Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/1-9yPhX9F2K9wpRqgekthh3dm4tM.roa
File: 1-9yPhX9F2K9wpRqgekthh3dm4tM.roa (raw, json)
Hash identifier: RGPmjAbmLtmbyVUONJLx+62dPzfHqrPmbE267Cev7DU=
Subject key identifier: FB:DC:8F:85:7F:45:D8:AF:70:A5:1A:A0:7A:4B:61:87:77:66:E2:D3
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 01851A8A1538F3CB4F6318607CC66DA4A709
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/1-9yPhX9F2K9wpRqgekthh3dm4tM.roa
Signing time: Fri 16 Dec 2022 10:45:35 +0000
ROA not before: Fri 16 Dec 2022 10:45:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203425
IP address blocks: 93.95.8.0/21 maxlen: 24
151.236.208.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:8a:15:38:f3:cb:4f:63:18:60:7c:c6:6d:a4:a7:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Dec 16 10:45:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbdc8f857f45d8af70a51aa07a4b61877766e2d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:72:17:dc:1e:82:b9:d3:35:ba:d4:e5:7f:2f:
1e:8f:1a:e0:ac:d0:ca:d1:4a:62:34:46:4e:26:9e:
5a:1f:fc:50:f8:e7:85:02:80:0b:2f:47:6e:4c:53:
82:e1:19:4f:79:e2:63:7d:90:fa:ac:f2:22:bb:a2:
af:ea:1f:ce:77:d7:c8:c4:e4:47:f3:b4:5a:96:de:
7d:58:26:33:cd:94:5a:ca:a4:f4:32:d4:74:fb:e7:
c6:9f:e5:cc:4c:7c:28:45:a5:96:43:55:4a:c0:aa:
a0:50:a1:4b:85:e5:2b:58:4c:7d:07:05:64:75:1f:
f5:ae:37:81:1c:e4:d3:0e:34:3a:51:66:cc:62:99:
47:19:da:e4:ea:50:9f:ef:10:6c:49:d7:97:e0:86:
0e:d5:6c:a8:11:0d:50:66:7d:cc:99:e0:d2:11:db:
67:20:e2:8f:f7:ed:a5:6f:78:df:fe:0a:59:f2:32:
3b:a1:d8:7a:76:7e:0c:17:b6:5d:6d:40:15:cb:10:
88:7b:a7:49:75:77:46:30:8d:8e:aa:5a:37:82:bc:
c4:14:9b:a7:0e:32:8f:a5:35:6f:13:9b:b0:1f:1f:
54:14:c0:59:60:2f:1d:4c:da:19:69:b9:65:55:9e:
4f:0d:30:9b:12:82:bf:b4:37:f8:fc:2f:a3:cf:bf:
84:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DC:8F:85:7F:45:D8:AF:70:A5:1A:A0:7A:4B:61:87:77:66:E2:D3
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/1-9yPhX9F2K9wpRqgekthh3dm4tM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.8.0/21
151.236.208.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:50:99:e1:28:10:7a:cd:da:a2:d7:16:bc:dd:64:50:d2:d6:
31:a8:d8:fe:28:f3:f2:d7:3d:04:2c:cb:b8:3a:4c:0a:cd:93:
5d:58:51:83:a9:16:e0:7b:96:dc:76:55:a0:06:e2:39:c2:21:
26:07:eb:72:90:18:8a:d3:ce:b3:42:c4:6e:01:32:56:2b:2f:
14:0f:e1:44:b1:f5:94:ed:42:fb:b6:a7:3c:5f:a8:48:35:ca:
a4:7e:2a:4c:dd:f4:a1:0e:33:4f:e0:95:90:28:e9:5b:06:77:
6e:15:49:4e:71:9e:4e:68:f7:18:26:6c:31:08:3d:4b:98:32:
53:e1:02:e1:5c:d7:bb:2e:53:2c:65:ad:59:2d:7c:79:45:6d:
da:23:9e:4e:40:37:ce:94:6b:67:27:08:17:45:d9:8b:99:ee:
74:90:2c:bb:6c:9e:aa:6a:c5:bc:98:39:7e:3d:e1:b9:a7:46:
2b:f5:ac:09:df:0b:8a:f5:75:e4:c8:20:61:1c:1a:68:0e:06:
a5:03:bb:7e:26:70:e7:47:3b:b9:d1:98:9f:7d:5a:a2:e8:ca:
16:57:57:4e:aa:66:56:11:8a:d6:b1:e2:34:b2:ec:2a:93:ba:
d9:d1:71:06:cb:95:fc:62:bb:00:bd:07:ac:cc:9c:d5:e7:b0:
8b:e5:b6:28
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYUaihU488tPYxhgfMZtpKcJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjIxMjE2MTA0NTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmRjOGY4NTdmNDVkOGFmNzBhNTFhYTA3YTRiNjE4Nzc3NjZlMmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnIX3B6CudM1utTlfy8ejxrgrNDK
0UpiNEZOJp5aH/xQ+OeFAoALL0duTFOC4RlPeeJjfZD6rPIiu6Kv6h/Od9fIxORH
87Ralt59WCYzzZRayqT0MtR0++fGn+XMTHwoRaWWQ1VKwKqgUKFLheUrWEx9BwVk
dR/1rjeBHOTTDjQ6UWbMYplHGdrk6lCf7xBsSdeX4IYO1WyoEQ1QZn3MmeDSEdtn
IOKP9+2lb3jf/gpZ8jI7odh6dn4MF7ZdbUAVyxCIe6dJdXdGMI2Oqlo3grzEFJun
DjKPpTVvE5uwHx9UFMBZYC8dTNoZabllVZ5PDTCbEoK/tDf4/C+jz7+EgQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPvcj4V/RdivcKUaoHpLYYd3ZuLTMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvMS05eVBoWDlGMks5d3BScWdla3RoaDNkbTR0TS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWEvODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRj
NC8xL3lFMWh6UmZ0a3VWTHN6bF9IbHByT1FTc2J3VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA11fCAME
A5fs0DANBgkqhkiG9w0BAQsFAAOCAQEALFCZ4SgQes3aotcWvN1kUNLWMajY/ijz
8tc9BCzLuDpMCs2TXVhRg6kW4HuW3HZVoAbiOcIhJgfrcpAYitPOs0LEbgEyVisv
FA/hRLH1lO1C+7anPF+oSDXKpH4qTN30oQ4zT+CVkCjpWwZ3bhVJTnGeTmj3GCZs
MQg9S5gyU+EC4VzXuy5TLGWtWS18eUVt2iOeTkA3zpRrZycIF0XZi5nudJAsu2ye
qmrFvJg5fj3huadGK/WsCd8LivV15MggYRwaaA4GpQO7fiZw50c7udGYn31aoujK
FldXTqpmVhGK1rHiNLLsKpO62dFxBsuV/GK7AL0HrMyc1eewi+W2KA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:38 2024 by rpki-client on console-ams.rpki-client.org