Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/Y405g8XG4XnIXZgdrgNxLpApnxE.roa
File: Y405g8XG4XnIXZgdrgNxLpApnxE.roa (raw, json)
Hash identifier: 7lzzKJv9V1f5qUE5JQ0SD4hQ/MjZkupZUt6PuVkLHXE=
Subject key identifier: 63:8D:39:83:C5:C6:E1:79:C8:5D:98:1D:AE:03:71:2E:90:29:9F:11
Certificate issuer: /CN=a9cc44d7f1d0dc0a5abf2776495b61de4819925f
Certificate serial: 0291DDA0
Authority key identifier: A9:CC:44:D7:F1:D0:DC:0A:5A:BF:27:76:49:5B:61:DE:48:19:92:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qcxE1_HQ3Apavyd2SVth3kgZkl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/Y405g8XG4XnIXZgdrgNxLpApnxE.roa
Signing time: Sat 01 Jan 2022 08:59:44 +0000
ROA not before: Sat 01 Jan 2022 08:59:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.253.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43113888 (0x291dda0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9cc44d7f1d0dc0a5abf2776495b61de4819925f
Validity
Not Before: Jan 1 08:59:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=638d3983c5c6e179c85d981dae03712e90299f11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f2:cb:de:85:35:d2:a7:e9:db:a3:a9:67:95:
77:d4:30:2e:44:65:ca:d6:f8:4b:a8:d0:2d:40:38:
3c:5f:2b:a0:00:2d:9a:4b:58:ea:e2:c6:9c:15:24:
1c:d0:93:3a:7a:c3:58:f4:3a:06:b0:2e:60:65:cb:
6b:39:df:30:a4:71:f6:b6:88:ba:05:09:3a:c2:3a:
80:14:37:15:dc:a2:57:38:51:a2:0d:56:0f:c2:71:
0b:96:08:1f:60:70:bc:2b:e9:69:24:fa:9b:c7:6a:
2f:0b:22:33:27:fa:e1:4f:8e:03:22:03:3f:d6:bf:
7c:7f:2a:3d:57:05:80:d4:14:3e:97:a5:6a:74:b0:
5f:65:a1:ea:9e:cc:01:6e:83:f2:99:56:14:2e:2a:
96:e9:a9:c4:9b:8a:92:63:65:ec:ad:cb:3a:a0:04:
d5:c6:f7:d8:f3:1c:67:85:15:20:4f:f3:18:de:c1:
9c:e6:96:38:8d:8e:c8:22:a8:13:4e:17:cf:7c:e4:
8e:d2:0f:c1:3b:71:4f:65:2c:53:b9:66:c2:66:bb:
d1:77:08:69:05:79:a7:a2:99:b7:06:00:21:11:aa:
cb:98:a2:6f:24:c9:4d:b9:07:91:ed:9a:c6:80:56:
28:6c:1d:01:c0:52:de:87:12:1d:d6:26:a1:3e:26:
79:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:8D:39:83:C5:C6:E1:79:C8:5D:98:1D:AE:03:71:2E:90:29:9F:11
X509v3 Authority Key Identifier:
keyid:A9:CC:44:D7:F1:D0:DC:0A:5A:BF:27:76:49:5B:61:DE:48:19:92:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qcxE1_HQ3Apavyd2SVth3kgZkl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/Y405g8XG4XnIXZgdrgNxLpApnxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/dab867-a579-4a95-aef7-1617f38a6dfc/1/qcxE1_HQ3Apavyd2SVth3kgZkl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.9.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:48:1c:b1:89:9c:e0:3e:c3:8c:c4:c0:a1:f2:d6:e1:82:f1:
