Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/9BiLxdPjfj7p6D37Putr6gX81c8.roa
File: 9BiLxdPjfj7p6D37Putr6gX81c8.roa (raw, json)
Hash identifier: qZOSvKOJobRag/Sg+UL0iUMt9iEitiGN3+PJuIQduq0=
Subject key identifier: F4:18:8B:C5:D3:E3:7E:3E:E9:E8:3D:FB:3E:EB:6B:EA:05:FC:D5:CF
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 04372BF4
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/9BiLxdPjfj7p6D37Putr6gX81c8.roa
Signing time: Wed 26 Jan 2022 14:09:59 +0000
ROA not before: Wed 26 Jan 2022 14:09:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.239.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70724596 (0x4372bf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jan 26 14:09:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4188bc5d3e37e3ee9e83dfb3eeb6bea05fcd5cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:69:ea:6c:df:30:de:47:b4:90:13:fe:77:6d:
7f:d5:fb:4b:53:c5:69:3f:4e:28:45:08:e5:f3:fa:
55:9a:d6:17:74:1f:b6:f5:91:da:43:a5:02:6a:22:
97:82:48:6b:c2:d7:21:90:2c:a1:72:7b:2d:b9:16:
25:98:77:62:cf:93:a6:35:26:63:0e:06:85:25:28:
48:46:96:a4:ab:8f:00:6f:d6:c1:0d:04:85:36:d6:
88:1f:d0:08:10:03:1e:64:84:8d:17:0f:4d:a4:14:
52:ca:9a:d8:de:4f:13:83:ee:2d:24:65:69:ab:b3:
44:c2:98:67:87:3e:a2:6d:9d:85:52:58:f8:0e:cf:
07:07:d2:a1:6a:c8:a0:24:35:8e:d3:27:f0:91:94:
6f:4b:d6:b4:c6:53:3b:67:82:c1:6b:ac:0b:be:35:
56:0a:33:94:d3:34:64:16:e3:14:0f:6d:6a:98:2f:
8c:fc:36:2d:56:3f:cf:8b:84:f6:a1:89:fb:75:43:
8e:d4:dd:e0:05:c1:8f:2e:df:cf:fd:9c:97:b4:44:
92:f6:17:0d:38:55:ff:4f:4e:05:e3:0f:af:b5:1d:
28:8d:49:37:42:0c:e3:58:54:f0:2c:93:19:fa:8c:
f1:08:f0:06:81:e5:de:24:34:d6:c9:5d:b6:6b:2c:
29:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:18:8B:C5:D3:E3:7E:3E:E9:E8:3D:FB:3E:EB:6B:EA:05:FC:D5:CF
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/9BiLxdPjfj7p6D37Putr6gX81c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.151.0/24
Signature Algorithm: sha256WithRSAEncryption
16:c6:e1:d1:56:a1:4d:8a:a7:c3:9e:b2:01:17:d5:44:83:a6:
f1:ed:13:bd:74:84:f2:7c:2a:c8:7b:57:4c:6a:ca:8f:f6:ac:
b2:8d:06:2f:b5:16:f2:3a:07:48:bd:ec:71:b4:e9:8d:d4:01:
11:19:b5:d6:a0:2b:d5:42:f1:68:b9:cb:f7:db:a7:c2:41:1f:
92:df:0e:1e:cb:e6:18:4b:63:26:ee:cd:31:40:19:97:81:44:
67:98:b9:e0:ab:e6:3c:4f:59:ab:93:42:3d:14:63:e9:66:ed:
9f:fd:08:b8:72:38:a0:63:fb:01:de:58:ee:2b:c0:c9:ed:9e:
2f:59:fa:a1:3b:fd:78:da:44:08:35:08:d3:ea:3d:b1:2f:7b:
12:0b:b6:03:91:66:13:a2:5d:9c:19:e4:17:d8:39:3c:d9:37:
e5:20:89:d7:30:f6:4f:11:09:b2:67:81:1d:a6:44:52:45:97:
68:fb:d9:f9:f6:a9:12:18:72:24:97:2f:11:c9:f8:ff:52:d2:
79:ed:db:9d:17:e1:f1:7e:28:cc:f6:01:6a:55:23:20:c3:52:
91:1c:1d:3b:3f:70:ba:4a:f9:d4:b4:5a:96:e9:88:36:ae:ab:
0f:63:f3:1f:44:f3:33:03:8b:08:16:d6:2b:ee:1d:55:0a:c0:
fb:35:f6:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBDcr9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWQyZGFmZjFjNWJiNjFhMGFjOGIzY2FlYWQ0YjhhMWZhMjg0ZDBmMB4XDTIyMDEy
NjE0MDk1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQxODhiYzVkM2Uz
N2UzZWU5ZTgzZGZiM2VlYjZiZWEwNWZjZDVjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1p6mzfMN5HtJAT/ndtf9X7S1PFaT9OKEUI5fP6VZrWF3Qf
tvWR2kOlAmoil4JIa8LXIZAsoXJ7LbkWJZh3Ys+TpjUmYw4GhSUoSEaWpKuPAG/W
wQ0EhTbWiB/QCBADHmSEjRcPTaQUUsqa2N5PE4PuLSRlaauzRMKYZ4c+om2dhVJY
+A7PBwfSoWrIoCQ1jtMn8JGUb0vWtMZTO2eCwWusC741VgozlNM0ZBbjFA9tapgv
jPw2LVY/z4uE9qGJ+3VDjtTd4AXBjy7fz/2cl7REkvYXDThV/09OBeMPr7UdKI1J
N0IM41hU8CyTGfqM8QjwBoHl3iQ01sldtmssKV0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0GIvF0+N+PunoPfs+62vqBfzVzzAfBgNVHSMEGDAWgBQp0tr/HFu2GgrI
s8rq1Lih+ihNDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8x
LzlCaUx4ZFBqZmo3cDZEMzdQdXRyNmdYODFjOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8xL0tkTGFfeHhidGhv
S3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXvlzANBgkqhkiG9w0BAQsFAAOC
AQEAFsbh0VahTYqnw56yARfVRIOm8e0TvXSE8nwqyHtXTGrKj/asso0GL7UW8joH
SL3scbTpjdQBERm11qAr1ULxaLnL99unwkEfkt8OHsvmGEtjJu7NMUAZl4FEZ5i5
4KvmPE9Zq5NCPRRj6Wbtn/0IuHI4oGP7Ad5Y7ivAye2eL1n6oTv9eNpECDUI0+o9
sS97Egu2A5FmE6JdnBnkF9g5PNk35SCJ1zD2TxEJsmeBHaZEUkWXaPvZ+fapEhhy
JJcvEcn4/1LSee3bnRfh8X4ozPYBalUjIMNSkRwdOz9wukr51LRalumINq6rD2Pz
H0TzMwOLCBbWK+4dVQrA+zX23A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org