Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/kD18Ds3Wg24qnfhmVdUQKKnpd2s.roa
File: kD18Ds3Wg24qnfhmVdUQKKnpd2s.roa (raw, json)
Hash identifier: IdTQrOGDWIraSSa87dThk5SL1DwqEm4ZWgfZ2UgT0Ww=
Subject key identifier: 90:3D:7C:0E:CD:D6:83:6E:2A:9D:F8:66:55:D5:10:28:A9:E9:77:6B
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1AB73B1F
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/kD18Ds3Wg24qnfhmVdUQKKnpd2s.roa
Signing time: Sat 01 Jan 2022 16:03:07 +0000
ROA not before: Sat 01 Jan 2022 16:03:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51703
IP address blocks: 85.153.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 448215839 (0x1ab73b1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 16:03:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=903d7c0ecdd6836e2a9df86655d51028a9e9776b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:af:cc:a3:e5:ff:47:3f:3d:a2:22:0f:52:a7:
8c:94:d5:ee:da:15:95:17:bc:d1:59:99:1e:7a:cb:
26:07:63:80:15:8a:29:cc:7a:c0:e3:af:c6:3f:e1:
b3:2b:db:86:7f:08:d7:d8:6c:18:70:0a:78:2c:6d:
98:6a:52:7a:c4:db:31:e9:a9:e7:8c:ca:07:86:0d:
d4:07:3f:4c:39:c0:ec:35:de:d8:4e:d8:7e:80:54:
94:77:d0:bf:ea:84:fb:06:3d:57:dc:5a:ae:1f:d7:
53:8e:33:47:f9:d5:93:02:5b:e2:69:13:5f:50:d3:
d6:d6:79:c3:91:3e:c7:76:a9:e1:c8:ae:a4:23:37:
bc:90:3c:bb:44:4d:14:bf:98:81:f8:da:8f:02:f0:
2d:2e:70:cc:9d:a9:de:9a:4d:ff:03:33:31:b0:81:
05:89:30:3b:96:a3:0d:bd:df:d4:f1:0b:27:8e:93:
bc:3d:b9:ce:24:38:fa:34:b9:76:de:e8:b7:14:a8:
e6:1a:93:d4:68:9a:35:f7:b0:cc:bf:c3:57:4b:0f:
b9:c6:74:c7:d6:3a:87:36:17:fc:1f:e9:37:b0:36:
37:4f:54:b3:8f:2b:92:81:a3:3a:12:62:70:77:3c:
f8:4c:3a:a6:af:34:55:bb:6c:64:41:92:44:66:e6:
36:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3D:7C:0E:CD:D6:83:6E:2A:9D:F8:66:55:D5:10:28:A9:E9:77:6B
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/kD18Ds3Wg24qnfhmVdUQKKnpd2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.131.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:b3:bc:72:19:d9:df:3a:f0:bb:f2:03:4d:66:37:f2:55:2d:
1e:d0:37:b7:1a:6b:84:3d:0d:2c:46:e1:5a:4d:92:12:fa:7b:
13:6b:35:6f:e2:4e:bb:72:1f:25:af:56:8a:01:52:e9:8e:30:
79:4e:cf:80:12:7b:4c:a5:d0:09:c8:1a:14:18:5b:05:c0:15:
37:c4:cb:c1:7e:b0:ae:03:c3:58:3b:ac:d0:dc:6d:0a:30:da:
d5:6f:fe:fb:8c:e1:bb:9f:13:e6:7a:de:43:b3:8d:8f:24:99:
98:9d:44:eb:91:7a:1a:78:2c:db:bf:c1:77:6e:22:b8:31:45:
a7:cb:ab:0e:4e:6b:0f:d7:01:d3:45:da:2d:f3:51:e9:0d:b6:
71:f6:69:27:c4:9d:a7:b3:5d:11:d5:9a:7e:89:72:51:6d:bd:
db:5f:65:c4:e0:76:80:eb:c6:0f:db:be:1c:50:14:87:86:d3:
f5:76:a7:dd:71:ad:c0:7d:40:29:09:93:99:82:d1:c9:ae:d3:
30:45:80:67:fd:39:97:e3:94:13:63:d7:66:7d:0e:b9:fb:8b:
ac:0a:5f:20:0c:d4:8e:7b:6a:aa:af:3d:1d:5b:b2:ff:9f:66:
e9:bb:23:6f:13:9d:84:85:70:76:c5:cc:84:b3:8c:d9:d0:c5:
60:99:f7:dc
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGrc7HzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDEw
MTE2MDMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTAzZDdjMGVjZGQ2
ODM2ZTJhOWRmODY2NTVkNTEwMjhhOWU5Nzc2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSvzKPl/0c/PaIiD1KnjJTV7toVlRe80VmZHnrLJgdjgBWK
Kcx6wOOvxj/hsyvbhn8I19hsGHAKeCxtmGpSesTbMemp54zKB4YN1Ac/TDnA7DXe
2E7YfoBUlHfQv+qE+wY9V9xarh/XU44zR/nVkwJb4mkTX1DT1tZ5w5E+x3ap4ciu
pCM3vJA8u0RNFL+YgfjajwLwLS5wzJ2p3ppN/wMzMbCBBYkwO5ajDb3f1PELJ46T
vD25ziQ4+jS5dt7otxSo5hqT1GiaNfewzL/DV0sPucZ0x9Y6hzYX/B/pN7A2N09U
s48rkoGjOhJicHc8+Ew6pq80VbtsZEGSRGbmNr8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSQPXwOzdaDbiqd+GZV1RAoqel3azAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
L2tEMThEczNXZzI0cW5maG1WZFVRS0tucGQycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWZgzANBgkqhkiG9w0BAQsFAAOC
AQEACrO8chnZ3zrwu/IDTWY38lUtHtA3txprhD0NLEbhWk2SEvp7E2s1b+JOu3If
Ja9WigFS6Y4weU7PgBJ7TKXQCcgaFBhbBcAVN8TLwX6wrgPDWDus0NxtCjDa1W/+
+4zhu58T5nreQ7ONjySZmJ1E65F6Gngs27/Bd24iuDFFp8urDk5rD9cB00XaLfNR
6Q22cfZpJ8Sdp7NdEdWafolyUW29219lxOB2gOvGD9u+HFAUh4bT9Xan3XGtwH1A
KQmTmYLRya7TMEWAZ/05l+OUE2PXZn0OufuLrApfIAzUjntqqq89HVuy/59m6bsj
bxOdhIVwdsXMhLOM2dDFYJn33A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:16 2024 by rpki-client on console-fra.rpki-client.org