Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/l2eKFe51Z_lw_D0bB4sEYxT-wts.roa
File: l2eKFe51Z_lw_D0bB4sEYxT-wts.roa (raw, json)
Hash identifier: Sd7Zb+jw9XJCUj8I4zPY61VhCJrBtIMWmhq+Vfh+o5E=
Subject key identifier: 97:67:8A:15:EE:75:67:F9:70:FC:3D:1B:07:8B:04:63:14:FE:C2:DB
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 08880311
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/l2eKFe51Z_lw_D0bB4sEYxT-wts.roa
Signing time: Sat 01 Jan 2022 03:50:54 +0000
ROA not before: Sat 01 Jan 2022 03:50:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34443
IP address blocks: 85.248.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143131409 (0x8880311)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 1 03:50:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97678a15ee7567f970fc3d1b078b046314fec2db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:6c:9e:6f:4b:cc:ad:f9:a0:42:1b:cc:87:a1:
cd:52:1b:6c:98:39:58:41:aa:65:18:b0:96:6b:94:
d2:f3:2c:5b:a7:b1:cb:8f:14:84:cd:cb:27:97:0f:
16:dc:1f:60:f5:6e:bf:f4:26:5c:37:9f:32:9c:5a:
17:46:07:ff:c5:22:b6:b3:fd:b0:0b:1e:ca:86:b1:
8e:e7:bc:63:76:e8:33:16:6d:00:3b:39:ed:eb:97:
c0:23:53:60:ea:7f:ac:af:c5:7f:80:33:99:8d:80:
dd:30:8b:1b:62:f6:96:ce:b8:57:b9:f6:88:d5:4e:
93:a3:ee:b2:bf:41:58:2c:04:28:85:57:78:45:6e:
7b:31:55:b7:06:e6:0f:58:88:97:a6:43:f6:df:e6:
5e:8b:28:e9:ed:dd:f2:be:7a:38:14:46:80:99:e9:
8c:41:70:b0:72:18:dd:58:50:bb:f1:0e:85:c7:3f:
c2:dd:7f:e4:fc:2f:95:42:db:0b:c6:cd:29:05:4a:
c0:bf:a4:7e:31:8f:c7:d9:32:14:1f:3f:a6:7a:06:
d4:ea:48:1d:8c:dc:ec:b2:09:4a:a7:f2:b0:19:04:
ef:94:ca:b3:cd:f9:2a:69:b8:23:65:84:56:ec:88:
77:5d:5d:ac:f1:1c:8d:ef:45:e0:1e:62:76:3b:09:
c4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:67:8A:15:EE:75:67:F9:70:FC:3D:1B:07:8B:04:63:14:FE:C2:DB
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/l2eKFe51Z_lw_D0bB4sEYxT-wts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.248.235.0/24
Signature Algorithm: sha256WithRSAEncryption
47:df:78:9f:fb:a6:05:3b:f8:cd:7f:1c:32:ce:b2:2c:69:27:
ed:a4:f6:2c:2e:56:8f:6e:4a:47:8b:03:42:49:e6:f3:fb:0b:
01:61:48:58:c3:16:79:42:27:8a:53:bc:d5:af:6f:95:52:f1:
f4:8e:7a:86:0e:fc:6f:1c:b5:79:07:1b:b3:52:ea:67:9e:5b:
09:6b:1a:ad:63:a3:75:2e:8f:39:3e:32:79:4b:74:bb:87:ff:
4b:43:75:2f:e9:6a:83:44:da:ab:10:bc:e3:a7:fc:27:cc:82:
08:0c:08:2f:24:e8:f5:44:c9:b7:ae:0b:1e:cb:81:7e:41:91:
fd:16:b1:97:c8:dc:9c:84:0e:1a:d9:cc:21:05:0d:29:75:15:
2f:35:a6:96:ce:31:80:9d:26:93:7b:84:c4:4b:4a:9e:44:ca:
59:63:ab:65:0e:2c:82:8c:5a:60:b5:f8:5f:6d:18:b3:73:29:
49:31:4b:01:96:cd:e9:77:a7:d8:1e:30:df:aa:66:43:2e:67:
34:36:94:74:ae:f1:b7:8a:e1:ef:68:40:02:92:fb:a6:a2:45:
07:6b:4e:b0:38:55:5a:24:0e:b0:41:14:b3:27:13:e8:99:fd:
57:d1:70:d8:6a:76:8a:88:af:e6:f3:9a:69:8d:39:46:e3:bb:
62:93:70:dd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECIgDETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
N2Y4ODE0MDFhYmFjYzg4Yzk0MWZkZjc0MGYxYWIxNTM2ZjA1ZGJhMB4XDTIyMDEw
MTAzNTA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc2NzhhMTVlZTc1
NjdmOTcwZmMzZDFiMDc4YjA0NjMxNGZlYzJkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdsnm9LzK35oEIbzIehzVIbbJg5WEGqZRiwlmuU0vMsW6ex
y48UhM3LJ5cPFtwfYPVuv/QmXDefMpxaF0YH/8UitrP9sAseyoaxjue8Y3boMxZt
ADs57euXwCNTYOp/rK/Ff4AzmY2A3TCLG2L2ls64V7n2iNVOk6Pusr9BWCwEKIVX
eEVuezFVtwbmD1iIl6ZD9t/mXoso6e3d8r56OBRGgJnpjEFwsHIY3VhQu/EOhcc/
wt1/5PwvlULbC8bNKQVKwL+kfjGPx9kyFB8/pnoG1OpIHYzc7LIJSqfysBkE75TK
s835Kmm4I2WEVuyId11drPEcje9F4B5idjsJxIcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSXZ4oV7nVn+XD8PRsHiwRjFP7C2zAfBgNVHSMEGDAWgBTn+IFAGrrMiMlB
/fdA8asVNvBdujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVfaUJRQnE2eklqSlFmMzNRUEdyRlRid1hiby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvZjU1MzRhLWE2MTMtNDdiZS1iNDJiLWUyZmJjM2E2ODgwMC8x
L2wyZUtGZTUxWl9sd19EMGJCNHNFWXhULXd0cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
ZjU1MzRhLWE2MTMtNDdiZS1iNDJiLWUyZmJjM2E2ODgwMC8xLzVfaUJRQnE2eklq
SlFmMzNRUEdyRlRid1hiby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFX46zANBgkqhkiG9w0BAQsFAAOC
AQEAR994n/umBTv4zX8cMs6yLGkn7aT2LC5Wj25KR4sDQknm8/sLAWFIWMMWeUIn
ilO81a9vlVLx9I56hg78bxy1eQcbs1LqZ55bCWsarWOjdS6POT4yeUt0u4f/S0N1
L+lqg0TaqxC846f8J8yCCAwILyTo9UTJt64LHsuBfkGR/Raxl8jcnIQOGtnMIQUN
KXUVLzWmls4xgJ0mk3uExEtKnkTKWWOrZQ4sgoxaYLX4X20Ys3MpSTFLAZbN6Xen
2B4w36pmQy5nNDaUdK7xt4rh72hAApL7pqJFB2tOsDhVWiQOsEEUsycT6Jn9V9Fw
2Gp2ioiv5vOaaY05RuO7YpNw3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:57 2024 by rpki-client on console-ams.rpki-client.org