Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/CLMUY70PimXvFzcQbhXiuDFE8Iw.roa
File: CLMUY70PimXvFzcQbhXiuDFE8Iw.roa (raw, json)
Hash identifier: yhR5dbHJJD2Vsx9ENCPo+KQvwtWulVtGqsZc8aTZpDo=
Subject key identifier: 08:B3:14:63:BD:0F:8A:65:EF:17:37:10:6E:15:E2:B8:31:44:F0:8C
Certificate issuer: /CN=f04d278485ffaea79e910a262533a80b5ab91c8a
Certificate serial: 0184E29A3989410F01E6BDD5CB5164496ACF
Authority key identifier: F0:4D:27:84:85:FF:AE:A7:9E:91:0A:26:25:33:A8:0B:5A:B9:1C:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E0nhIX_rqeekQomJTOoC1q5HIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/CLMUY70PimXvFzcQbhXiuDFE8Iw.roa
Signing time: Mon 05 Dec 2022 14:04:28 +0000
ROA not before: Mon 05 Dec 2022 14:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60068
IP address blocks: 185.253.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:9a:39:89:41:0f:01:e6:bd:d5:cb:51:64:49:6a:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04d278485ffaea79e910a262533a80b5ab91c8a
Validity
Not Before: Dec 5 14:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08b31463bd0f8a65ef1737106e15e2b83144f08c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:35:84:c4:c3:4f:0d:cb:0f:96:d5:b9:54:30:
ec:99:2b:8f:2b:8f:3d:7c:9a:3a:1e:cc:e5:c6:28:
ca:1a:72:ce:74:9b:a4:e3:60:e8:64:65:73:e0:c3:
82:28:91:03:bc:4e:d1:a1:7a:0a:17:8c:5b:ac:b8:
49:8a:cf:14:94:08:bf:77:a5:df:e8:cb:f0:f0:d8:
71:f7:92:33:10:f5:a8:b2:bc:8f:31:82:34:7d:e5:
49:d7:7e:05:b1:f9:29:60:88:85:ac:4f:5f:18:79:
c6:b1:a4:d8:32:b1:66:40:a4:65:f8:87:04:ed:30:
ac:18:6a:0b:72:d0:cd:f9:59:37:55:1b:0b:1f:70:
6e:ab:f7:54:5e:ee:7a:d2:bf:ba:8e:24:a7:06:95:
b0:3f:9a:28:f5:61:8f:88:2b:08:8a:87:d7:70:e8:
38:ac:bd:6e:65:0c:06:b0:89:cd:4c:5e:7b:ca:b5:
2c:59:bb:40:7f:90:45:68:39:a7:80:3f:d2:f9:6f:
e2:b7:07:9c:9c:13:d0:73:35:26:89:48:78:30:0c:
5a:49:bd:b3:c9:40:37:ef:3c:be:50:eb:a0:74:71:
b6:5d:97:f7:0f:ae:37:da:0a:ed:46:2b:15:3e:70:
d0:7d:26:30:cf:01:df:a9:c7:de:91:9d:01:8d:5a:
99:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:B3:14:63:BD:0F:8A:65:EF:17:37:10:6E:15:E2:B8:31:44:F0:8C
X509v3 Authority Key Identifier:
keyid:F0:4D:27:84:85:FF:AE:A7:9E:91:0A:26:25:33:A8:0B:5A:B9:1C:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E0nhIX_rqeekQomJTOoC1q5HIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/CLMUY70PimXvFzcQbhXiuDFE8Iw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/8E0nhIX_rqeekQomJTOoC1q5HIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.108.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:46:ec:bd:3e:50:37:92:c2:32:cb:a6:f3:6e:76:af:cf:b0:
