Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/1-XBfkrowG5b3TV-7gHelHVsP38g.roa
File: 1-XBfkrowG5b3TV-7gHelHVsP38g.roa (raw, json)
Hash identifier: Hjd5TKJ0VeMo7hEuytm0bZmbLQI3In5YAtpdNsUd3Ic=
Subject key identifier: F9:70:5F:92:BA:30:1B:96:F7:4D:5F:BB:80:77:A5:1D:5B:0F:DF:C8
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 018281477A46B772A6E640E30CAA64A824BE
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/1-XBfkrowG5b3TV-7gHelHVsP38g.roa
Signing time: Tue 09 Aug 2022 06:25:21 +0000
ROA not before: Tue 09 Aug 2022 06:25:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 87.248.134.0/24 maxlen: 24
87.248.143.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:81:47:7a:46:b7:72:a6:e6:40:e3:0c:aa:64:a8:24:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Aug 9 06:25:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9705f92ba301b96f74d5fbb8077a51d5b0fdfc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:70:e5:a1:88:98:2c:b5:e3:1c:f1:08:93:91:
cc:f0:5a:0b:30:fa:96:e7:05:46:de:32:7b:c2:89:
dd:49:21:8c:28:34:d2:88:14:be:a1:55:6c:11:ba:
68:d8:df:91:a8:6e:8a:a0:c2:f5:ee:b6:8b:d0:7f:
31:76:a6:aa:66:dc:08:8c:54:86:d6:ad:5c:c8:a3:
b8:93:37:35:6c:7c:53:0e:07:7d:ba:63:34:0f:7d:
4a:3b:d3:6b:aa:3f:70:4b:f9:95:af:e5:39:ea:43:
57:22:93:17:45:56:61:1f:41:6c:ec:43:06:08:df:
0b:7b:00:d8:f0:36:87:fa:f2:82:5e:21:68:02:13:
0f:0c:f9:84:34:6c:e1:c5:38:ee:ed:af:c4:35:f4:
4a:67:c8:74:71:b4:a8:db:79:9a:b1:83:27:6c:62:
d1:a3:f1:f8:28:c0:5e:d7:92:15:9d:a3:43:f1:84:
de:2a:30:ea:a7:7d:a0:1b:06:9b:4c:0b:33:2d:b0:
bd:8b:7a:8d:29:c5:0b:f4:bf:22:27:18:29:93:36:
6e:b5:b1:05:9f:27:26:f8:82:71:7e:26:ec:78:5e:
81:29:0a:d3:59:58:23:3c:c2:a5:58:eb:96:3f:68:
77:95:78:d0:32:16:ac:53:53:41:3b:70:3b:f4:2c:
b0:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:70:5F:92:BA:30:1B:96:F7:4D:5F:BB:80:77:A5:1D:5B:0F:DF:C8
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/1-XBfkrowG5b3TV-7gHelHVsP38g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.134.0/24
87.248.143.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:39:ae:59:97:3c:3b:f6:f6:c1:33:02:5f:d6:f5:41:85:28:
f2:40:29:71:6b:c1:ed:bd:c5:be:7c:9c:31:45:0a:2b:2e:2c:
6e:91:9e:0a:97:ee:19:eb:92:8e:eb:f5:f8:2a:f6:80:c4:24:
1d:8f:ae:e8:d3:2d:5d:44:c5:49:a2:61:ac:fc:40:3e:cc:e0:
cf:ac:12:67:8e:9e:6c:63:d8:83:c5:9b:5f:47:04:58:b0:ae:
e0:2c:a6:66:e1:40:d1:7a:ec:7e:2b:ea:f4:bc:ce:ee:f5:95:
36:aa:4a:08:99:4a:76:bd:58:44:7f:b6:b7:7c:0f:45:26:57:
25:83:05:37:b5:27:9a:83:74:f0:56:fd:20:df:f6:e6:d5:64:
d9:3c:33:ef:fc:e6:f5:53:b3:72:70:51:b1:39:88:47:a9:2d:
c6:ba:bc:b2:17:54:24:af:71:1d:cb:d9:af:79:90:81:35:06:
85:5c:27:b7:3f:54:87:b8:50:a1:4d:b3:ec:cd:f4:c3:f7:1c:
55:6f:a4:87:c7:47:c2:51:25:a2:b6:03:3f:cd:60:6c:b6:c0:
e8:67:b0:03:51:1f:9d:00:18:08:c2:5f:82:64:fe:53:c4:da:
d1:a3:1d:a0:3e:97:99:33:43:8b:aa:8d:ec:4e:cc:95:42:d3:
2e:2a:74:ce
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYKBR3pGt3Km5kDjDKpkqCS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIwODA5MDYyNTIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTcwNWY5MmJhMzAxYjk2Zjc0ZDVmYmI4MDc3YTUxZDViMGZkZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHDloYiYLLXjHPEIk5HM8FoLMPqW
5wVG3jJ7wondSSGMKDTSiBS+oVVsEbpo2N+RqG6KoML17raL0H8xdqaqZtwIjFSG
1q1cyKO4kzc1bHxTDgd9umM0D31KO9Nrqj9wS/mVr+U56kNXIpMXRVZhH0Fs7EMG
CN8LewDY8DaH+vKCXiFoAhMPDPmENGzhxTju7a/ENfRKZ8h0cbSo23masYMnbGLR
o/H4KMBe15IVnaND8YTeKjDqp32gGwabTAszLbC9i3qNKcUL9L8iJxgpkzZutbEF
nycm+IJxfibseF6BKQrTWVgjPMKlWOuWP2h3lXjQMhasU1NBO3A79CywRwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPlwX5K6MBuW901fu4B3pR1bD9/IMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvMS1YQmZrcm93RzViM1RWLTdnSGVsSFZzUDM4Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1
NC8xL2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFf4hgME
AFf4jzANBgkqhkiG9w0BAQsFAAOCAQEAKzmuWZc8O/b2wTMCX9b1QYUo8kApcWvB
7b3FvnycMUUKKy4sbpGeCpfuGeuSjuv1+Cr2gMQkHY+u6NMtXUTFSaJhrPxAPszg
z6wSZ46ebGPYg8WbX0cEWLCu4CymZuFA0Xrsfivq9LzO7vWVNqpKCJlKdr1YRH+2
t3wPRSZXJYMFN7UnmoN08Fb9IN/25tVk2Twz7/zm9VOzcnBRsTmIR6ktxrq8shdU
JK9xHcvZr3mQgTUGhVwntz9Uh7hQoU2z7M30w/ccVW+kh8dHwlElorYDP81gbLbA
6GewA1EfnQAYCMJfgmT+U8Ta0aMdoD6XmTNDi6qN7E7MlULTLip0zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org