Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/9FMKc9G8TFmKXLKe51l-nBACcjs.roa
File: 9FMKc9G8TFmKXLKe51l-nBACcjs.roa (raw, json)
Hash identifier: kYXsLjyhZtAnXh2DZ0uqRA+eSJddKvYoOAjCxTSIfCo=
Subject key identifier: F4:53:0A:73:D1:BC:4C:59:8A:5C:B2:9E:E7:59:7E:9C:10:02:72:3B
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 010EF7BC
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/9FMKc9G8TFmKXLKe51l-nBACcjs.roa
Signing time: Sat 01 Jan 2022 12:07:09 +0000
ROA not before: Sat 01 Jan 2022 12:07:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204331
IP address blocks: 185.253.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17758140 (0x10ef7bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Jan 1 12:07:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4530a73d1bc4c598a5cb29ee7597e9c1002723b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2f:51:91:db:15:d3:04:d9:da:9c:77:72:32:
2f:7c:97:39:8a:d0:bd:34:1f:f4:42:bb:20:62:15:
78:37:30:53:09:f2:a8:d7:84:26:c4:66:d4:3a:ef:
a2:ef:cb:c5:02:77:f5:37:9f:59:c7:21:ad:bf:7e:
75:02:6e:a0:50:e2:96:7f:ab:36:cf:37:67:de:c6:
c6:fc:b8:24:ea:68:55:07:4c:e9:d9:b0:8a:79:86:
41:af:42:7c:c2:34:0a:35:99:02:9b:51:a0:fd:a7:
3a:0f:b5:65:8d:9d:a3:b2:28:c2:16:ce:e9:06:c9:
17:ab:84:99:91:9f:d5:72:f6:41:27:5d:d2:17:cf:
b1:85:bb:6a:5b:8c:67:ee:7f:81:5b:3e:aa:8d:25:
7a:f9:12:40:50:52:74:cb:25:4b:02:b4:fd:be:49:
50:43:b3:19:95:a9:2a:01:5f:90:4c:84:86:4e:fa:
92:82:a2:e3:f9:76:48:72:24:b3:ed:47:2c:99:51:
ea:30:a4:78:67:a3:8b:10:f5:f9:23:ee:53:49:cd:
8e:d0:91:e6:77:d2:ac:0f:ce:3a:ad:96:77:6d:58:
8d:50:2b:68:69:3b:a1:0e:7c:df:0c:9a:bb:64:29:
fe:53:21:7a:5f:6b:b1:9c:2e:fb:71:ea:10:b5:0b:
ee:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:53:0A:73:D1:BC:4C:59:8A:5C:B2:9E:E7:59:7E:9C:10:02:72:3B
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/9FMKc9G8TFmKXLKe51l-nBACcjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.76.0/24
Signature Algorithm: sha256WithRSAEncryption
94:c9:95:aa:72:55:6b:5f:a4:c9:ef:3a:81:0f:2d:e9:84:f0:
7b:a9:d8:60:56:60:27:76:8f:88:42:79:50:b6:f8:a5:91:bf:
22:55:f6:40:ff:31:db:a5:de:a1:72:21:6f:71:c3:2c:1c:31:
18:df:3f:6f:88:36:e2:07:14:fa:9d:70:d0:28:7b:f7:e1:3e:
7a:4c:86:09:51:3c:55:6e:a1:46:56:ae:77:8b:20:55:a8:96:
50:4b:37:11:fd:8d:e3:92:fd:9b:61:c7:8a:ec:ac:00:c1:05:
b8:da:65:04:b9:9c:d4:7d:ed:7e:fd:0f:ef:ae:80:b8:1a:14:
f1:94:1d:f6:34:11:1c:64:c4:f1:49:80:c8:84:bc:1a:26:69:
c5:60:d8:e0:a4:07:da:b7:9b:ad:a7:a9:6f:fe:cb:34:23:d8:
6d:ac:71:7f:2a:ce:25:4b:ad:00:3a:ca:c4:1b:2b:20:2f:71:
12:56:ce:29:49:f7:f9:b2:51:16:c3:b5:aa:3b:18:13:56:c7:
87:5f:2c:12:42:f2:c4:02:fd:ad:3d:20:47:c5:94:c6:07:59:
a4:18:d8:04:29:fd:93:4b:07:6c:cd:a9:be:d8:bd:03:85:6a:
07:87:df:43:b3:a7:40:c1:4f:8d:f5:56:1b:63:27:b8:90:b7:
cb:7b:4b:43
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAQ73vDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjI2MzliMzVlNWQ5ZDBmYjM2OTZmZTJmZDYxY2I2ZjRjM2ZhNTA0MB4XDTIyMDEw
MTEyMDcwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ1MzBhNzNkMWJj
NGM1OThhNWNiMjllZTc1OTdlOWMxMDAyNzIzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkvUZHbFdME2dqcd3IyL3yXOYrQvTQf9EK7IGIVeDcwUwny
qNeEJsRm1Drvou/LxQJ39TefWcchrb9+dQJuoFDiln+rNs83Z97Gxvy4JOpoVQdM
6dmwinmGQa9CfMI0CjWZAptRoP2nOg+1ZY2do7IowhbO6QbJF6uEmZGf1XL2QSdd
0hfPsYW7aluMZ+5/gVs+qo0levkSQFBSdMslSwK0/b5JUEOzGZWpKgFfkEyEhk76
koKi4/l2SHIks+1HLJlR6jCkeGejixD1+SPuU0nNjtCR5nfSrA/OOq2Wd21YjVAr
aGk7oQ583wyau2Qp/lMhel9rsZwu+3HqELUL7h8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0Uwpz0bxMWYpcsp7nWX6cEAJyOzAfBgNVHSMEGDAWgBQyJjmzXl2dD7Np
b+L9YctvTD+lBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01pWTVzMTVkblEtemFXX2lfV0hMYjB3X3BRUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvNjYyZmJmLTU1NzYtNDU5NS04OTJiLWI1YjNhZWFlOThlYS8x
LzlGTUtjOUc4VEZtS1hMS2U1MWwtbkJBQ2Nqcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
NjYyZmJmLTU1NzYtNDU5NS04OTJiLWI1YjNhZWFlOThlYS8xL01pWTVzMTVkblEt
emFXX2lfV0hMYjB3X3BRUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn9TDANBgkqhkiG9w0BAQsFAAOC
AQEAlMmVqnJVa1+kye86gQ8t6YTwe6nYYFZgJ3aPiEJ5ULb4pZG/IlX2QP8x26Xe
oXIhb3HDLBwxGN8/b4g24gcU+p1w0Ch79+E+ekyGCVE8VW6hRlaud4sgVaiWUEs3
Ef2N45L9m2HHiuysAMEFuNplBLmc1H3tfv0P766AuBoU8ZQd9jQRHGTE8UmAyIS8
GiZpxWDY4KQH2rebraepb/7LNCPYbaxxfyrOJUutADrKxBsrIC9xElbOKUn3+bJR
FsO1qjsYE1bHh18sEkLyxAL9rT0gR8WUxgdZpBjYBCn9k0sHbM2pvti9A4VqB4ff
Q7OnQMFPjfVWG2MnuJC3y3tLQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:38 2024 by rpki-client on console-fra.rpki-client.org