b:81:eb:f3:85:f9:51:95:c7:73:23:6e:
ea:ba:36:4b:6b:9e:b9:66:6d:2a:9d:78:cb:b4:c4:40:47:54:
67:c6:cf:98:b4:21:f7:e2:32:2d:ce:43:ec:e8:a9:43:60:c6:
ca:e4:37:23:4a:a1:f4:fb:74:38:76:2e:40:1a:b0:b5:1d:25:
05:b3:31:40
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECidWmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTA0YTQwODIxYzQxNzZjYzQyZTI1NWVmNmMxNzI3NDczYzNmMDBhMB4XDTIyMDQy
ODA3NTMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTM2YzE3M2VmMjVk
MWZjZGRmMTAyMzY0YjU1Mzc2OGQyNTFmNjVmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeX8tF0eL3B3fJypKX7FBuZ0Ntg2QVcMx4APq8Wvm9PknBc
PGpvJlS/wjUWT587v7ucRsjSpatJiEeh4N57pQlnsnUZ7C+cMmLDmf6OIkVaV+Vb
RcbmaRsYd4idch+crKj32c0sQUUTa4vwV1WZfGA89MFaSVG1rnEIzLLLNK99yfIY
e9A+BHzVToBGA2Qoq5u6Di9RngAqoFa+dh2hcUw3NSxhGmkcpYbUTviLSEOvQ8My
5/GH+khoq1y80iCblHlXGlu3NmBmWbAugtke0AmNaHA8yPZZw59AITzjifgtlLHn
+5MPybPPNH/yy4vbTwV0KPXwa7K54kF+DIBOAVUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTjbBc+8l0fzd8QI2S1U3aNJR9l+jAfBgNVHSMEGDAWgBRBBKQIIcQXbMQu
JV72wXJ0c8PwCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FRU2tDQ0hFRjJ6RUxpVmU5c0Z5ZEhQRDhBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvOTY5OTYyLTEyZDMtNDFiMi1hYjQzLWIyN2Q2ZTI3OGUxOC8x
LzQyd1hQdkpkSDgzZkVDTmt0Vk4yalNVZlpmby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
OTY5OTYyLTEyZDMtNDFiMi1hYjQzLWIyN2Q2ZTI3OGUxOC8xL1FRU2tDQ0hFRjJ6
RUxpVmU5c0Z5ZEhQRDhBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVn8zgMEAVn88gMEAbBD7jANBgkq
hkiG9w0BAQsFAAOCAQEAY26z7WG41uNgM7El2dVXRFa1j+m5fQft/eUyUbskuouJ
e5Wob2RPIuJV9Zl1UTUtrIF254rkNZ4TejCxty8/ZZGu5DZuD8vUcwFZ9b2SlTmC
ItVbX5sBMZ7yj6voyoegWkXOmgR8wFeetM9qvhs6YKFUQ6MbWSDAlzFG29Yjfx0m
HIYbQDvXmjxHO7dee0eBLKwNnnZsuBkSkCIWKgMe+wyPN6PHCkbLo5L1obwQDueU
2gZLv72zLcKTC4Hr84X5UZXHcyNu6ro2S2ueuWZtKp14y7TEQEdUZ8bPmLQh9+Iy
Lc5D7OipQ2DGyuQ3I0qh9Pt0OHYuQBqwtR0lBbMxQA==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:26 2023 by rpki-client on console.sobornost.net