Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/D1IOV5dWaZ0JJNZf5wjD8udUvgQ.roa
File: D1IOV5dWaZ0JJNZf5wjD8udUvgQ.roa (raw, json)
Hash identifier: iHhCVOt6PJJhdeP4BRvIPmON4NqxYmCvg8249yYy0t4=
Subject key identifier: 0F:52:0E:57:97:56:69:9D:09:24:D6:5F:E7:08:C3:F2:E7:54:BE:04
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 01852AE62BFD8281C611B217E813899727EB
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/D1IOV5dWaZ0JJNZf5wjD8udUvgQ.roa
Signing time: Mon 19 Dec 2022 15:00:05 +0000
ROA not before: Mon 19 Dec 2022 15:00:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56340
IP address blocks: 109.248.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:e6:2b:fd:82:81:c6:11:b2:17:e8:13:89:97:27:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Dec 19 15:00:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f520e579756699d0924d65fe708c3f2e754be04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:70:82:f5:a9:99:9a:fb:d0:71:8b:8a:ed:fa:
18:c4:87:0a:01:df:69:24:70:5b:8a:7c:1b:cc:5f:
5f:46:6f:c4:f8:d1:81:56:16:19:4f:d8:74:13:e7:
a1:fb:41:f8:62:36:47:c5:ae:fe:d3:e9:e0:08:c2:
37:77:a1:81:90:f6:ea:ee:42:df:93:5e:ba:99:47:
73:84:d9:2b:ee:72:13:bf:7a:e6:b1:71:ad:c2:ef:
77:34:ac:d4:80:05:6c:29:5a:48:4a:c6:91:e8:6e:
c2:ad:e6:26:7e:42:e0:3d:ea:99:09:32:31:e3:75:
23:20:3c:33:ac:f7:dd:9e:4b:29:6f:e1:d7:dd:2b:
11:59:34:f2:90:6e:ac:1f:7a:6c:62:2b:59:a7:28:
73:3b:bc:25:f4:3b:e2:36:6e:60:2f:48:5c:13:c8:
35:01:aa:98:d9:05:fb:fb:2a:6a:60:39:10:24:e6:
18:d9:40:55:63:a1:f6:ab:85:02:2c:1d:5f:87:6d:
9f:4a:06:fb:c1:41:77:c8:8d:af:2c:5e:39:1f:01:
18:a2:6f:fe:70:3a:a3:35:62:98:06:b5:25:32:bc:
6c:bf:3d:a3:04:91:61:2b:a8:64:86:9a:e8:da:e4:
e9:3a:c4:cf:dd:13:aa:66:cd:6b:7e:b1:84:f3:95:
1a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:52:0E:57:97:56:69:9D:09:24:D6:5F:E7:08:C3:F2:E7:54:BE:04
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/D1IOV5dWaZ0JJNZf5wjD8udUvgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.171.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:26:1e:a8:8a:08:65:ae:d9:83:dd:ac:5a:27:b8:0e:87:0b:
51:d6:90:c7:81:ea:7b:de:83:82:0f:5c:c5:44:de:eb:9f:1f:
fd:aa:f2:67:e8:8b:07:c5:1f:3a:cf:69:7f:5c:89:ed:b2:c1:
eb:a4:f5:8a:9a:45:9c:05:d0:60:8f:f8:e1:24:99:cf:37:c9:
45:26:03:4f:b5:74:06:17:88:6e:ad:ae:e1:83:58:fd:8f:47:
b2:e0:b0:d8:86:2c:43:be:bd:c9:7b:22:98:d3:fe:57:9c:28:
2a:49:6a:b1:82:bf:3e:ad:ad:47:91:3c:dd:52:80:7e:6b:63:
9f:47:db:af:e1:cb:f7:de:ec:42:96:98:3c:65:94:38:d6:57:
6e:f9:16:79:70:9c:ff:dd:77:d6:db:b7:97:8b:c0:8a:62:a3:
67:58:40:6a:15:e8:e7:0f:4a:6f:97:c0:de:54:d0:53:51:27:
18:06:b1:c1:67:2a:0c:ea:f8:c7:3b:af:46:87:66:31:8c:f0:
e0:34:3f:c5:bb:c6:de:aa:1f:fd:35:8a:8a:bb:74:f1:8c:29:
69:f3:39:1d:bb:e6:1a:72:14:0d:22:49:0c:7e:de:a0:96:e9:
b9:d4:de:89:4f:38:96:da:11:f5:6b:53:92:03:68:5f:5a:23:
e0:5d:57:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUq5iv9goHGEbIX6BOJlyfrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIxMjE5MTUwMDA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjUyMGU1Nzk3NTY2OTlkMDkyNGQ2NWZlNzA4YzNmMmU3NTRiZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXCC9amZmvvQcYuK7foYxIcKAd9p
JHBbinwbzF9fRm/E+NGBVhYZT9h0E+eh+0H4YjZHxa7+0+ngCMI3d6GBkPbq7kLf
k166mUdzhNkr7nITv3rmsXGtwu93NKzUgAVsKVpISsaR6G7CreYmfkLgPeqZCTIx
43UjIDwzrPfdnkspb+HX3SsRWTTykG6sH3psYitZpyhzO7wl9DviNm5gL0hcE8g1
AaqY2QX7+ypqYDkQJOYY2UBVY6H2q4UCLB1fh22fSgb7wUF3yI2vLF45HwEYom/+
cDqjNWKYBrUlMrxsvz2jBJFhK6hkhpro2uTpOsTP3ROqZs1rfrGE85UaBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9SDleXVmmdCSTWX+cIw/LnVL4EMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvRDFJT1Y1ZFdhWjBKSk5aZjV3akQ4dWRVdmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbfirMA0G
CSqGSIb3DQEBCwUAA4IBAQC1Jh6oighlrtmD3axaJ7gOhwtR1pDHgep73oOCD1zF
RN7rnx/9qvJn6IsHxR86z2l/XIntssHrpPWKmkWcBdBgj/jhJJnPN8lFJgNPtXQG
F4hura7hg1j9j0ey4LDYhixDvr3JeyKY0/5XnCgqSWqxgr8+ra1HkTzdUoB+a2Of
R9uv4cv33uxClpg8ZZQ41ldu+RZ5cJz/3XfW27eXi8CKYqNnWEBqFejnD0pvl8De
VNBTUScYBrHBZyoM6vjHO69Gh2YxjPDgND/Fu8beqh/9NYqKu3TxjClp8zkdu+Ya
chQNIkkMft6glum51N6JTziW2hH1a1OSA2hfWiPgXVeR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:00 2024 by rpki-client on console-ams.rpki-client.org