Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CJqLrb965q5jPamHJJrCSycjDIk.roa
File: CJqLrb965q5jPamHJJrCSycjDIk.roa (raw, json)
Hash identifier: 5WXlAHeOeSv0FrDBctydJvkiw2IpGX1yyMxBn1s3f7Q=
Subject key identifier: 08:9A:8B:AD:BF:7A:E6:AE:63:3D:A9:87:24:9A:C2:4B:27:23:0C:89
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018515BCBEEEF428FE03DB89BE8AFA195EDB
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CJqLrb965q5jPamHJJrCSycjDIk.roa
Signing time: Thu 15 Dec 2022 12:22:49 +0000
ROA not before: Thu 15 Dec 2022 12:22:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 88.209.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:15:bc:be:ee:f4:28:fe:03:db:89:be:8a:fa:19:5e:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Dec 15 12:22:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=089a8badbf7ae6ae633da987249ac24b27230c89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d7:c0:86:ff:14:68:fb:af:82:62:ae:05:75:
32:1b:6c:ae:75:3f:2c:9f:25:03:42:00:8b:f0:8b:
c4:b0:fa:a2:46:8e:f2:f7:6a:1e:ee:87:9e:37:49:
5e:2b:8f:c0:2d:00:05:7d:40:48:b5:a8:e3:1d:85:
14:10:91:fd:0d:7f:07:90:47:7f:6e:06:3b:36:68:
7c:c9:31:78:d9:01:01:9e:74:3a:98:85:e1:5e:14:
72:a3:9b:7b:f1:03:6b:7f:fc:92:55:3b:17:89:f8:
85:59:6a:43:3e:09:d1:bd:97:53:ed:02:c9:4a:c8:
5a:8a:9d:37:d4:7d:de:91:89:67:34:c2:09:d9:65:
c2:99:7c:55:3f:9f:70:ff:b7:b9:af:63:91:4e:d5:
d9:55:f2:f1:d4:f0:18:4e:61:5d:70:71:02:ad:ae:
40:9b:a6:da:7c:23:53:6d:10:4d:f5:35:a4:5e:40:
bb:68:78:77:f7:c7:39:d8:a4:2c:78:2c:31:d2:cc:
22:51:a8:6d:7a:30:25:e5:8a:8c:ee:cc:6c:fe:83:
ed:d5:50:bc:b2:7e:eb:fc:32:1d:fd:18:85:5b:75:
31:e7:70:52:1d:42:9f:0c:03:72:ef:b2:9d:14:e9:
1f:5c:bc:ba:bf:91:79:90:01:3b:90:57:4c:93:0f:
dd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:9A:8B:AD:BF:7A:E6:AE:63:3D:A9:87:24:9A:C2:4B:27:23:0C:89
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/CJqLrb965q5jPamHJJrCSycjDIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.248.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:92:29:db:0f:09:fa:35:89:87:94:be:cc:65:ce:32:d3:28:
67:0b:02:1a:6f:ba:e1:98:39:fc:d7:da:ba:6e:62:cd:67:b4:
ed:11:9a:49:52:91:67:4c:3e:f7:c5:c6:15:e3:c7:6a:7d:54:
68:b6:7b:db:e6:bb:4f:6e:b0:ee:b5:65:9a:a0:e4:4a:55:d7:
ef:ec:af:57:bd:9a:99:b9:ed:07:07:f7:1e:01:a9:02:03:96:
72:d2:18:9b:a6:cc:9c:27:7e:ce:3b:09:36:5b:16:e3:80:8c:
98:98:06:66:8d:ff:77:6f:43:ba:95:a1:37:d5:6a:50:20:29:
78:49:8a:a6:56:48:8e:72:d4:ba:9c:fb:9c:b1:f1:b7:aa:ba:
d2:ab:66:cb:84:6d:88:5a:a8:bb:c6:c9:49:dd:53:da:a3:09:
8f:a2:fc:2a:4c:6d:c1:a8:ab:c1:b5:51:8c:0c:85:c5:0d:2c:
78:ed:05:76:28:5b:7f:19:41:9a:21:d6:67:9a:2c:6b:ac:b9:
c5:b7:8e:88:df:c6:eb:a7:de:c0:06:a6:3d:c7:4d:ee:5f:35:
ec:e4:26:a3:58:ff:1f:c9:05:b3:94:3a:75:24:4b:e1:3c:0f:
5a:77:06:d4:1b:48:6c:98:4a:8d:2e:c0:a8:8a:d0:79:d4:9f:
56:21:b6:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUVvL7u9Cj+A9uJvor6GV7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMjE1MTIyMjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODlhOGJhZGJmN2FlNmFlNjMzZGE5ODcyNDlhYzI0YjI3MjMwYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9fAhv8UaPuvgmKuBXUyG2yudT8s
nyUDQgCL8IvEsPqiRo7y92oe7oeeN0leK4/ALQAFfUBItajjHYUUEJH9DX8HkEd/
bgY7Nmh8yTF42QEBnnQ6mIXhXhRyo5t78QNrf/ySVTsXifiFWWpDPgnRvZdT7QLJ
Sshaip031H3ekYlnNMIJ2WXCmXxVP59w/7e5r2ORTtXZVfLx1PAYTmFdcHECra5A
m6bafCNTbRBN9TWkXkC7aHh398c52KQseCwx0swiUahtejAl5YqM7sxs/oPt1VC8
sn7r/DId/RiFW3Ux53BSHUKfDANy77KdFOkfXLy6v5F5kAE7kFdMkw/dEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAiai62/euauYz2phySawksnIwyJMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvQ0pxTHJiOTY1cTVqUGFtSEpKckNTeWNqRElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNH4MA0G
CSqGSIb3DQEBCwUAA4IBAQAakinbDwn6NYmHlL7MZc4y0yhnCwIab7rhmDn819q6
bmLNZ7TtEZpJUpFnTD73xcYV48dqfVRotnvb5rtPbrDutWWaoORKVdfv7K9XvZqZ
ue0HB/ceAakCA5Zy0hibpsycJ37OOwk2WxbjgIyYmAZmjf93b0O6laE31WpQICl4
SYqmVkiOctS6nPucsfG3qrrSq2bLhG2IWqi7xslJ3VPaowmPovwqTG3BqKvBtVGM
DIXFDSx47QV2KFt/GUGaIdZnmixrrLnFt46I38brp97ABqY9x03uXzXs5CajWP8f
yQWzlDp1JEvhPA9adwbUG0hsmEqNLsCoitB51J9WIbYW
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:51 2023 by rpki-client on console-ams.rpki-client.org