Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/r-L5ikFV0PQG2zKHBPPEgjskomg.roa
File: r-L5ikFV0PQG2zKHBPPEgjskomg.roa (raw, json)
Hash identifier: yVznC9eBQaeUENSjLXIqREvM+dxxDt6O94pg9rkC8VU=
Subject key identifier: AF:E2:F9:8A:41:55:D0:F4:06:DB:32:87:04:F3:C4:82:3B:24:A2:68
Certificate issuer: /CN=ded353e2f5d318c348772a8ff105aa70719e4135
Certificate serial: 0491EAB2
Authority key identifier: DE:D3:53:E2:F5:D3:18:C3:48:77:2A:8F:F1:05:AA:70:71:9E:41:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3tNT4vXTGMNIdyqP8QWqcHGeQTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/r-L5ikFV0PQG2zKHBPPEgjskomg.roa
Signing time: Sat 01 Jan 2022 14:06:00 +0000
ROA not before: Sat 01 Jan 2022 14:06:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 87.237.84.0/24 maxlen: 24
87.237.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76671666 (0x491eab2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ded353e2f5d318c348772a8ff105aa70719e4135
Validity
Not Before: Jan 1 14:06:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afe2f98a4155d0f406db328704f3c4823b24a268
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:27:e5:40:bc:69:7e:63:21:aa:07:ff:f3:b3:
28:35:c9:0b:ff:42:d5:92:1f:00:d4:36:08:81:e5:
63:63:66:92:34:eb:37:a3:e0:23:53:10:ea:4e:d8:
26:68:9c:e7:8c:69:60:de:12:7d:c6:48:7a:10:c8:
d6:17:86:54:6c:c5:56:5d:df:76:cf:c1:5e:5e:4c:
7f:a0:68:b3:36:30:ce:22:b2:1a:5f:ad:8a:3c:a8:
b3:8a:53:33:f2:01:b3:7b:d3:7c:d5:14:c1:f4:27:
e6:25:ab:29:81:ac:61:ff:48:e3:71:15:6a:e6:f4:
62:98:d2:55:b9:dd:fb:7a:89:2d:ee:5b:fa:67:a0:
56:73:aa:b8:8d:46:b8:1b:a4:e7:06:be:f3:9f:1f:
55:c2:4d:d4:87:b7:c2:e5:4f:bf:59:11:cb:9b:97:
52:ae:83:b5:33:f1:a8:47:df:07:a5:68:69:dd:b9:
ec:86:e2:fd:fb:d7:0e:de:b4:a8:a9:c5:5e:1b:90:
c6:dc:60:ad:50:12:05:67:c7:1a:70:52:73:27:73:
66:c8:4c:e3:03:fb:6d:c5:e1:b1:30:a5:bd:2e:91:
9f:f2:74:f5:bb:6c:ee:5a:72:57:ac:58:d3:7d:b1:
04:76:fe:51:f8:84:79:8f:b0:55:8c:5c:60:e4:e6:
1c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E2:F9:8A:41:55:D0:F4:06:DB:32:87:04:F3:C4:82:3B:24:A2:68
X509v3 Authority Key Identifier:
keyid:DE:D3:53:E2:F5:D3:18:C3:48:77:2A:8F:F1:05:AA:70:71:9E:41:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3tNT4vXTGMNIdyqP8QWqcHGeQTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/r-L5ikFV0PQG2zKHBPPEgjskomg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/cbacce-efbf-4f32-8d88-4e85dabd6474/1/3tNT4vXTGMNIdyqP8QWqcHGeQTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.84.0/24
87.237.86.0/24
