Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/CaHVv9FQqABD7_plPIMcI8lRopk.roa
File: CaHVv9FQqABD7_plPIMcI8lRopk.roa (raw, json)
Hash identifier: PUbv77ppGtIot6NQqJ0Dab0nRE2GKS/gOC8f4GvYHcs=
Subject key identifier: 09:A1:D5:BF:D1:50:A8:00:43:EF:FA:65:3C:83:1C:23:C9:51:A2:99
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 086A9F89
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/CaHVv9FQqABD7_plPIMcI8lRopk.roa
Signing time: Mon 31 Jan 2022 09:42:20 +0000
ROA not before: Mon 31 Jan 2022 09:42:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204287
IP address blocks: 87.239.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141205385 (0x86a9f89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 31 09:42:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09a1d5bfd150a80043effa653c831c23c951a299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:62:48:f6:05:9e:03:3d:a8:f5:00:43:64:31:
77:32:54:01:1f:b5:0a:4b:c8:22:91:95:db:2c:a4:
78:f7:df:b4:13:bd:a2:92:91:f9:fe:38:69:f7:db:
be:24:aa:1a:ed:20:30:dc:9f:7c:af:a5:ca:9b:7d:
10:6b:73:c7:d3:93:5b:c6:22:6f:82:15:19:4d:04:
07:87:c1:df:be:a6:91:54:a1:56:42:32:5c:24:88:
ac:cc:bc:36:47:0c:84:b7:e1:ff:7b:08:03:e7:a5:
d1:56:c1:f3:99:e1:17:86:0f:df:b0:7e:f5:65:4d:
08:b5:d1:41:55:67:1d:e9:67:32:96:8f:65:90:f8:
fb:ed:de:60:45:ed:0b:4b:c5:b7:a4:a7:54:f0:49:
91:6b:cc:fa:5a:a6:4e:41:9d:ba:95:05:44:1a:1c:
c7:d7:44:96:8b:0b:0d:8e:74:cd:cc:bd:48:6a:63:
1e:6f:95:49:04:33:86:1b:69:2b:a2:8d:10:b7:b1:
fc:00:5b:3e:bd:3b:9e:36:7e:8d:52:71:c9:e3:66:
0a:10:c4:1f:9b:48:59:67:22:d7:94:35:69:01:04:
94:15:c7:65:97:a3:5b:83:37:39:cc:e1:60:6b:4d:
e9:2a:4f:5f:e3:d2:54:25:38:cf:97:8e:8e:ad:c4:
8c:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:A1:D5:BF:D1:50:A8:00:43:EF:FA:65:3C:83:1C:23:C9:51:A2:99
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/CaHVv9FQqABD7_plPIMcI8lRopk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.248.0/24
Signature Algorithm: sha256WithRSAEncryption
51:ba:ce:f8:3b:77:c1:03:a3:ef:9c:15:c3:26:e5:e8:bb:37:
31:46:0b:54:7a:2a:6e:ac:39:b3:8b:c2:22:c0:7c:7c:65:4e:
fd:bf:21:3d:53:a0:65:ad:1e:e6:51:c9:fa:c0:28:2e:f0:41:
a2:70:ca:0e:38:3e:b4:5d:7f:ad:f8:17:a4:3b:9a:6e:5f:4f:
ef:ef:34:d1:39:70:05:6e:e3:c8:bf:aa:24:3e:cc:45:24:45:
2f:fb:c3:6e:49:ca:c9:3e:bb:4f:5b:b2:fb:51:0e:3d:39:ee:
ed:70:67:54:48:da:0e:9a:61:24:cc:b8:5e:95:a4:da:ff:21:
41:f0:aa:51:bb:43:f8:4c:4c:1b:d3:73:9e:e4:74:80:36:63:
51:93:b0:8b:1a:f9:b7:9d:9f:5f:2d:70:cc:87:e0:ee:18:de:
ba:1f:7a:d0:91:eb:5b:ab:39:61:a7:08:f2:98:0c:44:fc:12:
a0:fa:c2:87:00:d5:fe:d7:88:81:05:67:f0:3b:f9:fc:e8:11:
a2:e6:7f:49:34:39:41:6e:fe:02:c6:00:93:11:63:73:fb:79:
5e:1a:b3:c6:0f:83:51:4e:bb:d7:fb:01:e8:42:79:a4:11:39:
d7:3f:22:58:f1:2d:9c:1e:15:fc:25:d2:77:e7:62:b8:f1:b5:
4c:bd:b9:07
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECGqfiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjIyMDhiNDdiNmE4NjRkOWQxZmYzM2UwNmFhODFkMTM4MTlhNzRlMB4XDTIyMDEz
MTA5NDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDlhMWQ1YmZkMTUw
YTgwMDQzZWZmYTY1M2M4MzFjMjNjOTUxYTI5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtiSPYFngM9qPUAQ2QxdzJUAR+1CkvIIpGV2yykePfftBO9
opKR+f44affbviSqGu0gMNyffK+lypt9EGtzx9OTW8Yib4IVGU0EB4fB376mkVSh
VkIyXCSIrMy8NkcMhLfh/3sIA+el0VbB85nhF4YP37B+9WVNCLXRQVVnHelnMpaP
ZZD4++3eYEXtC0vFt6SnVPBJkWvM+lqmTkGdupUFRBocx9dElosLDY50zcy9SGpj
Hm+VSQQzhhtpK6KNELex/ABbPr07njZ+jVJxyeNmChDEH5tIWWci15Q1aQEElBXH
ZZejW4M3OczhYGtN6SpPX+PSVCU4z5eOjq3EjCMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJodW/0VCoAEPv+mU8gxwjyVGimTAfBgNVHSMEGDAWgBSSIgi0e2qGTZ0f
8z4GqoHROBmnTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tpSUl0SHRxaGsyZEhfTS1CcXFCMFRnWnAwNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjUvNjk5MGU5LWMzYzAtNDc4YS05OTk3LTk1YjA4ZTM2NjBjZi8x
L0NhSFZ2OUZRcUFCRDdfcGxQSU1jSThsUm9way5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjUv
Njk5MGU5LWMzYzAtNDc4YS05OTk3LTk1YjA4ZTM2NjBjZi8xL2tpSUl0SHRxaGsy
ZEhfTS1CcXFCMFRnWnAwNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFfv+DANBgkqhkiG9w0BAQsFAAOC
AQEAUbrO+Dt3wQOj75wVwybl6Ls3MUYLVHoqbqw5s4vCIsB8fGVO/b8hPVOgZa0e
5lHJ+sAoLvBBonDKDjg+tF1/rfgXpDuabl9P7+800TlwBW7jyL+qJD7MRSRFL/vD
bknKyT67T1uy+1EOPTnu7XBnVEjaDpphJMy4XpWk2v8hQfCqUbtD+ExMG9NznuR0
gDZjUZOwixr5t52fXy1wzIfg7hjeuh960JHrW6s5YacI8pgMRPwSoPrChwDV/teI
gQVn8Dv5/OgRouZ/STQ5QW7+AsYAkxFjc/t5Xhqzxg+DUU671/sB6EJ5pBE51z8i
WPEtnB4V/CXSd+diuPG1TL25Bw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:47 2024 by rpki-client on console-ams.rpki-client.org