Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/tFfFc_9KYemn985cXGNaUSOXIgI.roa
File: tFfFc_9KYemn985cXGNaUSOXIgI.roa (raw, json)
Hash identifier: Z8APLjw5AUirS4gGcwMScg8qkcYH8tKqOwUnnDtZRzY=
Subject key identifier: B4:57:C5:73:FF:4A:61:E9:A7:F7:CE:5C:5C:63:5A:51:23:97:22:02
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 01832D438552E4A6F131A582A425B3EB08E5
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/tFfFc_9KYemn985cXGNaUSOXIgI.roa
Signing time: Sun 11 Sep 2022 15:55:43 +0000
ROA not before: Sun 11 Sep 2022 15:55:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 171.33.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:2d:43:85:52:e4:a6:f1:31:a5:82:a4:25:b3:eb:08:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Sep 11 15:55:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b457c573ff4a61e9a7f7ce5c5c635a5123972202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:32:c6:99:ad:86:be:b0:57:4e:a1:e4:5d:6e:
d6:ca:93:e9:87:f4:97:ac:60:39:03:b0:5d:4c:59:
79:be:87:1d:f0:8f:9d:5a:11:ad:30:52:49:9a:d6:
2a:67:8d:fc:79:9a:59:36:88:3f:d9:a4:15:2a:a5:
ca:93:4a:85:6f:f3:4a:0b:c1:47:6f:9e:ca:8b:c0:
27:8b:18:31:43:7e:f5:11:8d:ec:f8:66:a7:be:8b:
98:b5:8a:e9:8a:b8:1a:0a:7c:de:96:00:fb:41:61:
30:41:07:b8:50:a7:b9:50:70:3f:8f:a9:a1:64:ff:
c3:fe:1d:fb:1a:e1:42:e7:50:f6:f8:70:45:19:b3:
aa:69:c1:08:b9:af:1c:14:9b:1c:9f:50:3c:cb:8c:
be:4d:52:3b:ad:a0:5c:d1:ab:ed:33:2f:3a:f3:a6:
3d:8d:ab:a5:99:9e:1c:f8:3d:29:46:ec:4e:8d:cc:
af:8f:20:e2:f8:09:58:29:27:49:e7:8a:b4:30:37:
5e:e8:30:e7:61:1c:bd:7b:5d:57:d7:0b:96:60:00:
41:6f:16:f3:5d:07:75:b8:fc:03:b5:bf:6d:94:5d:
83:5e:94:3f:0b:fd:3e:5f:31:92:c7:4a:93:9b:da:
d4:e5:3d:a4:ae:50:45:42:46:f7:1b:0c:09:fe:3b:
8e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:57:C5:73:FF:4A:61:E9:A7:F7:CE:5C:5C:63:5A:51:23:97:22:02
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/tFfFc_9KYemn985cXGNaUSOXIgI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.33.240.0/24
Signature Algorithm: sha256WithRSAEncryption
49:18:74:8e:0e:5d:f5:49:c0:89:0b:f9:0b:87:c9:96:05:8a:
b5:87:10:0e:ba:ae:f2:02:fa:ea:a0:9a:17:88:3e:4e:02:3d:
80:37:3e:bf:35:dc:32:fb:c1:4f:b9:55:db:94:21:25:f1:57:
83:6a:df:01:95:4f:0a:ba:32:eb:3f:87:40:57:2d:71:ae:88:
97:90:8c:48:bc:db:35:07:33:8e:66:8f:e7:86:a0:56:d6:c2:
f7:ca:17:3d:93:03:9f:1f:73:86:0b:7a:2f:f2:2b:4a:22:87:
4a:f5:f7:27:41:ba:3b:97:ba:5c:37:44:38:4d:e8:86:63:97:
66:23:da:99:43:28:25:a0:69:a6:24:03:ab:e6:37:d8:f9:37:
4d:f3:8a:10:c7:b7:9a:a1:e1:09:f6:47:df:3b:79:7e:21:8b:
fb:b1:39:4b:21:b0:c1:cb:e7:3f:ff:e3:e9:8a:f5:ba:17:ba:
3d:1d:82:60:69:fd:62:03:9b:d8:35:30:9e:51:ac:73:97:cb:
3c:1c:5b:bc:ee:d0:de:95:1c:7a:a0:2f:d5:f4:f6:c1:80:04:
96:24:d2:e4:f9:98:7e:bf:80:2f:1d:b0:a4:9f:4a:b8:36:0e:
d5:78:ba:de:89:5d:e2:ee:88:33:b3:81:92:8d:09:be:5e:70:
07:90:9d:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMtQ4VS5KbxMaWCpCWz6wjlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjIwOTExMTU1NTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDU3YzU3M2ZmNGE2MWU5YTdmN2NlNWM1YzYzNWE1MTIzOTcyMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDLGma2GvrBXTqHkXW7WypPph/SX
rGA5A7BdTFl5vocd8I+dWhGtMFJJmtYqZ438eZpZNog/2aQVKqXKk0qFb/NKC8FH
b57Ki8AnixgxQ371EY3s+GanvouYtYrpirgaCnzelgD7QWEwQQe4UKe5UHA/j6mh
ZP/D/h37GuFC51D2+HBFGbOqacEIua8cFJscn1A8y4y+TVI7raBc0avtMy8686Y9
jaulmZ4c+D0pRuxOjcyvjyDi+AlYKSdJ54q0MDde6DDnYRy9e11X1wuWYABBbxbz
XQd1uPwDtb9tlF2DXpQ/C/0+XzGSx0qTm9rU5T2krlBFQkb3GwwJ/juOvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRXxXP/SmHpp/fOXFxjWlEjlyICMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvdEZmRmNfOUtZZW1uOTg1Y1hHTmFVU09YSWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqyHwMA0G
CSqGSIb3DQEBCwUAA4IBAQBJGHSODl31ScCJC/kLh8mWBYq1hxAOuq7yAvrqoJoX
iD5OAj2ANz6/Ndwy+8FPuVXblCEl8VeDat8BlU8KujLrP4dAVy1xroiXkIxIvNs1
BzOOZo/nhqBW1sL3yhc9kwOfH3OGC3ov8itKIodK9fcnQbo7l7pcN0Q4TeiGY5dm
I9qZQygloGmmJAOr5jfY+TdN84oQx7eaoeEJ9kffO3l+IYv7sTlLIbDBy+c//+Pp
ivW6F7o9HYJgaf1iA5vYNTCeUaxzl8s8HFu87tDelRx6oC/V9PbBgASWJNLk+Zh+
v4AvHbCkn0q4Ng7VeLreiV3i7ogzs4GSjQm+XnAHkJ25
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:59 2024 by rpki-client on console-ams.rpki-client.org