Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9KzwIARdvDdJsFYFqPJQAc-cwxI.roa
File: 9KzwIARdvDdJsFYFqPJQAc-cwxI.roa (raw, json)
Hash identifier: 5JrDLNCPwlBcWrqlGmUYC2EhWk4Nt+hkwifutDkn5Og=
Subject key identifier: F4:AC:F0:20:04:5D:BC:37:49:B0:56:05:A8:F2:50:01:CF:9C:C3:12
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0185629EA2F572371BC6B2D53E2A09BE1E73
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9KzwIARdvDdJsFYFqPJQAc-cwxI.roa
Signing time: Fri 30 Dec 2022 10:40:41 +0000
ROA not before: Fri 30 Dec 2022 10:40:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208911
IP address blocks: 88.209.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:9e:a2:f5:72:37:1b:c6:b2:d5:3e:2a:09:be:1e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 30 10:40:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4acf020045dbc3749b05605a8f25001cf9cc312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f3:49:0c:45:61:c0:e5:da:2a:27:94:83:96:
b0:65:93:aa:e0:b1:bd:1b:03:58:91:da:a5:e1:03:
47:2f:6e:e1:1f:41:3e:6a:03:22:3d:9c:34:32:6d:
51:ad:85:8a:6b:27:d1:d0:e0:ab:9f:90:df:f4:e8:
36:5a:1e:d8:16:8a:43:19:64:50:f8:fb:92:db:e5:
99:65:ad:3b:c2:0b:ec:d2:9c:d3:75:de:fb:2f:e4:
f5:a3:ec:40:9e:b6:2b:66:f8:4e:ce:d0:31:20:a8:
d6:9d:c1:61:10:b8:10:7b:f2:1a:e0:5a:0a:76:50:
36:a9:f5:5e:ef:cb:21:c3:d3:37:76:91:34:24:7d:
d3:74:57:13:f5:23:18:b5:70:c9:c1:f6:ac:9c:2c:
ea:9c:5a:d5:dc:3a:d8:11:3a:e4:ea:51:a8:83:50:
e2:de:d5:39:42:dc:fc:ae:ab:44:63:2e:ef:e2:e1:
f9:94:c8:96:cc:23:1e:72:69:92:e7:37:e0:cf:c0:
a8:3e:8b:71:c0:ce:92:b1:9c:1e:cf:34:ee:05:40:
5e:86:d1:d1:33:66:99:61:db:8d:2d:0d:be:e7:88:
87:42:21:e5:12:da:da:e7:a0:d0:8c:a1:7d:52:94:
99:d3:ad:32:c2:d7:76:1e:30:87:ee:69:25:09:fb:
14:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AC:F0:20:04:5D:BC:37:49:B0:56:05:A8:F2:50:01:CF:9C:C3:12
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9KzwIARdvDdJsFYFqPJQAc-cwxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.239.0/24
Signature Algorithm: sha256WithRSAEncryption
af:90:38:a0:b6:2e:bf:95:ea:3d:ee:cf:cc:55:f6:72:65:ba:
89:57:a7:a9:98:59:02:2f:d8:a5:ed:2f:2c:db:0d:1a:c7:6c:
61:28:22:2c:b9:b8:20:7d:1e:c9:67:8b:67:c0:21:c6:3e:96:
84:4a:67:56:a6:5b:31:31:03:c7:fa:f7:57:7c:b7:95:5d:e1:
d3:bb:57:28:d3:d6:61:26:17:3e:3f:c0:4e:c7:aa:5a:79:fe:
e2:7d:16:d1:8f:62:fa:66:dd:da:8a:e0:2e:90:36:4b:17:e8:
8c:27:8f:a5:3e:51:2f:99:f6:5f:e0:fd:bd:06:dd:d2:69:75:
b9:a3:01:37:5d:2b:ee:ab:f8:e1:bd:08:0b:19:96:a7:8a:57:
3a:7e:5a:12:28:bc:6b:8c:01:01:55:61:f7:76:82:a3:f0:33:
06:b8:c8:06:9a:cf:e8:29:07:6f:90:30:dc:3e:7d:09:92:3e:
4c:b6:9d:8b:93:61:f6:e6:c7:c4:8e:9e:05:8f:c8:f8:3c:1e:
bb:88:3e:e3:b0:53:45:dc:4f:5d:5a:c7:59:02:b2:eb:7c:f8:
a2:03:fc:2c:04:43:3b:4b:8f:9f:78:16:bc:12:99:4f:8b:09:
0c:77:08:d9:6e:a9:90:2a:5d:62:f0:29:16:3b:e3:cd:e8:a8:
0f:10:95:28
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVinqL1cjcbxrLVPioJvh5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMjMwMTA0MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFjZjAyMDA0NWRiYzM3NDliMDU2MDVhOGYyNTAwMWNmOWNjMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPNJDEVhwOXaKieUg5awZZOq4LG9
GwNYkdql4QNHL27hH0E+agMiPZw0Mm1RrYWKayfR0OCrn5Df9Og2Wh7YFopDGWRQ
+PuS2+WZZa07wgvs0pzTdd77L+T1o+xAnrYrZvhOztAxIKjWncFhELgQe/Ia4FoK
dlA2qfVe78shw9M3dpE0JH3TdFcT9SMYtXDJwfasnCzqnFrV3DrYETrk6lGog1Di
3tU5Qtz8rqtEYy7v4uH5lMiWzCMecmmS5zfgz8CoPotxwM6SsZwezzTuBUBehtHR
M2aZYduNLQ2+54iHQiHlEtra56DQjKF9UpSZ060ywtd2HjCH7mklCfsU+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPSs8CAEXbw3SbBWBajyUAHPnMMSMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvOUt6d0lBUmR2RGRKc0ZZRnFQSlFBYy1jd3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNHvMA0G
CSqGSIb3DQEBCwUAA4IBAQCvkDigti6/leo97s/MVfZyZbqJV6epmFkCL9il7S8s
2w0ax2xhKCIsubggfR7JZ4tnwCHGPpaESmdWplsxMQPH+vdXfLeVXeHTu1co09Zh
Jhc+P8BOx6paef7ifRbRj2L6Zt3aiuAukDZLF+iMJ4+lPlEvmfZf4P29Bt3SaXW5
owE3XSvuq/jhvQgLGZanilc6floSKLxrjAEBVWH3doKj8DMGuMgGms/oKQdvkDDc
Pn0Jkj5Mtp2Lk2H25sfEjp4Fj8j4PB67iD7jsFNF3E9dWsdZArLrfPiiA/wsBEM7
S4+feBa8EplPiwkMdwjZbqmQKl1i8CkWO+PN6KgPEJUo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:27 2024 by rpki-client on console-fra.rpki-client.org