Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/nk34J13Ugjz99-VaEZIeuoxgm4c.roa
File: nk34J13Ugjz99-VaEZIeuoxgm4c.roa (raw, json)
Hash identifier: KU5eYcyh8GmxrX8i9T2spdfJXKIg1c4FrfW39N65wEo=
Subject key identifier: 9E:4D:F8:27:5D:D4:82:3C:FD:F7:E5:5A:11:92:1E:BA:8C:60:9B:87
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 018461681F878D427391E38F8D88D4160CCF
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/nk34J13Ugjz99-VaEZIeuoxgm4c.roa
Signing time: Thu 10 Nov 2022 11:58:44 +0000
ROA not before: Thu 10 Nov 2022 11:58:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 87.248.151.0/24 maxlen: 24
87.248.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:61:68:1f:87:8d:42:73:91:e3:8f:8d:88:d4:16:0c:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: Nov 10 11:58:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e4df8275dd4823cfdf7e55a11921eba8c609b87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:35:d5:1a:eb:fa:2d:bb:f3:2c:aa:7a:2f:95:
2b:a1:32:5a:a6:c1:f0:f3:55:6d:52:45:39:b6:3b:
38:f4:4e:0c:a7:97:0d:b4:07:78:65:b0:15:b2:47:
ea:ef:73:1e:2f:9b:78:21:42:86:13:72:20:44:4d:
cf:1b:92:ff:7a:d5:2f:b6:fe:b4:6f:54:3b:4d:d8:
7f:8a:76:81:92:e4:f3:70:77:1d:29:a8:d7:96:ab:
0a:fa:c9:ca:21:23:15:4c:34:47:0b:a5:9c:81:1f:
bc:83:63:4f:c2:3a:cf:ec:28:1c:dd:d7:4c:f4:3c:
9b:09:f1:d6:54:44:67:8b:84:3d:d4:2c:ba:42:a8:
d0:14:f4:bf:04:ab:b6:6c:36:cf:3f:02:fe:d6:a9:
89:f4:a6:84:d3:76:ad:9b:c6:ea:3b:3c:31:83:59:
a5:69:34:d1:f1:3d:38:f7:a1:73:db:e0:1b:ac:87:
ff:44:6d:27:f4:d0:52:e9:f8:79:28:09:5a:a4:e3:
43:24:dd:88:91:a1:49:6c:df:df:70:ca:10:d6:ba:
9f:b8:dd:ec:8e:4c:d3:8e:89:4a:15:77:71:d5:ce:
e9:19:e8:c3:9b:90:45:75:e5:c0:f2:a2:c6:28:8b:
ad:cb:0e:7a:9b:0c:ce:ba:43:88:be:43:e4:7e:58:
51:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:4D:F8:27:5D:D4:82:3C:FD:F7:E5:5A:11:92:1E:BA:8C:60:9B:87
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/nk34J13Ugjz99-VaEZIeuoxgm4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.151.0/24
87.248.157.0/24
Signature Algorithm: sha256WithRSAEncryption
56:a1:15:3c:35:58:1b:5e:fb:e2:a6:26:3e:97:20:33:b7:31:
dc:21:44:55:0c:75:3f:93:ee:55:0b:99:a4:01:07:8e:b9:c5:
42:ed:b2:d2:5c:31:e3:44:cc:36:b6:a0:28:a3:05:b8:0b:84:
e4:e7:3d:23:b1:9d:8c:d0:34:56:fa:b0:a8:0c:ae:4e:4e:7f:
84:ef:9e:7e:62:3c:63:75:e4:f9:c0:7c:60:0d:7b:fb:a8:1d:
a0:ba:88:9d:7b:8f:ba:32:64:45:ef:02:97:98:18:29:42:86:
ce:82:16:93:e3:7c:45:c5:88:89:c6:40:ae:61:02:f9:35:1a:
8e:e2:15:44:0a:3e:64:51:0c:b5:af:38:c4:cf:f0:b4:8b:51:
c1:24:b3:8d:45:c0:b3:35:92:f8:bb:04:dd:73:fa:fe:59:bf:
8f:5f:ec:7e:3f:ae:4c:77:6f:65:61:82:0e:41:97:8f:35:4d:
ca:5e:59:cb:7e:f3:17:68:3e:6f:d7:46:57:7a:70:1c:c9:06:
1f:e3:1b:cf:7a:dd:f9:d4:84:91:ca:c7:b6:ed:3f:23:e1:11:
1c:c3:90:c4:79:0f:e7:94:d4:72:16:b1:8a:ec:00:f1:42:9e:
80:16:a2:da:9e:a6:6c:12:20:6f:f8:58:a0:5a:2e:44:72:e3:
68:2f:3b:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRhaB+HjUJzkeOPjYjUFgzPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZjYxZmM3YzBhYjQxY2UxNTRlN2JjYjA4ZWY5NjIzNTFh
NDY3ODQwHhcNMjIxMTEwMTE1ODQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTRkZjgyNzVkZDQ4MjNjZmRmN2U1NWExMTkyMWViYThjNjA5Yjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjXVGuv6LbvzLKp6L5UroTJapsHw
81VtUkU5tjs49E4Mp5cNtAd4ZbAVskfq73MeL5t4IUKGE3IgRE3PG5L/etUvtv60
b1Q7Tdh/inaBkuTzcHcdKajXlqsK+snKISMVTDRHC6WcgR+8g2NPwjrP7Cgc3ddM
9DybCfHWVERni4Q91Cy6QqjQFPS/BKu2bDbPPwL+1qmJ9KaE03atm8bqOzwxg1ml
aTTR8T0496Fz2+AbrIf/RG0n9NBS6fh5KAlapONDJN2IkaFJbN/fcMoQ1rqfuN3s
jkzTjolKFXdx1c7pGejDm5BFdeXA8qLGKIutyw56mwzOukOIvkPkflhRIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJ5N+Cdd1II8/fflWhGSHrqMYJuHMB8GA1UdIwQY
MBaAFHf2H8fAq0HOFU57ywjvliNRpGeEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjkt
ZWRjOWQwMmZhZjU0LzEvbmszNEoxM1Vnano5OS1WYUVaSWV1b3hnbTRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85MjEzZWMtODVhOS00OGQ2LWFhNjktZWRjOWQwMmZhZjU0
LzEvZF9ZZng4Q3JRYzRWVG52TENPLVdJMUdrWjRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/iXAwQA
V/idMA0GCSqGSIb3DQEBCwUAA4IBAQBWoRU8NVgbXvvipiY+lyAztzHcIURVDHU/
k+5VC5mkAQeOucVC7bLSXDHjRMw2tqAoowW4C4Tk5z0jsZ2M0DRW+rCoDK5OTn+E
755+YjxjdeT5wHxgDXv7qB2guoide4+6MmRF7wKXmBgpQobOghaT43xFxYiJxkCu
YQL5NRqO4hVECj5kUQy1rzjEz/C0i1HBJLONRcCzNZL4uwTdc/r+Wb+PX+x+P65M
d29lYYIOQZePNU3KXlnLfvMXaD5v10ZXenAcyQYf4xvPet351ISRyse27T8j4REc
w5DEeQ/nlNRyFrGK7ADxQp6AFqLanqZsEiBv+FigWi5EcuNoLzvO
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:35 2024 by rpki-client on console-fra.rpki-client.org