Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/8gOP-pDc4TQq9DHjukQFGkDMs1A.roa
File: 8gOP-pDc4TQq9DHjukQFGkDMs1A.roa (raw, json)
Hash identifier: OpyOGyOFt6QrjAGdtjbywvfPf0thgS6kWQmpf1srX5U=
Subject key identifier: F2:03:8F:FA:90:DC:E1:34:2A:F4:31:E3:BA:44:05:1A:40:CC:B3:50
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 2B20215F
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/8gOP-pDc4TQq9DHjukQFGkDMs1A.roa
Signing time: Sat 01 Jan 2022 13:58:16 +0000
ROA not before: Sat 01 Jan 2022 13:58:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209292
IP address blocks: 85.31.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 723525983 (0x2b20215f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 13:58:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f2038ffa90dce1342af431e3ba44051a40ccb350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4c:a9:87:cb:35:cc:19:05:c3:0c:6e:cd:3c:
f6:f7:39:11:cd:f7:ac:6e:2a:c9:0d:f8:89:c0:12:
56:e8:b5:60:a6:a5:d1:8d:95:31:f1:72:3d:04:65:
ed:0d:85:ce:9e:1e:3d:b6:e7:1e:a6:a7:26:8f:cd:
5b:a4:dc:7c:e4:82:3f:40:25:62:12:7a:d2:f1:17:
29:0f:f0:a9:5a:5b:78:de:b9:96:79:00:38:74:7f:
87:25:dd:b2:0a:63:50:9a:7e:d2:ba:aa:80:31:dd:
90:f3:d4:fd:91:5c:51:44:95:ce:45:e9:d2:fd:a2:
77:fc:dd:dd:01:4f:fb:a2:54:80:16:1f:13:9a:ac:
c8:98:06:a2:23:8e:d6:80:9b:e2:ee:5b:42:1c:c0:
20:d1:a1:aa:6c:fd:13:f6:20:38:a0:02:d6:00:3e:
20:ee:f7:be:87:23:98:fa:a0:1e:63:61:11:bc:dd:
56:3a:b4:02:aa:11:48:f5:47:30:7b:a4:3b:86:85:
20:43:ce:de:c4:f9:f1:84:de:79:07:f9:79:4b:19:
7f:6e:bb:8f:40:07:ce:db:4c:ac:3b:6f:c2:37:ee:
33:09:ab:df:54:29:18:fa:5f:58:17:ed:a0:d9:57:
5f:bd:b7:d9:56:ee:0f:8b:5e:e5:10:5b:67:32:cf:
86:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:03:8F:FA:90:DC:E1:34:2A:F4:31:E3:BA:44:05:1A:40:CC:B3:50
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/8gOP-pDc4TQq9DHjukQFGkDMs1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.254.0/24
Signature Algorithm: sha256WithRSAEncryption
66:a3:b3:ab:3f:68:f2:e3:cf:b3:73:51:50:77:b5:69:a1:aa:
e6:62:79:95:24:d1:70:ec:c9:24:6a:4e:c5:90:45:6c:b6:62:
19:2f:93:bd:60:1d:ca:21:25:5f:e1:c2:5f:bb:5a:ed:a8:2e:
51:96:cf:be:79:49:61:66:9a:1f:bc:84:39:8d:0e:40:dd:80:
1a:5e:88:d3:fa:a3:86:3e:c5:98:c1:c7:2d:01:b6:a3:f7:ab:
7b:26:2b:00:41:4b:0e:4b:9b:0c:d8:3d:a8:b8:ee:d3:18:b8:
7a:5c:80:44:c8:a7:df:0d:27:00:ca:50:74:71:11:d2:6b:f1:
d3:24:e5:01:f3:d8:a1:1b:0d:70:86:40:84:d5:9e:f2:7d:35:
21:22:5d:b0:d4:46:8d:38:0d:62:8b:bb:9d:e3:a8:e7:15:a0:
7f:57:67:87:1d:18:3b:b5:50:8d:01:58:b0:ca:e1:e7:18:e9:
c1:56:69:04:74:3f:6f:7b:a9:36:28:85:b2:5c:3e:f0:47:41:
04:e4:43:d3:f8:e8:93:cc:83:23:65:f5:82:a4:f8:1a:20:87:
47:4b:27:91:7f:61:0b:38:a2:37:7a:ba:dd:29:ca:12:5a:49:
e5:b9:77:45:c2:60:5a:df:be:c3:d0:0e:36:c8:cb:4b:24:90:
e0:48:dd:59
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKyAhXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjIwMzhmZmE5MGRj
ZTEzNDJhZjQzMWUzYmE0NDA1MWE0MGNjYjM1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5MqYfLNcwZBcMMbs089vc5Ec33rG4qyQ34icASVui1YKal
0Y2VMfFyPQRl7Q2Fzp4ePbbnHqanJo/NW6TcfOSCP0AlYhJ60vEXKQ/wqVpbeN65
lnkAOHR/hyXdsgpjUJp+0rqqgDHdkPPU/ZFcUUSVzkXp0v2id/zd3QFP+6JUgBYf
E5qsyJgGoiOO1oCb4u5bQhzAINGhqmz9E/YgOKAC1gA+IO73vocjmPqgHmNhEbzd
Vjq0AqoRSPVHMHukO4aFIEPO3sT58YTeeQf5eUsZf267j0AHzttMrDtvwjfuMwmr
31QpGPpfWBftoNlXX7232VbuD4te5RBbZzLPhlcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTyA4/6kNzhNCr0MeO6RAUaQMyzUDAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
LzhnT1AtcERjNFRRcTlESGp1a1FGR2tETXMxQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFUf/jANBgkqhkiG9w0BAQsFAAOC
AQEAZqOzqz9o8uPPs3NRUHe1aaGq5mJ5lSTRcOzJJGpOxZBFbLZiGS+TvWAdyiEl
X+HCX7ta7aguUZbPvnlJYWaaH7yEOY0OQN2AGl6I0/qjhj7FmMHHLQG2o/ereyYr
AEFLDkubDNg9qLju0xi4elyARMin3w0nAMpQdHER0mvx0yTlAfPYoRsNcIZAhNWe
8n01ISJdsNRGjTgNYou7neOo5xWgf1dnhx0YO7VQjQFYsMrh5xjpwVZpBHQ/b3up
NiiFslw+8EdBBORD0/jok8yDI2X1gqT4GiCHR0snkX9hCziiN3q63SnKElpJ5bl3
RcJgWt++w9AONsjLSySQ4EjdWQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org