Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/s9iTaEpvrBZbhpoKXSkRJut-jN4.roa
File: s9iTaEpvrBZbhpoKXSkRJut-jN4.roa (raw, json)
Hash identifier: iffV6MSf6pgrBgJ5fNtvwFJrB7R9jb8/LWjv0kSKUCc=
Subject key identifier: B3:D8:93:68:4A:6F:AC:16:5B:86:9A:0A:5D:29:11:26:EB:7E:8C:DE
Certificate issuer: /CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Certificate serial: 1BEEA4C3
Authority key identifier: 77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/s9iTaEpvrBZbhpoKXSkRJut-jN4.roa
Signing time: Sun 01 May 2022 10:23:13 +0000
ROA not before: Sun 01 May 2022 10:23:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 87.248.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 468624579 (0x1beea4c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77f61fc7c0ab41ce154e7bcb08ef962351a46784
Validity
Not Before: May 1 10:23:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3d893684a6fac165b869a0a5d291126eb7e8cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a5:90:66:30:05:42:9c:eb:03:8e:29:d1:34:
3a:45:87:86:72:6a:42:60:c9:f5:7e:6e:21:77:62:
02:cd:78:26:ed:bb:c0:29:fe:a8:da:2b:73:72:96:
9e:b4:62:dc:e9:e5:6e:ef:77:f4:a0:94:e3:d5:44:
ce:db:a1:43:6d:b6:79:1f:94:5f:10:2e:56:08:36:
2c:b9:ef:22:20:26:34:56:f6:74:d4:2f:6d:f7:e6:
ba:d1:8c:01:00:bf:53:54:92:d6:af:cd:b5:e5:e9:
4e:7c:b9:ad:bb:ea:d3:d1:15:a4:b3:e5:ab:01:dd:
27:ea:6d:e0:2a:8a:d7:ed:32:d8:8d:5c:e8:a7:87:
23:cc:d7:3e:23:a1:47:d8:4b:cd:4d:0a:c0:53:23:
ea:3c:61:83:9c:ca:3d:83:b3:21:5d:e3:c8:1b:18:
b3:2e:03:9c:ff:3c:fa:3a:94:86:94:b0:a9:52:0e:
c1:ac:e4:fa:4c:95:ed:c9:32:fb:57:e0:56:bb:a0:
9a:ec:03:cc:02:41:2e:13:98:d6:59:48:97:c0:99:
d1:44:43:4e:8c:38:dd:32:1d:32:11:3d:eb:e1:6c:
3f:a0:63:e6:45:b2:a3:d6:01:5f:60:87:7f:61:db:
54:b9:0c:1e:f4:bd:63:7d:e5:83:67:32:b9:ae:4e:
df:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D8:93:68:4A:6F:AC:16:5B:86:9A:0A:5D:29:11:26:EB:7E:8C:DE
X509v3 Authority Key Identifier:
keyid:77:F6:1F:C7:C0:AB:41:CE:15:4E:7B:CB:08:EF:96:23:51:A4:67:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/s9iTaEpvrBZbhpoKXSkRJut-jN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9213ec-85a9-48d6-aa69-edc9d02faf54/1/d_Yfx8CrQc4VTnvLCO-WI1GkZ4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.147.0/24
Signature Algorithm: sha256WithRSAEncryption
43:b9:05:bf:91:a3:4c:a5:9a:8f:1e:27:08:b2:07:7b:ff:fd:
d3:8e:35:30:e4:cc:fa:89:f4:36:3c:f9:b4:01:fa:7a:bd:18:
f8:64:ac:6a:71:1f:67:d2:0c:58:65:0a:fe:48:01:a2:f2:4a:
3c:50:41:ce:8c:57:f6:04:36:ee:8e:77:b6:69:67:7a:71:39:
f1:af:ec:71:5a:05:76:5c:07:c9:75:cc:38:a8:7a:64:0e:57:
c8:41:03:cc:86:3f:3b:a2:ba:8f:53:ad:16:15:fe:eb:d7:59:
65:14:a6:58:fc:cd:ff:80:4e:ac:d1:cf:18:8c:56:bf:61:4d:
e1:a4:6f:82:ed:f5:bf:b0:3c:b0:6d:58:d2:38:cd:d8:c9:93:
c2:35:08:b4:41:3a:32:ee:85:71:f0:30:8f:05:b6:ec:dc:ab:
ec:c5:1b:e7:2f:43:8f:c2:a0:b6:ea:fe:ef:cd:b1:69:a8:aa:
4d:eb:ae:da:98:d6:9b:63:09:39:a1:5c:39:c1:32:03:c2:50:
38:f2:9a:84:e9:a6:05:9c:5c:55:8a:64:a9:6f:87:82:d5:18:
60:a6:e8:1d:83:1e:13:e9:34:9a:51:fe:43:a0:04:58:28:54:
06:8b:8e:87:07:30:a9:bb:a6:2a:85:82:67:72:09:16:1b:b9:
83:39:26:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEG+6kwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
N2Y2MWZjN2MwYWI0MWNlMTU0ZTdiY2IwOGVmOTYyMzUxYTQ2Nzg0MB4XDTIyMDUw
MTEwMjMxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjNkODkzNjg0YTZm
YWMxNjViODY5YTBhNWQyOTExMjZlYjdlOGNkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKlkGYwBUKc6wOOKdE0OkWHhnJqQmDJ9X5uIXdiAs14Ju27
wCn+qNorc3KWnrRi3Onlbu939KCU49VEztuhQ222eR+UXxAuVgg2LLnvIiAmNFb2
dNQvbffmutGMAQC/U1SS1q/NteXpTny5rbvq09EVpLPlqwHdJ+pt4CqK1+0y2I1c
6KeHI8zXPiOhR9hLzU0KwFMj6jxhg5zKPYOzIV3jyBsYsy4DnP88+jqUhpSwqVIO
wazk+kyV7cky+1fgVrugmuwDzAJBLhOY1llIl8CZ0URDTow43TIdMhE96+FsP6Bj
5kWyo9YBX2CHf2HbVLkMHvS9Y33lg2cyua5O32sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSz2JNoSm+sFluGmgpdKREm636M3jAfBgNVHSMEGDAWgBR39h/HwKtBzhVO
e8sI75YjUaRnhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RfWWZ4OENyUWM0VlRudkxDTy1XSTFHa1o0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvOTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8x
L3M5aVRhRXB2ckJaYmhwb0tYU2tSSnV0LWpONC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
OTIxM2VjLTg1YTktNDhkNi1hYTY5LWVkYzlkMDJmYWY1NC8xL2RfWWZ4OENyUWM0
VlRudkxDTy1XSTFHa1o0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFf4kzANBgkqhkiG9w0BAQsFAAOC
AQEAQ7kFv5GjTKWajx4nCLIHe//90441MOTM+on0Njz5tAH6er0Y+GSsanEfZ9IM
WGUK/kgBovJKPFBBzoxX9gQ27o53tmlnenE58a/scVoFdlwHyXXMOKh6ZA5XyEED
zIY/O6K6j1OtFhX+69dZZRSmWPzN/4BOrNHPGIxWv2FN4aRvgu31v7A8sG1Y0jjN
2MmTwjUItEE6Mu6FcfAwjwW27Nyr7MUb5y9Dj8Kgtur+782xaaiqTeuu2pjWm2MJ
OaFcOcEyA8JQOPKahOmmBZxcVYpkqW+HgtUYYKboHYMeE+k0mlH+Q6AEWChUBouO
hwcwqbumKoWCZ3IJFhu5gzkmfQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:10 2023 by rpki-client on console-ams.rpki-client.org