Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/a9CKFf-23ymMTUfabfPHa98mV34.roa
File: a9CKFf-23ymMTUfabfPHa98mV34.roa (raw, json)
Hash identifier: x9H+JoCZ1XvLR9jFtdBr2H799lFlrrlUNN0cQVRwaIw=
Subject key identifier: 6B:D0:8A:15:FF:B6:DF:29:8C:4D:47:DA:6D:F3:C7:6B:DF:26:57:7E
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 16CE55C5
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/a9CKFf-23ymMTUfabfPHa98mV34.roa
Signing time: Sat 01 Jan 2022 12:01:29 +0000
ROA not before: Sat 01 Jan 2022 12:01:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20527
IP address blocks: 178.170.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 382621125 (0x16ce55c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 12:01:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bd08a15ffb6df298c4d47da6df3c76bdf26577e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5b:b9:0e:2c:39:5d:cd:0e:e1:43:fc:93:fd:
36:e9:c1:b6:95:4f:bd:01:cd:54:af:14:c3:89:25:
0d:ce:b5:5e:1f:d6:cc:52:15:12:86:65:8f:bf:33:
83:43:71:a9:75:74:c2:99:3d:f7:2c:04:3e:7c:3e:
b6:bc:15:59:25:79:bf:b3:8c:7b:03:31:d7:98:55:
28:8f:63:fb:6f:a0:17:be:75:68:94:61:a2:b7:76:
b6:03:6f:b5:3a:d5:7d:9d:20:ba:ce:4c:9d:dd:e4:
cd:11:3b:80:88:b0:bf:3f:5b:34:a6:95:04:5f:e5:
63:e9:a7:20:c6:85:50:60:1c:16:3d:b7:65:d6:79:
df:8c:0c:59:86:b3:6c:97:59:3a:c5:39:cf:d0:f3:
c8:36:63:00:70:b5:c0:98:f2:e3:23:db:d7:28:34:
08:52:af:d6:e8:46:bd:d0:0c:76:aa:ff:5e:cf:2d:
04:32:d2:f0:bb:11:95:d7:7a:20:2f:d7:aa:9b:f0:
da:ad:ab:90:d2:cb:67:9f:3d:9f:09:20:28:27:3d:
0f:8e:c5:b1:a2:5a:33:0e:7c:5f:a9:23:82:4b:3f:
6a:c8:3a:df:5a:a7:dd:93:2f:d8:0b:2b:22:dd:ca:
fb:57:72:05:63:50:8e:b4:59:c2:c9:80:d8:03:ba:
b4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D0:8A:15:FF:B6:DF:29:8C:4D:47:DA:6D:F3:C7:6B:DF:26:57:7E
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/a9CKFf-23ymMTUfabfPHa98mV34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.170.233.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:a2:73:cd:a2:09:5d:07:2d:61:0c:86:27:de:a7:7c:26:c1:
ba:e5:6e:87:af:15:7c:ca:b5:87:ad:1d:26:f9:f0:04:2f:4c:
ae:5f:8c:88:72:67:9a:b5:37:03:0d:b9:51:a8:2c:0a:00:7e:
d3:76:e3:fc:d7:25:5b:2b:8d:3c:93:3f:57:00:10:4f:ba:a1:
4f:de:09:7b:b4:3e:68:c8:29:83:99:79:bd:45:e2:47:41:51:
2c:8f:a1:e3:11:d2:64:b6:86:b2:64:29:83:e7:34:89:cb:0b:
cc:9e:4d:42:0c:2f:a4:a1:cc:d7:0c:b3:b5:19:99:04:0e:e0:
68:e9:20:cf:ee:57:9b:1c:fd:34:03:6e:6e:da:33:62:30:6e:
91:77:15:00:35:fa:cd:5c:29:67:80:8c:69:28:03:4e:7b:be:
e4:25:dd:c5:72:7b:ee:ac:ce:5c:02:fb:7b:60:93:72:f4:ea:
9c:6d:00:7f:07:25:74:4c:9c:b9:aa:74:54:eb:53:45:79:4a:
22:47:c1:40:0c:5d:b6:6d:5a:bd:53:87:a5:75:a8:47:48:be:
90:b5:f6:cb:cc:33:28:19:b2:c9:32:2f:8d:be:f3:a2:d0:c9:
b8:5e:d7:a2:eb:b6:c2:5c:29:86:ee:7e:cb:04:23:cd:dc:b3:
e0:bd:6a:3c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFs5VxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODg1ZTg4NGMyZmM3YTc1ZDEyZGQxZGVhNDljZTIzNDljNDcwNjdlMB4XDTIyMDEw
MTEyMDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmJkMDhhMTVmZmI2
ZGYyOThjNGQ0N2RhNmRmM2M3NmJkZjI2NTc3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5buQ4sOV3NDuFD/JP9NunBtpVPvQHNVK8Uw4klDc61Xh/W
zFIVEoZlj78zg0NxqXV0wpk99ywEPnw+trwVWSV5v7OMewMx15hVKI9j+2+gF751
aJRhord2tgNvtTrVfZ0gus5Mnd3kzRE7gIiwvz9bNKaVBF/lY+mnIMaFUGAcFj23
ZdZ534wMWYazbJdZOsU5z9DzyDZjAHC1wJjy4yPb1yg0CFKv1uhGvdAMdqr/Xs8t
BDLS8LsRldd6IC/Xqpvw2q2rkNLLZ589nwkgKCc9D47FsaJaMw58X6kjgks/asg6
31qn3ZMv2AsrIt3K+1dyBWNQjrRZwsmA2AO6tJMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRr0IoV/7bfKYxNR9pt88dr3yZXfjAfBgNVHSMEGDAWgBRYheiEwvx6ddEt
0d6knOI0nEcGfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dJWG9oTUw4ZW5YUkxkSGVwSnppTkp4SEJuNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8x
L2E5Q0tGZi0yM3ltTVRVZmFiZlBIYTk4bVYzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NmMwYmY3LTVmMTMtNDRhMi05OTg5LThjOTU4MWQ5NmQ4Zi8xL1dJWG9oTUw4ZW5Y
UkxkSGVwSnppTkp4SEJuNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALKq6TANBgkqhkiG9w0BAQsFAAOC
AQEAWqJzzaIJXQctYQyGJ96nfCbBuuVuh68VfMq1h60dJvnwBC9Mrl+MiHJnmrU3
Aw25UagsCgB+03bj/NclWyuNPJM/VwAQT7qhT94Je7Q+aMgpg5l5vUXiR0FRLI+h
4xHSZLaGsmQpg+c0icsLzJ5NQgwvpKHM1wyztRmZBA7gaOkgz+5Xmxz9NANubtoz
YjBukXcVADX6zVwpZ4CMaSgDTnu+5CXdxXJ77qzOXAL7e2CTcvTqnG0AfwcldEyc
uap0VOtTRXlKIkfBQAxdtm1avVOHpXWoR0i+kLX2y8wzKBmyyTIvjb7zotDJuF7X
ouu2wlwphu5+ywQjzdyz4L1qPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org