Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/CstTEmj_kWe2LtQYkDH1OboPip4.roa
File: CstTEmj_kWe2LtQYkDH1OboPip4.roa (raw, json)
Hash identifier: FCMzRXzxGXOxXvTR1UdwQSj90KINkKMHqU255rLCmrg=
Subject key identifier: 0A:CB:53:12:68:FF:91:67:B6:2E:D4:18:90:31:F5:39:BA:0F:8A:9E
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: F4B2
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/CstTEmj_kWe2LtQYkDH1OboPip4.roa
Signing time: Tue 05 Jul 2022 04:01:25 +0000
ROA not before: Tue 05 Jul 2022 04:01:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 171.33.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62642 (0xf4b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jul 5 04:01:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0acb531268ff9167b62ed4189031f539ba0f8a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2b:18:e2:3d:4d:34:73:a0:70:69:2d:4c:b2:
92:93:b9:5f:06:85:74:10:ad:0f:6e:a9:ae:2e:c6:
c2:64:bf:d5:17:2b:28:fa:50:c8:76:4a:f6:69:94:
5e:7d:48:81:df:da:d5:2e:46:8e:01:b2:96:73:3b:
ff:8b:58:36:98:cf:89:0d:87:76:ec:4b:cb:2b:f6:
8f:f9:e5:ab:70:41:5b:5a:42:82:e4:31:21:bd:03:
09:ce:42:c2:07:17:b7:0f:f9:c7:85:8b:b9:29:d7:
06:52:6a:5c:bc:b0:c4:b9:e2:ee:f6:01:97:fc:d6:
77:a1:0d:61:55:6a:3e:31:e7:47:55:36:2f:b1:05:
c7:8e:8e:38:81:15:ac:86:bc:8f:9b:fe:99:fe:92:
af:cd:37:55:70:63:48:24:87:d9:61:d1:7f:7d:58:
80:0e:1b:f2:0d:c6:c3:0b:35:68:a7:c3:49:6b:8a:
74:6f:2a:a8:f2:c2:b5:32:a3:32:44:fa:05:72:b7:
1c:e1:53:e6:8e:cf:98:e8:96:1a:66:f6:9a:cd:1e:
11:01:77:76:47:17:68:c3:28:8c:40:cf:f2:bb:40:
59:73:9f:c2:dc:2c:80:ba:4c:a3:82:67:02:ba:cf:
95:02:c3:e8:5c:4d:67:63:93:b0:44:42:ac:ba:ad:
8c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:CB:53:12:68:FF:91:67:B6:2E:D4:18:90:31:F5:39:BA:0F:8A:9E
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/CstTEmj_kWe2LtQYkDH1OboPip4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:0a:e9:38:f6:6c:81:f7:58:31:49:ec:7f:b9:af:0f:00:46:
5a:dc:27:82:8a:38:f6:4a:d7:4d:f8:50:a7:56:51:f8:57:56:
25:b7:be:94:07:d0:2f:9c:ba:c8:73:85:e5:1b:d4:da:77:da:
06:f0:88:40:d6:53:bb:e2:35:94:bc:18:f2:72:cb:96:70:61:
ab:21:9d:2b:5f:84:7d:6f:0e:e2:6e:d2:f8:89:62:c9:83:4e:
e0:ea:6b:79:b6:8d:d8:48:9f:28:21:c7:a3:2e:72:23:92:8a:
f4:a3:9b:3f:6a:20:82:e0:1c:72:04:7c:7e:fd:79:f8:5d:f5:
52:87:29:9b:b5:6b:a5:1e:bc:8b:84:6a:1c:c6:96:ef:96:70:
f7:67:7c:7b:0e:59:f4:c8:bd:89:35:6f:ba:6d:ff:12:59:45:
61:a6:db:b8:b4:eb:8d:77:ba:8c:c0:0b:21:64:de:b2:f3:93:
5d:47:b1:da:46:d9:df:15:1f:a2:a2:c3:1c:3a:2f:9d:4f:a4:
91:85:e2:43:a8:2f:93:4f:02:94:f6:44:a5:35:be:e1:ab:96:
d5:07:50:eb:5e:84:b3:ad:65:23:3e:48:2f:a6:3d:d6:40:74:
dc:0b:7c:d0:1b:c5:15:87:01:21:35:4d:3b:91:44:f5:11:a4:
f0:ff:a6:93
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAPSyMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFl
NWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMyNTdkYzQwHhcNMjIwNzA1
MDQwMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwYWNiNTMxMjY4ZmY5
MTY3YjYyZWQ0MTg5MDMxZjUzOWJhMGY4YTllMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEApSsY4j1NNHOgcGktTLKSk7lfBoV0EK0PbqmuLsbCZL/VFyso
+lDIdkr2aZRefUiB39rVLkaOAbKWczv/i1g2mM+JDYd27EvLK/aP+eWrcEFbWkKC
5DEhvQMJzkLCBxe3D/nHhYu5KdcGUmpcvLDEueLu9gGX/NZ3oQ1hVWo+MedHVTYv
sQXHjo44gRWshryPm/6Z/pKvzTdVcGNIJIfZYdF/fViADhvyDcbDCzVop8NJa4p0
byqo8sK1MqMyRPoFcrcc4VPmjs+Y6JYaZvaazR4RAXd2RxdowyiMQM/yu0BZc5/C
3CyAukyjgmcCus+VAsPoXE1nY5OwREKsuq2MLwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFArLUxJo/5Fnti7UGJAx9Tm6D4qeMB8GA1UdIwQYMBaAFB5bM0lleIeU1vFH
ovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZlLzEv
Q3N0VEVtal9rV2UyTHRRWWtESDFPYm9QaXA0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85
YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZlLzEvSGxzelNXVjRoNVRX
OFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqyHwMA0GCSqGSIb3DQEBCwUAA4IB
AQDCCuk49myB91gxSex/ua8PAEZa3CeCijj2StdN+FCnVlH4V1Ylt76UB9AvnLrI
c4XlG9Tad9oG8IhA1lO74jWUvBjycsuWcGGrIZ0rX4R9bw7ibtL4iWLJg07g6mt5
to3YSJ8oIcejLnIjkor0o5s/aiCC4BxyBHx+/Xn4XfVShymbtWulHryLhGocxpbv
lnD3Z3x7Dln0yL2JNW+6bf8SWUVhptu4tOuNd7qMwAshZN6y85NdR7HaRtnfFR+i
osMcOi+dT6SRheJDqC+TTwKU9kSlNb7hq5bVB1DrXoSzrWUjPkgvpj3WQHTcC3zQ
G8UVhwEhNU07kUT1EaTw/6aT
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:02 2023 by rpki-client on console-fra.rpki-client.org