Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/cUSejA_dTOkG9OXHt76RQwYXr8k.roa
File: cUSejA_dTOkG9OXHt76RQwYXr8k.roa (raw, json)
Hash identifier: EALILMSfT71hdzLCHWyf3FDUyKhBmMCbUNwMgLhg+JY=
Subject key identifier: 71:44:9E:8C:0F:DD:4C:E9:06:F4:E5:C7:B7:BE:91:43:06:17:AF:C9
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 0399125F
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/cUSejA_dTOkG9OXHt76RQwYXr8k.roa
Signing time: Sat 01 Jan 2022 00:51:12 +0000
ROA not before: Sat 01 Jan 2022 00:51:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204393
IP address blocks: 185.221.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60363359 (0x399125f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 00:51:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71449e8c0fdd4ce906f4e5c7b7be91430617afc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:49:99:0d:a1:f5:4f:e9:ca:0b:dd:77:9c:a5:
e3:f8:17:4d:ad:77:71:a4:48:93:e4:84:a0:c8:92:
89:b2:05:a9:df:18:96:2b:d4:06:53:54:27:e2:ce:
84:79:ff:62:4e:70:2d:6d:25:1e:f8:05:51:b1:22:
24:4a:8c:cd:73:4e:20:44:dd:f3:95:41:98:53:51:
84:a7:79:4f:2d:90:0b:98:54:a1:7a:0d:ae:80:a4:
a3:9b:05:2f:d7:ff:62:a5:8d:6c:90:cf:8f:c8:27:
4a:27:1c:7e:b4:b4:a0:74:06:51:d6:92:f3:da:7d:
df:b5:c4:50:ac:1a:90:9c:8a:50:7d:47:75:1b:a1:
03:1e:db:19:95:52:3d:2d:fb:39:d1:8a:f5:56:38:
5e:44:f5:6c:66:47:58:67:02:03:cd:82:6b:d2:09:
3b:b9:13:be:df:bb:a5:66:1f:26:2c:37:ac:d6:2f:
6d:a6:45:2d:4e:56:d1:e3:d6:bd:68:b2:5c:c1:87:
10:53:49:60:7c:94:11:83:ed:b2:df:8f:32:7a:0d:
86:84:d3:19:99:0d:20:a3:f2:a0:09:c6:2e:5f:03:
a3:61:91:50:82:ea:ef:8f:58:fb:ee:c0:71:5f:38:
93:ca:d3:a0:c0:b9:b7:64:b9:f6:24:d6:2c:2c:a3:
3a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:44:9E:8C:0F:DD:4C:E9:06:F4:E5:C7:B7:BE:91:43:06:17:AF:C9
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/cUSejA_dTOkG9OXHt76RQwYXr8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.239.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:8e:2d:e6:26:50:a0:65:5e:97:f8:6a:9d:34:7f:3d:ac:d5:
29:f8:87:b5:6d:f9:30:02:c8:fd:03:dd:50:80:f2:c8:46:dc:
3d:5b:12:46:d6:8b:f2:5f:79:a7:af:52:8e:9d:f5:bc:aa:b6:
e1:83:6b:a9:63:28:43:8b:8c:87:d5:d3:56:38:bb:75:4d:e2:
08:b4:bb:e3:ee:4b:d4:8d:2b:9d:7b:16:11:96:3d:fa:39:73:
83:27:30:b6:e1:5a:6e:3b:ed:74:2a:55:da:bc:90:84:d9:c6:
e7:a4:97:cf:78:89:c7:28:8d:d9:9e:1b:fe:d5:f3:e1:53:52:
41:51:9b:19:97:15:58:1f:24:c9:0e:4a:29:51:d5:36:02:a9:
08:08:2a:d2:ea:43:e3:e5:ef:c1:4f:27:e9:c4:ff:33:a8:90:
80:12:42:79:16:04:a6:0f:6d:59:89:c5:c2:fd:cf:b3:b1:8c:
61:53:e2:cd:70:2f:f1:35:62:ca:c0:33:96:85:78:df:ab:11:
2b:51:80:12:b6:51:a5:51:5a:e9:19:b1:ac:3a:ff:9e:7c:46:
6b:76:7f:ee:1f:f3:e1:27:84:ed:5d:f2:29:fe:63:fa:9c:e1:
d6:e8:1c:89:2a:a4:a7:41:67:a4:f1:ee:74:77:9a:f5:d9:cf:
6d:f8:b1:54
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5kSXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjczNDEwODcwNWE5NTc5NmU4NTc3MTI1ZGQzMDBjNzUxZGZkOWE4MB4XDTIyMDEw
MTAwNTExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE0NDllOGMwZmRk
NGNlOTA2ZjRlNWM3YjdiZTkxNDMwNjE3YWZjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANBJmQ2h9U/pygvdd5yl4/gXTa13caRIk+SEoMiSibIFqd8Y
livUBlNUJ+LOhHn/Yk5wLW0lHvgFUbEiJEqMzXNOIETd85VBmFNRhKd5Ty2QC5hU
oXoNroCko5sFL9f/YqWNbJDPj8gnSiccfrS0oHQGUdaS89p937XEUKwakJyKUH1H
dRuhAx7bGZVSPS37OdGK9VY4XkT1bGZHWGcCA82Ca9IJO7kTvt+7pWYfJiw3rNYv
baZFLU5W0ePWvWiyXMGHEFNJYHyUEYPtst+PMnoNhoTTGZkNIKPyoAnGLl8Do2GR
UILq749Y++7AcV84k8rToMC5t2S59iTWLCyjOusCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRxRJ6MD91M6Qb05ce3vpFDBhevyTAfBgNVHSMEGDAWgBSvc0EIcFqVeW6F
dxJd0wDHUd/ZqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3IzTkJDSEJhbFhsdWhYY1NYZE1BeDFIZjJhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYzkzYTY2LWM3YzctNGMzMy1hNzI1LTE4ZDFhNDA2YWFlZC8x
L2NVU2VqQV9kVE9rRzlPWEh0NzZSUXdZWHI4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YzkzYTY2LWM3YzctNGMzMy1hNzI1LTE4ZDFhNDA2YWFlZC8xL3IzTkJDSEJhbFhs
dWhYY1NYZE1BeDFIZjJhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnd7zANBgkqhkiG9w0BAQsFAAOC
AQEAe44t5iZQoGVel/hqnTR/PazVKfiHtW35MALI/QPdUIDyyEbcPVsSRtaL8l95
p69Sjp31vKq24YNrqWMoQ4uMh9XTVji7dU3iCLS74+5L1I0rnXsWEZY9+jlzgycw
tuFabjvtdCpV2ryQhNnG56SXz3iJxyiN2Z4b/tXz4VNSQVGbGZcVWB8kyQ5KKVHV
NgKpCAgq0upD4+XvwU8n6cT/M6iQgBJCeRYEpg9tWYnFwv3Ps7GMYVPizXAv8TVi
ysAzloV436sRK1GAErZRpVFa6RmxrDr/nnxGa3Z/7h/z4SeE7V3yKf5j+pzh1ugc
iSqkp0FnpPHudHea9dnPbfixVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:05 2024 by rpki-client on console-fra.rpki-client.org