Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/ikndfKgAmibmJ4glrq9Q0aDt0uA.roa
File: ikndfKgAmibmJ4glrq9Q0aDt0uA.roa (raw, json)
Hash identifier: vKk4JV1I7XmLJkGPVlyyYzpWtdNR+ykDGlvewGyyFVY=
Subject key identifier: 8A:49:DD:7C:A8:00:9A:26:E6:27:88:25:AE:AF:50:D1:A0:ED:D2:E0
Certificate issuer: /CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Certificate serial: 2B203801
Authority key identifier: B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/ikndfKgAmibmJ4glrq9Q0aDt0uA.roa
Signing time: Sat 01 Jan 2022 13:58:16 +0000
ROA not before: Sat 01 Jan 2022 13:58:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209563
IP address blocks: 85.202.53.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 723531777 (0x2b203801)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9954499977278a75570b3403f4d3aa00b1b36e8
Validity
Not Before: Jan 1 13:58:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a49dd7ca8009a26e6278825aeaf50d1a0edd2e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a3:97:fe:c2:ba:9a:a9:62:cc:f1:1e:f5:2c:
2c:b0:d3:7a:ba:3c:23:f0:53:8e:27:75:d9:77:f2:
c5:c4:36:65:6c:25:18:dd:78:8a:02:81:37:f8:12:
6c:f7:9d:58:c7:14:19:39:ae:b6:2b:8c:af:1c:fa:
b5:ec:75:0d:69:ad:73:b9:c9:37:94:85:cb:50:8a:
72:45:84:bb:4e:e6:4a:fb:cb:90:32:52:0b:d8:67:
9a:b7:a1:d6:b9:23:dd:91:41:b0:32:cd:01:2a:98:
57:fc:d5:71:9f:94:86:4e:95:8a:5a:b9:ab:53:c4:
82:e0:8f:7b:f4:ff:c5:07:d3:66:e9:87:db:9e:12:
6b:39:9a:d0:fd:a3:25:d0:c7:8b:fb:7c:d6:ff:67:
94:d6:43:f5:6c:b7:79:f2:bb:66:14:d4:59:8e:ca:
28:bd:d0:98:53:be:08:e7:6c:9e:54:e8:99:5d:d5:
19:36:66:82:77:98:36:d2:25:3f:01:b5:da:48:b2:
28:75:e1:2b:a7:de:80:5f:f3:f4:7c:c8:6c:c6:5d:
5f:93:e8:d2:7e:be:19:ff:7a:ff:b5:d5:60:3e:a4:
49:3b:9f:53:a8:92:8e:67:29:1c:68:14:13:7f:dd:
bb:3b:54:6f:25:7a:e0:49:7e:86:77:93:d7:a4:53:
e5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:49:DD:7C:A8:00:9A:26:E6:27:88:25:AE:AF:50:D1:A0:ED:D2:E0
X509v3 Authority Key Identifier:
keyid:B9:95:44:99:97:72:78:A7:55:70:B3:40:3F:4D:3A:A0:0B:1B:36:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uZVEmZdyeKdVcLNAP006oAsbNug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/ikndfKgAmibmJ4glrq9Q0aDt0uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/788803-be12-433f-a8d0-024b1655c247/1/uZVEmZdyeKdVcLNAP006oAsbNug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.53.0/24
Signature Algorithm: sha256WithRSAEncryption
49:f6:e8:5b:a8:39:f2:9c:aa:7b:e1:b2:01:f1:d4:8e:b2:b0:
