Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/izodxgs8ghacUY_n8MVJE3HAsI0.roa
File: izodxgs8ghacUY_n8MVJE3HAsI0.roa (raw, json)
Hash identifier: AOX/hP+GjWNNJCGAeiFpeqjja4+d49AACR/hbklkSeQ=
Subject key identifier: 8B:3A:1D:C6:0B:3C:82:16:9C:51:8F:E7:F0:C5:49:13:71:C0:B0:8D
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01827CE19EFB7F9F6BDF7403E6AF4AF4AF3D
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/izodxgs8ghacUY_n8MVJE3HAsI0.roa
Signing time: Mon 08 Aug 2022 09:55:37 +0000
ROA not before: Mon 08 Aug 2022 09:55:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 88.209.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7c:e1:9e:fb:7f:9f:6b:df:74:03:e6:af:4a:f4:af:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 8 09:55:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b3a1dc60b3c82169c518fe7f0c5491371c0b08d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:01:fc:67:95:cb:12:f8:15:30:9e:80:11:ce:
bc:68:63:20:1e:a8:de:c8:23:01:82:91:c3:f8:e2:
df:92:c1:26:4e:30:a8:8c:67:9e:ca:2f:ba:99:f0:
d4:35:37:57:33:65:f9:6e:d2:90:9a:18:42:1a:bc:
29:f2:61:47:ce:54:53:45:ef:97:c5:f6:f6:5c:68:
e0:ab:a8:44:cf:9e:92:3f:d7:8d:55:30:44:d0:37:
37:9b:69:e0:34:9c:9f:34:60:cc:d9:99:a3:5c:05:
ee:fb:57:f7:2b:36:13:c9:97:a2:8d:33:c8:6c:f1:
5e:9c:85:3f:f8:f8:4c:7c:92:42:f8:66:1e:31:3d:
12:54:0a:62:98:d3:5b:d3:10:43:5e:65:4a:2a:d2:
d7:60:5c:86:95:5a:b6:60:4f:4f:1e:52:7e:d9:a9:
b1:7a:0d:18:10:ed:d2:52:d5:38:56:c6:14:b1:74:
16:3d:3b:7c:19:79:c9:f3:95:08:c3:1c:3b:7a:f1:
56:26:71:12:50:a3:b6:0f:5c:5c:d5:d2:84:f3:10:
a7:3c:a4:8c:34:91:ad:a1:cc:df:67:42:ee:31:d7:
f6:d1:1c:76:ba:90:23:b9:d2:c1:04:e0:65:19:27:
5f:6f:88:f7:7c:38:0d:2b:93:0b:7a:38:8a:09:2f:
6b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3A:1D:C6:0B:3C:82:16:9C:51:8F:E7:F0:C5:49:13:71:C0:B0:8D
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/izodxgs8ghacUY_n8MVJE3HAsI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.248.0/24
Signature Algorithm: sha256WithRSAEncryption
47:ba:a8:0b:79:48:03:03:66:b1:db:93:41:e9:e5:4d:e6:cd:
eb:90:31:ac:22:6e:fd:f2:2e:99:e2:f5:3a:23:be:76:95:4d:
64:8e:c1:d3:36:58:a1:2e:b8:14:20:19:98:ca:9b:05:4c:a6:
8e:6d:ea:17:b1:30:27:c1:5b:ca:23:40:d9:6c:1b:bd:b0:52:
82:11:20:7c:8f:75:22:bd:00:cd:10:e5:d2:b8:a8:e7:83:b3:
4a:e6:48:bc:c2:9d:94:a6:be:e2:81:e4:cd:f4:09:ca:9c:4d:
3e:73:c2:c1:02:9e:06:2a:b8:98:fb:72:88:b8:78:39:9e:7e:
4e:67:dc:8b:36:07:4d:75:14:e1:a0:c2:3a:a5:2b:5c:99:4f:
94:e8:b0:98:2b:5c:a8:a8:97:2a:68:a9:e8:9e:ff:a3:0e:c3:
c1:99:b7:7b:1c:11:53:59:5f:1f:2a:63:ce:90:f2:e4:ab:e6:
52:27:2b:ab:2a:3e:bc:13:b0:74:aa:3c:37:9f:de:95:b3:ea:
2b:1b:93:08:61:7a:b9:03:15:04:3d:77:9c:11:a7:66:cc:d6:
fa:ca:c5:cc:5c:3e:ab:3a:94:6b:6b:d9:7e:14:61:96:a0:3f:
49:4e:4b:13:e4:a4:07:ef:a1:9c:62:37:e3:85:f5:aa:12:06:
f0:0b:ca:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJ84Z77f59r33QD5q9K9K89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwODA4MDk1NTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNhMWRjNjBiM2M4MjE2OWM1MThmZTdmMGM1NDkxMzcxYzBiMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwH8Z5XLEvgVMJ6AEc68aGMgHqje
yCMBgpHD+OLfksEmTjCojGeeyi+6mfDUNTdXM2X5btKQmhhCGrwp8mFHzlRTRe+X
xfb2XGjgq6hEz56SP9eNVTBE0Dc3m2ngNJyfNGDM2ZmjXAXu+1f3KzYTyZeijTPI
bPFenIU/+PhMfJJC+GYeMT0SVApimNNb0xBDXmVKKtLXYFyGlVq2YE9PHlJ+2amx
eg0YEO3SUtU4VsYUsXQWPTt8GXnJ85UIwxw7evFWJnESUKO2D1xc1dKE8xCnPKSM
NJGtoczfZ0LuMdf20Rx2upAjudLBBOBlGSdfb4j3fDgNK5MLejiKCS9reQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIs6HcYLPIIWnFGP5/DFSRNxwLCNMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvaXpvZHhnczhnaGFjVVlfbjhNVkpFM0hBc0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNH4MA0G
CSqGSIb3DQEBCwUAA4IBAQBHuqgLeUgDA2ax25NB6eVN5s3rkDGsIm798i6Z4vU6
I752lU1kjsHTNlihLrgUIBmYypsFTKaObeoXsTAnwVvKI0DZbBu9sFKCESB8j3Ui
vQDNEOXSuKjng7NK5ki8wp2Upr7igeTN9AnKnE0+c8LBAp4GKriY+3KIuHg5nn5O
Z9yLNgdNdRThoMI6pStcmU+U6LCYK1yoqJcqaKnonv+jDsPBmbd7HBFTWV8fKmPO
kPLkq+ZSJyurKj68E7B0qjw3n96Vs+orG5MIYXq5AxUEPXecEadmzNb6ysXMXD6r
OpRra9l+FGGWoD9JTksT5KQH76GcYjfjhfWqEgbwC8pX
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:52 2023 by rpki-client on console-ams.rpki-client.org