95:ca:29:6d:a4:82:e7:f6:f8:ad:24:0f:cc:af:f8:48:5c:af:
24:5f:ea:f8:4d:6d:22:de:13:43:64:45:75:69:29:73:ee:87:
46:43:a6:84:d0:f4:ff:93:87:e9:0a:a1:07:60:b9:af:df:3c:
7f:b3:5c:b8:af:d1:71:90:7d:b1:9c:61:b8:c2:bd:88:81:0e:
c7:c9:01:59:99:d6:62:3e:16:25:b4:ac:47:f3:83:ca:b0:1f:
3d:44:21:05:28:e4:7e:cf:46:e5:51:16:ff:4b:f9:c4:c8:f8:
d0:31:fc:1c:a8:3a:10:b1:2f:db:c6:f8:ad:15:2c:66:ce:fb:
aa:6c:ac:ba:67:38:cb:f6:ae:30:9c:ce:5b:a3:e0:49:fe:2a:
8d:bb:d1:6c:21:2a:86:0c:56:79:06:e2:0f:25:b8:3d:61:29:
60:2c:a4:fa:58:d4:ba:f7:5b:c5:d6:d8:db:1d:4f:60:16:d3:
44:6b:4c:b9:7a:91:86:fa:76:f8:84:7e:39:e0:33:88:40:e9:
67:ea:9d:00:07:29:7d:aa:70:75:5c:61:cc:56:b9:a1:5b:a7:
24:4e:ed:3f:6d:1a:19:23:8f:c3:a4:f1:1c:21:2a:0c:98:18:
5a:3e:74:eb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEApHdoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OWNjNDRkN2YxZDBkYzBhNWFiZjI3NzY0OTViNjFkZTQ4MTk5MjVmMB4XDTIyMDEw
MTA4NTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM4ZDM5ODNjNWM2
ZTE3OWM4NWQ5ODFkYWUwMzcxMmU5MDI5OWYxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvyy96FNdKn6dujqWeVd9QwLkRlytb4S6jQLUA4PF8roAAt
mktY6uLGnBUkHNCTOnrDWPQ6BrAuYGXLaznfMKRx9raIugUJOsI6gBQ3FdyiVzhR
og1WD8JxC5YIH2BwvCvpaST6m8dqLwsiMyf64U+OAyIDP9a/fH8qPVcFgNQUPpel
anSwX2Wh6p7MAW6D8plWFC4qlumpxJuKkmNl7K3LOqAE1cb32PMcZ4UVIE/zGN7B
nOaWOI2OyCKoE04Xz3zkjtIPwTtxT2UsU7lmwma70XcIaQV5p6KZtwYAIRGqy5ii
byTJTbkHke2axoBWKGwdAcBS3ocSHdYmoT4meT0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRjjTmDxcbhechdmB2uA3EukCmfETAfBgNVHSMEGDAWgBSpzETX8dDcClq/
J3ZJW2HeSBmSXzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FjeEUxX0hRM0FwYXZ5ZDJTVnRoM2tnWmtsOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvZGFiODY3LWE1NzktNGE5NS1hZWY3LTE2MTdmMzhhNmRmYy8x
L1k0MDVnOFhHNFhuSVhaZ2RyZ054THBBcG54RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
ZGFiODY3LWE1NzktNGE5NS1hZWY3LTE2MTdmMzhhNmRmYy8xL3FjeEUxX0hRM0Fw
YXZ5ZDJTVnRoM2tnWmtsOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn9CTANBgkqhkiG9w0BAQsFAAOC
AQEAm0gcsYmc4D7DjMTAofLW4YLxlcopbaSC5/b4rSQPzK/4SFyvJF/q+E1tIt4T
Q2RFdWkpc+6HRkOmhND0/5OH6QqhB2C5r988f7NcuK/RcZB9sZxhuMK9iIEOx8kB
WZnWYj4WJbSsR/ODyrAfPUQhBSjkfs9G5VEW/0v5xMj40DH8HKg6ELEv28b4rRUs
Zs77qmysumc4y/auMJzOW6PgSf4qjbvRbCEqhgxWeQbiDyW4PWEpYCyk+ljUuvdb
xdbY2x1PYBbTRGtMuXqRhvp2+IR+OeAziEDpZ+qdAAcpfapwdVxhzFa5oVunJE7t
P20aGSOPw6TxHCEqDJgYWj506w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:55 2023 by rpki-client on console-ams.rpki-client.org