Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/9K-LDrGcUUL4jsRaWc9kKuQjWzM.roa
File: 9K-LDrGcUUL4jsRaWc9kKuQjWzM.roa (raw, json)
Hash identifier: QUfgY996me7Trl8CtF2p+dg7944LnZD16iCGA0H3aj8=
Subject key identifier: F4:AF:8B:0E:B1:9C:51:42:F8:8E:C4:5A:59:CF:64:2A:E4:23:5B:33
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 09B76B5D
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/9K-LDrGcUUL4jsRaWc9kKuQjWzM.roa
Signing time: Sat 01 Jan 2022 13:55:44 +0000
ROA not before: Sat 01 Jan 2022 13:55:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198047
IP address blocks: 185.11.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163015517 (0x9b76b5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 13:55:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4af8b0eb19c5142f88ec45a59cf642ae4235b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:55:ba:30:eb:57:7d:38:b8:92:c4:c0:d4:8e:
aa:74:3f:01:60:a6:9b:73:52:8a:45:44:98:4e:5e:
41:74:25:3f:f8:20:bf:83:1d:7e:96:7a:df:3f:de:
e8:d3:58:e0:91:6a:7e:60:2c:1b:76:4f:e2:3a:32:
b0:78:92:ed:91:dc:fc:64:77:a1:de:c2:55:ef:f6:
a0:8b:f9:58:2f:3c:f9:d3:0c:e0:de:77:49:10:91:
17:bc:de:b0:69:09:a2:db:e3:81:cf:58:4a:bc:1b:
a3:fa:6a:b4:ec:f7:aa:f6:1a:a7:4d:15:62:48:cb:
84:64:07:ac:a1:57:ce:db:3b:3a:c1:bd:db:c4:da:
52:37:7b:e6:fd:4c:51:12:67:3c:1a:9c:a4:1b:36:
ae:a0:cc:36:0a:13:d3:14:8b:85:a6:a3:e0:0d:58:
67:77:0d:be:3b:e9:4e:1b:b0:63:ab:b9:d6:d2:8d:
22:8d:54:c7:dd:e5:a9:b0:ce:72:43:5a:09:16:49:
a8:b5:67:a5:4b:a1:38:e2:bb:18:3a:10:b3:7b:54:
e6:aa:96:70:a5:ce:d8:df:41:b1:e7:2a:7a:6d:d5:
c8:9d:8a:f0:d1:c1:85:12:f3:23:ed:b0:47:00:28:
70:d3:28:2e:c1:ec:f1:bb:43:00:ca:67:45:0f:87:
54:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AF:8B:0E:B1:9C:51:42:F8:8E:C4:5A:59:CF:64:2A:E4:23:5B:33
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/9K-LDrGcUUL4jsRaWc9kKuQjWzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.240.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:0f:eb:ff:4f:09:40:04:40:c0:65:41:1a:76:2f:a2:72:f2:
83:6e:fd:1d:a4:54:69:fd:c0:1f:6b:b8:f0:a3:1e:6f:26:76:
d2:5b:46:83:89:ae:da:bf:87:3f:b4:f6:af:dc:23:9a:1b:e6:
90:22:27:37:7e:16:bb:fc:16:be:4d:ac:4a:93:29:30:1b:d0:
cf:b2:06:8d:eb:9f:18:65:6e:e5:96:20:a0:ea:44:50:02:dd:
4c:60:fd:b3:16:7e:b8:ca:ed:1d:5a:c2:93:67:1d:04:b8:79:
9c:3c:5c:32:9e:f4:e3:5a:92:ba:cb:0c:2b:32:69:1d:9f:d7:
28:0e:c6:2e:fe:98:0c:b3:e1:0d:61:f0:b9:fd:60:ce:a0:ff:
26:42:2d:c5:18:ba:a7:54:63:5c:5f:30:47:02:6f:e4:35:f9:
b5:d1:5c:cb:53:22:eb:db:9c:04:db:80:9e:97:c9:18:3f:ad:
b2:ce:c7:a2:28:9d:d2:56:d0:15:16:cf:99:84:5a:7f:5f:29:
04:5e:54:f7:96:f3:46:fd:a4:02:02:4d:11:0d:4b:95:5b:4c:
b7:9d:24:35:a8:3a:df:b0:b4:90:7a:fb:de:b7:97:02:e6:c4:
43:87:e4:ed:95:c9:8c:17:6f:94:70:22:cb:36:53:24:bf:0c:
ce:f9:0e:85
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECbdrXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ODRkNjFjZDE3ZWQ5MmU1NGJiMzM5N2YxZTVhNmIzOTA0YWM2ZjA1MB4XDTIyMDEw
MTEzNTU0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRhZjhiMGViMTlj
NTE0MmY4OGVjNDVhNTljZjY0MmFlNDIzNWIzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdVujDrV304uJLEwNSOqnQ/AWCmm3NSikVEmE5eQXQlP/gg
v4MdfpZ63z/e6NNY4JFqfmAsG3ZP4joysHiS7ZHc/GR3od7CVe/2oIv5WC88+dMM
4N53SRCRF7zesGkJotvjgc9YSrwbo/pqtOz3qvYap00VYkjLhGQHrKFXzts7OsG9
28TaUjd75v1MURJnPBqcpBs2rqDMNgoT0xSLhaaj4A1YZ3cNvjvpThuwY6u51tKN
Io1Ux93lqbDOckNaCRZJqLVnpUuhOOK7GDoQs3tU5qqWcKXO2N9Bsecqem3VyJ2K
8NHBhRLzI+2wRwAocNMoLsHs8btDAMpnRQ+HVMUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0r4sOsZxRQviOxFpZz2Qq5CNbMzAfBgNVHSMEGDAWgBTITWHNF+2S5Uuz
OX8eWms5BKxvBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lFMWh6UmZ0a3VWTHN6bF9IbHByT1FTc2J3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRjNC8x
LzlLLUxEckdjVVVMNGpzUmFXYzlrS3VRald6TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
ODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRjNC8xL3lFMWh6UmZ0a3VW
THN6bF9IbHByT1FTc2J3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkL8DANBgkqhkiG9w0BAQsFAAOC
AQEAaw/r/08JQARAwGVBGnYvonLyg279HaRUaf3AH2u48KMebyZ20ltGg4mu2r+H
P7T2r9wjmhvmkCInN34Wu/wWvk2sSpMpMBvQz7IGjeufGGVu5ZYgoOpEUALdTGD9
sxZ+uMrtHVrCk2cdBLh5nDxcMp7041qSussMKzJpHZ/XKA7GLv6YDLPhDWHwuf1g
zqD/JkItxRi6p1RjXF8wRwJv5DX5tdFcy1Mi69ucBNuAnpfJGD+tss7Hoiid0lbQ
FRbPmYRaf18pBF5U95bzRv2kAgJNEQ1LlVtMt50kNag637C0kHr73reXAubEQ4fk
7ZXJjBdvlHAiyzZTJL8MzvkOhQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:17 2024 by rpki-client on console-fra.rpki-client.org