Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1UbMJ8pFh_GucBryCPf8WZVJYeY.roa
File: 1UbMJ8pFh_GucBryCPf8WZVJYeY.roa (raw, json)
Hash identifier: eXEjNFBNjCpL1DAigGHMrBnqWxJ7BAGSwBjgiSb1SVc=
Subject key identifier: D5:46:CC:27:CA:45:87:F1:AE:70:1A:F2:08:F7:FC:59:95:49:61:E6
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01823E480AA838A2614E97E5D1B67C8A5BEB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1UbMJ8pFh_GucBryCPf8WZVJYeY.roa
Signing time: Wed 27 Jul 2022 06:11:24 +0000
ROA not before: Wed 27 Jul 2022 06:11:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.209.245.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:48:0a:a8:38:a2:61:4e:97:e5:d1:b6:7c:8a:5b:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 27 06:11:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d546cc27ca4587f1ae701af208f7fc59954961e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:22:b5:14:22:ae:e9:f0:66:25:53:31:05:48:
54:bc:a1:73:7f:41:3d:1b:12:02:f9:de:00:de:a3:
e1:87:1f:1f:4d:4d:9d:ce:f5:d2:3e:81:f6:07:79:
b6:91:2a:bb:1a:e5:c9:13:08:cc:12:a7:98:1e:d4:
1c:75:84:fe:5b:8b:23:4a:9c:e2:5b:ac:fc:46:03:
ff:9c:e9:82:7e:03:36:86:12:dd:3c:c4:b7:7c:94:
35:5a:a7:61:cb:bf:0c:ab:e1:76:ac:50:bb:2c:7a:
57:34:f2:a8:8c:35:7d:d5:72:7f:d8:e8:56:ef:11:
6c:c3:e3:76:5f:d0:63:94:fe:ae:52:e3:61:6b:40:
bd:ac:e8:e9:2c:54:18:e2:20:5a:72:7b:b0:3b:5b:
70:0a:40:16:24:74:2f:8b:ef:0c:ce:82:b7:de:b4:
20:a6:3d:e0:b8:7c:2b:11:72:5c:90:ba:67:68:04:
69:a1:6c:78:f2:70:02:03:81:44:55:d4:26:1a:8b:
0a:66:3e:fb:31:1d:01:84:90:17:b1:d6:bb:61:94:
1c:95:ff:67:fe:a7:91:be:9b:09:f1:bb:a7:ed:41:
a4:95:22:69:91:ca:b6:35:1b:d5:60:3b:b0:6e:2b:
b3:5f:35:66:be:d2:64:75:40:7e:a6:ef:ac:d9:97:
a6:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:46:CC:27:CA:45:87:F1:AE:70:1A:F2:08:F7:FC:59:95:49:61:E6
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/1UbMJ8pFh_GucBryCPf8WZVJYeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.201.0/24
88.209.245.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:90:9a:d0:7f:15:94:af:c0:0e:96:3d:1f:54:35:dd:64:78:
0b:fc:5e:a3:52:d7:fa:25:10:d2:7f:6e:a3:06:ef:9d:9e:cd:
c4:e6:fd:6a:2e:ee:d7:37:57:62:02:25:e4:1f:e2:c6:0e:89:
e4:45:a5:e9:1a:f8:88:cb:01:e7:d9:a3:55:2d:9e:f8:17:a4:
dd:d0:8d:09:82:36:65:d7:ba:c5:7f:9d:cf:d4:e1:86:fb:f4:
cc:fc:7e:ec:dd:37:4b:e1:14:03:6f:77:b0:09:9b:3f:d7:3a:
5e:5d:a8:9e:f5:74:75:6b:26:f2:94:c8:6f:98:c9:11:0b:3a:
d3:8c:3e:23:21:bc:8d:a7:fa:05:f6:c2:b9:5d:d1:cb:ba:8f:
00:31:e2:cf:3f:5e:da:71:88:b7:bd:5e:d0:e1:55:e2:bb:7b:
6f:c2:b9:e4:6a:25:d3:ed:2f:e9:2a:1b:13:a9:2f:8d:25:92:
74:8f:70:29:6c:0d:18:fc:a9:e9:a8:07:de:d4:2d:93:49:e6:
65:07:e6:59:d2:2b:5e:c6:3b:78:11:4d:35:d0:60:f4:53:03:
d7:1c:45:ed:c0:dd:d1:86:71:10:d6:78:4e:cd:b1:12:5d:af:
fc:f8:8c:5b:2e:9a:80:c8:3c:dc:6d:4f:c9:7e:7f:fa:b9:df:
3c:25:7d:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYI+SAqoOKJhTpfl0bZ8ilvrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzI3MDYxMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ2Y2MyN2NhNDU4N2YxYWU3MDFhZjIwOGY3ZmM1OTk1NDk2MWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyK1FCKu6fBmJVMxBUhUvKFzf0E9
GxIC+d4A3qPhhx8fTU2dzvXSPoH2B3m2kSq7GuXJEwjMEqeYHtQcdYT+W4sjSpzi
W6z8RgP/nOmCfgM2hhLdPMS3fJQ1Wqdhy78Mq+F2rFC7LHpXNPKojDV91XJ/2OhW
7xFsw+N2X9BjlP6uUuNha0C9rOjpLFQY4iBacnuwO1twCkAWJHQvi+8MzoK33rQg
pj3guHwrEXJckLpnaARpoWx48nACA4FEVdQmGosKZj77MR0BhJAXsda7YZQclf9n
/qeRvpsJ8bun7UGklSJpkcq2NRvVYDuwbiuzXzVmvtJkdUB+pu+s2ZemrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNVGzCfKRYfxrnAa8gj3/FmVSWHmMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMVViTUo4cEZoX0d1Y0JyeUNQZjhXWlZKWWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHJAwQA
WNH1MA0GCSqGSIb3DQEBCwUAA4IBAQA7kJrQfxWUr8AOlj0fVDXdZHgL/F6jUtf6
JRDSf26jBu+dns3E5v1qLu7XN1diAiXkH+LGDonkRaXpGviIywHn2aNVLZ74F6Td
0I0JgjZl17rFf53P1OGG+/TM/H7s3TdL4RQDb3ewCZs/1zpeXaie9XR1aybylMhv
mMkRCzrTjD4jIbyNp/oF9sK5XdHLuo8AMeLPP17acYi3vV7Q4VXiu3tvwrnkaiXT
7S/pKhsTqS+NJZJ0j3ApbA0Y/KnpqAfe1C2TSeZlB+ZZ0itexjt4EU010GD0UwPX
HEXtwN3RhnEQ1nhOzbESXa/8+IxbLpqAyDzcbU/Jfn/6ud88JX2b
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org