Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/f9AaCOv3kgdJoCtmoHmhrhCeLI4.roa
File: f9AaCOv3kgdJoCtmoHmhrhCeLI4.roa (raw, json)
Hash identifier: 17x4Gi7UM7hxB2PQ+tP6m6kBIYRJtzvNUkNjKT8K9tk=
Subject key identifier: 7F:D0:1A:08:EB:F7:92:07:49:A0:2B:66:A0:79:A1:AE:10:9E:2C:8E
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 0184A0220A4A85DA5210CC6C29165B1C5E48
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/f9AaCOv3kgdJoCtmoHmhrhCeLI4.roa
Signing time: Tue 22 Nov 2022 16:18:16 +0000
ROA not before: Tue 22 Nov 2022 16:18:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 87.248.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a0:22:0a:4a:85:da:52:10:cc:6c:29:16:5b:1c:5e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Nov 22 16:18:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7fd01a08ebf7920749a02b66a079a1ae109e2c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cb:d9:ca:84:82:be:99:8c:18:2c:6e:12:1e:
79:b0:56:90:f0:54:f6:c9:87:83:f0:7a:f8:d7:eb:
db:d3:c5:d2:65:b6:ce:57:68:e2:ba:6b:8c:fd:74:
71:55:dd:85:75:40:bd:ac:c2:7c:e4:12:f5:46:db:
5a:4b:2d:29:34:fd:75:e5:f8:bb:94:f6:4d:b0:c9:
4d:8c:75:18:e0:76:4d:59:f6:bd:59:5b:d3:99:9c:
11:29:a3:e4:31:54:55:b7:47:e0:a1:1e:e9:b3:2e:
9f:56:35:78:b8:e5:96:cf:76:e2:44:3b:49:91:03:
f6:1b:75:a8:ae:db:4e:c2:f0:14:d9:b7:66:9b:4a:
ce:7e:81:4b:73:5a:0f:c4:d0:8d:76:c4:19:f5:8d:
24:bd:e4:d5:e3:8f:ee:6b:7c:9a:a6:79:a1:f7:94:
46:c3:a0:15:ed:94:cc:49:05:54:b7:7a:d1:14:f6:
f3:07:28:96:7c:12:ed:9a:44:be:62:cd:23:e3:a6:
de:55:18:fd:d3:87:5c:af:df:6e:dc:90:af:6d:e5:
fa:6c:35:39:0c:18:10:9b:54:8b:7b:19:8c:4e:15:
f6:ee:d0:19:22:77:68:fb:9f:2d:5c:8a:d1:bd:c9:
1a:be:c4:29:35:40:58:dd:0c:fb:37:4c:5e:39:b6:
f2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:D0:1A:08:EB:F7:92:07:49:A0:2B:66:A0:79:A1:AE:10:9E:2C:8E
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/f9AaCOv3kgdJoCtmoHmhrhCeLI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.157.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:06:21:3f:95:29:25:d5:a4:77:fb:ce:be:95:84:8b:d1:2d:
d2:9f:9b:98:b5:95:7a:5a:bf:c2:2d:b8:c7:eb:19:ff:79:f1:
57:40:59:14:f9:75:56:e4:2d:75:36:dc:6d:69:f0:8c:f1:59:
8b:ee:31:12:ed:42:d2:ed:13:15:0b:ec:aa:23:13:2f:ca:76:
90:9d:f5:1e:53:a6:59:8a:b1:f5:ac:76:43:e0:00:b4:e8:91:
75:62:95:49:85:9f:e1:b5:d8:be:80:f4:95:f8:56:70:da:7d:
b3:88:80:71:47:31:0e:fe:dd:3c:80:5f:fe:08:f9:f5:8d:b1:
c9:78:b3:5b:51:83:f1:c1:e0:e9:9e:d3:3b:28:65:12:50:a7:
d9:95:dc:7b:83:bb:a4:be:2c:cf:56:49:f9:b2:46:5a:0f:9e:
c5:d5:ce:01:c2:e5:94:d5:da:e5:30:86:57:78:a4:d4:05:a6:
a2:59:43:83:1e:a2:0c:85:65:2c:47:5d:ac:2b:91:97:06:d1:
42:c8:ed:3d:38:6b:51:ac:b3:9f:44:dd:a7:02:0c:e0:cc:5e:
b6:b2:33:1b:53:5c:9b:dd:91:fd:8d:c9:bc:34:2e:95:81:f7:
88:fb:ab:21:75:c9:a0:b1:03:61:25:9c:ba:91:0b:e1:6b:8c:
f4:f9:e9:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSgIgpKhdpSEMxsKRZbHF5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIxMTIyMTYxODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmQwMWEwOGViZjc5MjA3NDlhMDJiNjZhMDc5YTFhZTEwOWUyYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8vZyoSCvpmMGCxuEh55sFaQ8FT2
yYeD8Hr41+vb08XSZbbOV2jiumuM/XRxVd2FdUC9rMJ85BL1RttaSy0pNP115fi7
lPZNsMlNjHUY4HZNWfa9WVvTmZwRKaPkMVRVt0fgoR7psy6fVjV4uOWWz3biRDtJ
kQP2G3WorttOwvAU2bdmm0rOfoFLc1oPxNCNdsQZ9Y0kveTV44/ua3yapnmh95RG
w6AV7ZTMSQVUt3rRFPbzByiWfBLtmkS+Ys0j46beVRj904dcr99u3JCvbeX6bDU5
DBgQm1SLexmMThX27tAZIndo+58tXIrRvckavsQpNUBY3Qz7N0xeObbygwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/QGgjr95IHSaArZqB5oa4QniyOMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvZjlBYUNPdjNrZ2RKb0N0bW9IbWhyaENlTEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/idMA0G
CSqGSIb3DQEBCwUAA4IBAQCaBiE/lSkl1aR3+86+lYSL0S3Sn5uYtZV6Wr/CLbjH
6xn/efFXQFkU+XVW5C11NtxtafCM8VmL7jES7ULS7RMVC+yqIxMvynaQnfUeU6ZZ
irH1rHZD4AC06JF1YpVJhZ/htdi+gPSV+FZw2n2ziIBxRzEO/t08gF/+CPn1jbHJ
eLNbUYPxweDpntM7KGUSUKfZldx7g7ukvizPVkn5skZaD57F1c4BwuWU1drlMIZX
eKTUBaaiWUODHqIMhWUsR12sK5GXBtFCyO09OGtRrLOfRN2nAgzgzF62sjMbU1yb
3ZH9jcm8NC6VgfeI+6shdcmgsQNhJZy6kQvha4z0+eng
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:26 2024 by rpki-client on console-ams.rpki-client.org