Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/EfF__EvLJp38jSDwhSRQ2d30l8o.roa
File: EfF__EvLJp38jSDwhSRQ2d30l8o.roa (raw, json)
Hash identifier: Cisn8GqtV5vLw3ww8BW7rZmmf6Xy5VYXi7IqZWFyMSI=
Subject key identifier: 11:F1:7F:FC:4B:CB:26:9D:FC:8D:20:F0:85:24:50:D9:DD:F4:97:CA
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0B7EBDC7
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/EfF__EvLJp38jSDwhSRQ2d30l8o.roa
Signing time: Sat 01 Jan 2022 10:53:36 +0000
ROA not before: Sat 01 Jan 2022 10:53:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 185.158.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192855495 (0xb7ebdc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 1 10:53:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=11f17ffc4bcb269dfc8d20f0852450d9ddf497ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c7:d8:e0:8f:73:55:00:9b:00:92:67:e4:45:
85:bc:ea:3b:65:72:00:47:77:27:b3:39:7c:99:b2:
f7:af:fa:14:69:aa:77:9f:39:76:26:43:e3:16:d6:
87:20:8c:c9:7a:0c:79:8e:5e:e8:2b:14:d7:b8:f1:
48:7d:a6:28:d0:10:e8:4f:4f:95:79:bf:d4:a8:b5:
71:50:59:98:17:fd:6f:7a:db:24:d9:3c:89:a6:48:
f8:f5:4d:83:ba:0b:4c:f7:bd:91:65:6f:6f:24:1b:
27:b1:05:27:6c:2f:f0:56:95:ad:89:c5:20:96:a8:
8f:e9:5f:61:9b:81:71:00:e6:21:f7:d6:d1:3a:4d:
fd:2c:a9:e6:58:e8:c0:58:64:de:a5:5a:c6:7e:16:
7b:a6:71:aa:4f:74:ba:a0:48:14:e9:97:f4:00:23:
8b:9c:e8:e7:9a:af:3a:47:0e:27:03:0a:df:fb:79:
fa:42:59:45:bf:09:50:ba:02:b3:26:32:9b:f7:5d:
d3:ad:40:c6:58:d6:f2:86:7d:dc:8e:1d:e5:1f:3d:
90:f0:94:c9:2e:cc:d9:d0:f8:0f:3c:41:65:78:66:
89:6e:88:fa:21:29:2a:03:52:66:1d:9c:30:55:58:
38:fb:17:40:cb:ee:a4:b3:92:ec:4e:3f:ee:ed:6d:
93:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F1:7F:FC:4B:CB:26:9D:FC:8D:20:F0:85:24:50:D9:DD:F4:97:CA
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/EfF__EvLJp38jSDwhSRQ2d30l8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.248.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:86:e9:80:89:93:e3:db:aa:45:0d:99:81:95:9a:73:b0:37:
60:ff:9c:a3:b5:a1:be:16:b3:d3:70:dd:c9:96:e7:8d:72:a5:
45:f0:ce:e8:d9:cf:cb:da:c6:d4:d2:4e:e6:65:5f:28:d1:40:
8f:ca:12:5d:f4:a9:2b:c9:b3:f5:70:e5:91:5a:be:c8:08:bb:
54:71:78:b2:54:7e:a1:4f:f0:99:dd:1f:8d:3c:eb:8c:db:54:
f1:0b:04:95:16:f9:fb:7d:24:a9:4c:78:97:47:be:c9:b0:00:
88:f7:44:33:30:a2:03:e4:f8:fc:8e:0e:24:fb:1f:3a:6e:b2:
b4:7f:6d:20:8b:00:43:73:8f:0d:fd:3d:90:3d:ac:13:b0:e4:
1f:98:24:6c:28:83:99:7b:d0:22:41:95:95:cf:28:03:56:f2:
70:28:a8:7f:96:76:78:57:c6:54:0c:58:1e:88:70:8b:0d:62:
ab:31:e5:78:07:1e:0c:1c:8e:93:a3:22:25:04:c1:02:ac:f1:
99:13:61:ce:62:bd:7b:ad:8b:f9:dd:d3:52:f1:59:b7:18:08:
99:00:b3:31:04:44:88:6e:a4:ea:40:91:2a:93:ce:02:b0:c8:
7a:64:1e:95:1b:18:85:71:ae:51:df:71:11:e0:9c:3e:e6:5a:
3b:ea:58:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC369xzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NThkMTJmMDk1MDUzYzM1ODc2Yjg4YjQ3Njg1ZDY0MzU0MjFmY2YyMB4XDTIyMDEw
MTEwNTMzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTFmMTdmZmM0YmNi
MjY5ZGZjOGQyMGYwODUyNDUwZDlkZGY0OTdjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN/H2OCPc1UAmwCSZ+RFhbzqO2VyAEd3J7M5fJmy96/6FGmq
d585diZD4xbWhyCMyXoMeY5e6CsU17jxSH2mKNAQ6E9PlXm/1Ki1cVBZmBf9b3rb
JNk8iaZI+PVNg7oLTPe9kWVvbyQbJ7EFJ2wv8FaVrYnFIJaoj+lfYZuBcQDmIffW
0TpN/Syp5ljowFhk3qVaxn4We6Zxqk90uqBIFOmX9AAji5zo55qvOkcOJwMK3/t5
+kJZRb8JULoCsyYym/dd061AxljW8oZ93I4d5R89kPCUyS7M2dD4DzxBZXhmiW6I
+iEpKgNSZh2cMFVYOPsXQMvupLOS7E4/7u1tk5MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQR8X/8S8smnfyNIPCFJFDZ3fSXyjAfBgNVHSMEGDAWgBRFjRLwlQU8NYdr
iLR2hdZDVCH88jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JZMFM4SlVGUERXSGE0aTBkb1hXUTFRaF9QSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvN2NlY2M3LWY2M2QtNDNmYy1iMjE5LTM5NTU5NTllYWY4MS8x
L0VmRl9fRXZMSnAzOGpTRHdoU1JRMmQzMGw4by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
N2NlY2M3LWY2M2QtNDNmYy1iMjE5LTM5NTU5NTllYWY4MS8xL1JZMFM4SlVGUERX
SGE0aTBkb1hXUTFRaF9QSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALme+DANBgkqhkiG9w0BAQsFAAOC
AQEAi4bpgImT49uqRQ2ZgZWac7A3YP+co7Whvhaz03DdyZbnjXKlRfDO6NnPy9rG
1NJO5mVfKNFAj8oSXfSpK8mz9XDlkVq+yAi7VHF4slR+oU/wmd0fjTzrjNtU8QsE
lRb5+30kqUx4l0e+ybAAiPdEMzCiA+T4/I4OJPsfOm6ytH9tIIsAQ3OPDf09kD2s
E7DkH5gkbCiDmXvQIkGVlc8oA1bycCiof5Z2eFfGVAxYHohwiw1iqzHleAceDByO
k6MiJQTBAqzxmRNhzmK9e62L+d3TUvFZtxgImQCzMQREiG6k6kCRKpPOArDIemQe
lRsYhXGuUd9xEeCcPuZaO+pYdg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:47 2023 by rpki-client on console-fra.rpki-client.org