e6:7c:f2:82:80:aa:8d:a9:e0:b7:88:c4:05:5c:ba:b7:c9:50:
81:9f:01:50:14:5b:cd:33:43:aa:c7:49:e4:61:14:60:b7:ea:
73:d1:1c:be:80:a9:3b:f1:c1:d6:3c:ae:70:1f:52:c6:ca:ee:
7f:22:f4:c3:53:ed:94:d9:cd:8d:fa:82:fa:93:73:a2:73:64:
c7:87:72:bc:a6:4c:87:81:31:92:e6:29:9a:66:e9:a9:10:f2:
34:b6:89:0c:47:4f:44:f7:8a:53:c6:75:0f:05:b9:38:7b:39:
d5:79:5a:f3:e1:42:4b:4f:32:c0:b7:4b:ac:7a:8b:bf:fb:e8:
ab:c5:ac:29:ef:ec:32:f0:da:fb:39:24:e4:39:3d:84:cf:d6:
e2:60:28:65:dc:9c:58:5a:bf:c9:a3:b1:6d:ba:71:a0:53:65:
07:8b:df:5e:3c:46:86:0b:cb:12:b4:f7:68:48:d0:ea:07:51:
68:90:3b:b3:fe:bd:16:7a:34:45:29:7d:9a:4d:f9:57:e3:f2:
d6:ce:66:3f:fc:4a:9b:75:20:ac:e4:dd:5d:3c:ba:0d:3d:5c:
c9:7b:e1:c0:c6:92:a2:79:c9:e6:da:03:f3:fd:89:81:95:5c:
72:33:34:7a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEKyA4ATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTk1NDQ5OTk3NzI3OGE3NTU3MGIzNDAzZjRkM2FhMDBiMWIzNmU4MB4XDTIyMDEw
MTEzNTgxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE0OWRkN2NhODAw
OWEyNmU2Mjc4ODI1YWVhZjUwZDFhMGVkZDJlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOjl/7CupqpYszxHvUsLLDTero8I/BTjid12XfyxcQ2ZWwl
GN14igKBN/gSbPedWMcUGTmutiuMrxz6tex1DWmtc7nJN5SFy1CKckWEu07mSvvL
kDJSC9hnmreh1rkj3ZFBsDLNASqYV/zVcZ+Uhk6Vilq5q1PEguCPe/T/xQfTZumH
254Sazma0P2jJdDHi/t81v9nlNZD9Wy3efK7ZhTUWY7KKL3QmFO+COdsnlTomV3V
GTZmgneYNtIlPwG12kiyKHXhK6fegF/z9HzIbMZdX5Po0n6+Gf96/7XVYD6kSTuf
U6iSjmcpHGgUE3/duztUbyV64El+hneT16RT5WMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSKSd18qACaJuYniCWur1DRoO3S4DAfBgNVHSMEGDAWgBS5lUSZl3J4p1Vw
s0A/TTqgCxs26DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VaVkVtWmR5ZUtkVmNMTkFQMDA2b0FzYk51Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8x
L2lrbmRmS2dBbWlibUo0Z2xycTlRMGFEdDB1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
Nzg4ODAzLWJlMTItNDMzZi1hOGQwLTAyNGIxNjU1YzI0Ny8xL3VaVkVtWmR5ZUtk
VmNMTkFQMDA2b0FzYk51Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXKNTANBgkqhkiG9w0BAQsFAAOC
AQEASfboW6g58pyqe+GyAfHUjrKw5nzygoCqjangt4jEBVy6t8lQgZ8BUBRbzTND
qsdJ5GEUYLfqc9EcvoCpO/HB1jyucB9SxsrufyL0w1PtlNnNjfqC+pNzonNkx4dy
vKZMh4ExkuYpmmbpqRDyNLaJDEdPRPeKU8Z1DwW5OHs51Xla8+FCS08ywLdLrHqL
v/voq8WsKe/sMvDa+zkk5Dk9hM/W4mAoZdycWFq/yaOxbbpxoFNlB4vfXjxGhgvL
ErT3aEjQ6gdRaJA7s/69Fno0RSl9mk35V+Py1s5mP/xKm3UgrOTdXTy6DT1cyXvh
wMaSonnJ5toD8/2JgZVccjM0eg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:47 2024 by rpki-client on console-fra.rpki-client.org