Signature Algorithm: sha256WithRSAEncryption
33:7b:8d:66:b8:4b:b9:1e:ef:cf:7d:1b:d2:bb:8c:32:b6:a1:
b2:fd:40:ed:53:51:6d:e0:e4:32:78:2e:6b:ad:12:1e:7b:7f:
3f:26:89:ea:d3:60:e8:de:9e:09:85:74:85:94:86:b9:8e:cd:
65:97:b8:e0:d8:cf:ba:f8:5f:45:ff:10:fe:f3:9c:1e:27:c5:
d8:c4:92:12:5b:61:cb:e6:28:a8:bb:db:b4:85:a3:6f:b2:03:
4c:b1:ef:b4:78:8f:4f:6d:d7:db:58:bb:ea:74:02:02:8f:a5:
ce:cf:e9:9f:42:cc:4c:21:0e:ec:b4:ad:92:54:76:26:94:81:
0c:90:f2:55:7b:ea:a3:b5:81:ef:a8:a5:9b:77:91:49:25:7a:
59:d4:92:b5:cf:7e:17:17:a4:38:96:b6:b2:09:ff:56:d0:b9:
ca:7d:23:d4:28:1d:41:b9:5f:95:46:3b:0b:24:d7:4b:0a:bb:
30:9d:a9:93:0b:71:13:fa:40:95:a5:76:14:14:bf:69:ea:8c:
56:6c:4b:af:13:52:28:0e:f8:f8:69:00:62:86:47:48:2c:22:
cc:ae:ec:b4:d2:61:26:e4:9a:ea:35:25:5e:af:62:51:be:39:
24:68:b2:9d:52:4f:2c:f6:09:38:94:18:bb:05:2c:4c:33:50:
01:87:fb:63
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBJHqsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZWQzNTNlMmY1ZDMxOGMzNDg3NzJhOGZmMTA1YWE3MDcxOWU0MTM1MB4XDTIyMDEw
MTE0MDYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZlMmY5OGE0MTU1
ZDBmNDA2ZGIzMjg3MDRmM2M0ODIzYjI0YTI2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkn5UC8aX5jIaoH//OzKDXJC/9C1ZIfANQ2CIHlY2NmkjTr
N6PgI1MQ6k7YJmic54xpYN4SfcZIehDI1heGVGzFVl3fds/BXl5Mf6BoszYwziKy
Gl+tijyos4pTM/IBs3vTfNUUwfQn5iWrKYGsYf9I43EVaub0YpjSVbnd+3qJLe5b
+megVnOquI1GuBuk5wa+858fVcJN1Ie3wuVPv1kRy5uXUq6DtTPxqEffB6Voad25
7Ibi/fvXDt60qKnFXhuQxtxgrVASBWfHGnBScydzZshM4wP7bcXhsTClvS6Rn/J0
9bts7lpyV6xY032xBHb+UfiEeY+wVYxcYOTmHMMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSv4vmKQVXQ9AbbMocE88SCOySiaDAfBgNVHSMEGDAWgBTe01Pi9dMYw0h3
Ko/xBapwcZ5BNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzN0TlQ0dlhUR01OSWR5cVA4UVdxY0hHZVFUVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvY2JhY2NlLWVmYmYtNGYzMi04ZDg4LTRlODVkYWJkNjQ3NC8x
L3ItTDVpa0ZWMFBRRzJ6S0hCUFBFZ2pza29tZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
Y2JhY2NlLWVmYmYtNGYzMi04ZDg4LTRlODVkYWJkNjQ3NC8xLzN0TlQ0dlhUR01O
SWR5cVA4UVdxY0hHZVFUVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFftVAMEAFftVjANBgkqhkiG9w0B
AQsFAAOCAQEAM3uNZrhLuR7vz30b0ruMMrahsv1A7VNRbeDkMngua60SHnt/PyaJ
6tNg6N6eCYV0hZSGuY7NZZe44NjPuvhfRf8Q/vOcHifF2MSSElthy+YoqLvbtIWj
b7IDTLHvtHiPT23X21i76nQCAo+lzs/pn0LMTCEO7LStklR2JpSBDJDyVXvqo7WB
76ilm3eRSSV6WdSStc9+FxekOJa2sgn/VtC5yn0j1CgdQblflUY7CyTXSwq7MJ2p
kwtxE/pAlaV2FBS/aeqMVmxLrxNSKA74+GkAYoZHSCwizK7stNJhJuSa6jUlXq9i
Ub45JGiynVJPLPYJOJQYuwUsTDNQAYf7Yw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org