20:55:5f:dd:d1:87:57:3b:94:78:0c:bc:2a:34:e3:2e:8e:90:
14:ef:3a:a8:c6:a1:c9:e4:2a:47:eb:2d:5f:d5:90:e6:0f:94:
90:73:8e:2c:9b:8a:20:8f:55:d5:90:90:b2:f6:c5:03:26:93:
41:c8:8e:85:5b:5a:55:ed:b6:ca:17:ef:cc:2c:c2:7f:a9:bc:
40:d4:ad:8f:31:11:6b:bc:45:94:27:8c:c4:d3:f6:6d:1e:a2:
ad:de:46:e0:05:ff:07:37:24:f1:61:56:16:7d:70:6a:c2:e6:
8d:3c:b8:1d:46:26:8b:a0:e2:d5:69:1e:a0:83:4a:0e:da:1b:
3b:1c:b9:5d:93:05:f2:b9:55:d0:f7:6a:7c:b6:75:4d:91:3f:
f7:1d:c7:19:40:5f:3d:9e:ad:07:77:58:87:d0:cd:6a:cc:b8:
bd:c3:51:8e:16:38:41:f1:24:0c:bf:e7:ce:2c:f8:e9:0f:52:
36:a0:f4:9b:25:bc:73:73:cc:52:bf:3a:44:5a:8b:7d:ef:c1:
4c:9e:3b:c9:db:12:ec:11:74:ae:70:13:ce:7c:43:9b:59:b2:
35:87:36:15:eb:4a:37:c2:e2:fa:18:8d:10:7b:c4:4f:7a:bd:
51:ad:c1:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTimjmJQQ8B5r3Vy1FkSWrPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGQyNzg0ODVmZmFlYTc5ZTkxMGEyNjI1MzNhODBiNWFi
OTFjOGEwHhcNMjIxMjA1MTQwNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGIzMTQ2M2JkMGY4YTY1ZWYxNzM3MTA2ZTE1ZTJiODMxNDRmMDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDWExMNPDcsPltW5VDDsmSuPK489
fJo6HszlxijKGnLOdJuk42DoZGVz4MOCKJEDvE7RoXoKF4xbrLhJis8UlAi/d6Xf
6Mvw8Nhx95IzEPWosryPMYI0feVJ134FsfkpYIiFrE9fGHnGsaTYMrFmQKRl+IcE
7TCsGGoLctDN+Vk3VRsLH3Buq/dUXu560r+6jiSnBpWwP5oo9WGPiCsIiofXcOg4
rL1uZQwGsInNTF57yrUsWbtAf5BFaDmngD/S+W/itwecnBPQczUmiUh4MAxaSb2z
yUA37zy+UOugdHG2XZf3D6432grtRisVPnDQfSYwzwHfqcfekZ0BjVqZ1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAizFGO9D4pl7xc3EG4V4rgxRPCMMB8GA1UdIwQY
MBaAFPBNJ4SF/66nnpEKJiUzqAtauRyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEUwbmhJWF9ycWVla1FvbUpUT29DMXE1SElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9hYTc0MjYtNzExZC00ZjNlLThkZjkt
NWMwZTMxNmQyOGI4LzEvQ0xNVVk3MFBpbVh2RnpjUWJoWGl1REZFOEl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9hYTc0MjYtNzExZC00ZjNlLThkZjktNWMwZTMxNmQyOGI4
LzEvOEUwbmhJWF9ycWVla1FvbUpUT29DMXE1SElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf1sMA0G
CSqGSIb3DQEBCwUAA4IBAQBvRuy9PlA3ksIyy6bzbnavz7AgVV/d0YdXO5R4DLwq
NOMujpAU7zqoxqHJ5CpH6y1f1ZDmD5SQc44sm4ogj1XVkJCy9sUDJpNByI6FW1pV
7bbKF+/MLMJ/qbxA1K2PMRFrvEWUJ4zE0/ZtHqKt3kbgBf8HNyTxYVYWfXBqwuaN
PLgdRiaLoOLVaR6gg0oO2hs7HLldkwXyuVXQ92p8tnVNkT/3HccZQF89nq0Hd1iH
0M1qzLi9w1GOFjhB8SQMv+fOLPjpD1I2oPSbJbxzc8xSvzpEWot978FMnjvJ2xLs
EXSucBPOfEObWbI1hzYV60o3wuL6GI0Qe8RPer1RrcFc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:21 2023 by rpki-client on console-ams.rpki-client.org