Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/IRaHaQsDLDPF11nH5laPg9924iU.roa
File: IRaHaQsDLDPF11nH5laPg9924iU.roa (raw, json)
Hash identifier: C3mN/iA7/mFqx0cFVjcQSPz+0l2cUYxehLnno1oCBOo=
Subject key identifier: 21:16:87:69:0B:03:2C:33:C5:D7:59:C7:E6:56:8F:83:DF:76:E2:25
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0183618AEDD7B6B0D10D870A48D9E62AF1B7
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/IRaHaQsDLDPF11nH5laPg9924iU.roa
Signing time: Wed 21 Sep 2022 19:33:58 +0000
ROA not before: Wed 21 Sep 2022 19:33:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 87.254.3.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
87.254.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:61:8a:ed:d7:b6:b0:d1:0d:87:0a:48:d9:e6:2a:f1:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Sep 21 19:33:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=211687690b032c33c5d759c7e6568f83df76e225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:82:35:c3:94:7c:86:eb:68:70:d8:04:ba:77:
b7:eb:34:01:bb:ec:93:7a:d6:4f:d2:0f:a1:0a:fe:
4c:a4:13:26:5f:8b:1d:f6:3b:dc:f0:26:c5:74:3a:
5e:7b:9a:fa:8f:de:0b:92:c1:bf:82:1c:16:20:cd:
09:fb:87:ea:b5:24:06:67:54:aa:36:82:52:5f:1f:
70:94:46:ef:cc:9f:f7:0a:b8:b3:34:8b:19:ad:c4:
5c:bc:3d:49:d1:6a:6b:1f:ae:a3:79:15:c0:f8:32:
e9:1c:19:11:de:a2:4f:3a:50:1d:a5:a2:ca:e7:16:
76:43:64:e0:85:56:87:54:d2:18:15:4f:7b:a1:1d:
82:e2:7c:67:dd:20:7c:74:95:79:5e:7a:b3:ea:ea:
a6:08:2b:5d:68:f7:42:ee:07:23:18:9e:15:1d:3b:
e4:0f:7a:fc:82:02:8e:00:e3:8c:cb:da:7d:11:0b:
c1:90:31:88:13:ae:66:53:56:cf:be:c9:5a:8e:c0:
50:d6:5a:69:9d:a0:f6:10:14:96:38:9d:36:07:a2:
a5:72:a7:f7:01:af:75:08:09:34:7a:6c:fb:bf:fe:
6c:de:84:04:dd:68:98:5b:66:67:a3:ec:1f:c1:ba:
5d:65:70:42:fb:bd:ff:a9:32:2d:58:f2:80:e9:3c:
79:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:16:87:69:0B:03:2C:33:C5:D7:59:C7:E6:56:8F:83:DF:76:E2:25
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/IRaHaQsDLDPF11nH5laPg9924iU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.3.0/24
87.254.10.0/24
87.254.23.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:05:d7:61:c8:27:2f:fc:9f:30:39:b8:8d:df:67:9e:74:a1:
65:15:5b:4c:73:1a:8d:d8:cb:4c:6b:71:d9:2e:4b:81:e2:7b:
5c:d6:39:67:71:3e:c7:fb:37:9e:84:26:7c:4a:ac:bf:f4:9f:
fd:03:b0:b7:d3:58:53:50:15:d1:4a:54:5d:2d:bd:8a:94:1b:
dc:86:a4:2e:c1:f9:bd:bc:25:c4:ff:e9:9c:43:e0:c3:70:f6:
f4:15:e1:2d:92:9d:a9:64:08:93:a2:a8:ed:1f:a5:ce:65:80:
14:2d:de:fa:4d:43:0b:78:e6:3e:a3:7d:e3:cf:b9:89:67:68:
d7:cc:16:7f:54:ea:15:a2:95:ea:91:5e:36:97:b9:b5:94:1e:
ff:60:9e:c8:3b:26:29:84:38:1c:5e:57:88:e5:af:b8:62:3b:
06:59:8e:32:4a:90:c1:94:64:a9:ff:58:63:de:b5:ec:03:62:
54:1d:bc:57:08:ab:77:37:d2:a4:43:48:a5:5d:d9:53:20:65:
f1:44:f1:6a:ac:9a:c4:2c:9b:b9:0b:32:d7:1b:4b:1d:61:5c:
26:90:b0:d4:46:d5:0d:7b:6e:fc:f6:43:30:b2:30:fe:ef:23:
6d:78:a3:09:5f:40:76:a2:b1:67:45:a1:54:40:25:20:9f:39:
ca:32:dd:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYNhiu3XtrDRDYcKSNnmKvG3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIwOTIxMTkzMzU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTE2ODc2OTBiMDMyYzMzYzVkNzU5YzdlNjU2OGY4M2RmNzZlMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYI1w5R8hutocNgEune36zQBu+yT
etZP0g+hCv5MpBMmX4sd9jvc8CbFdDpee5r6j94LksG/ghwWIM0J+4fqtSQGZ1Sq
NoJSXx9wlEbvzJ/3CrizNIsZrcRcvD1J0WprH66jeRXA+DLpHBkR3qJPOlAdpaLK
5xZ2Q2TghVaHVNIYFU97oR2C4nxn3SB8dJV5Xnqz6uqmCCtdaPdC7gcjGJ4VHTvk
D3r8ggKOAOOMy9p9EQvBkDGIE65mU1bPvslajsBQ1lppnaD2EBSWOJ02B6Klcqf3
Aa91CAk0emz7v/5s3oQE3WiYW2Zno+wfwbpdZXBC+73/qTItWPKA6Tx5AwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCEWh2kLAywzxddZx+ZWj4PfduIlMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvSVJhSGFRc0RMRFBGMTFuSDVsYVBnOTkyNGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV/4DAwQA
V/4KAwQAV/4XMA0GCSqGSIb3DQEBCwUAA4IBAQANBddhyCcv/J8wObiN32eedKFl
FVtMcxqN2MtMa3HZLkuB4ntc1jlncT7H+zeehCZ8Sqy/9J/9A7C301hTUBXRSlRd
Lb2KlBvchqQuwfm9vCXE/+mcQ+DDcPb0FeEtkp2pZAiToqjtH6XOZYAULd76TUML
eOY+o33jz7mJZ2jXzBZ/VOoVopXqkV42l7m1lB7/YJ7IOyYphDgcXleI5a+4YjsG
WY4ySpDBlGSp/1hj3rXsA2JUHbxXCKt3N9KkQ0ilXdlTIGXxRPFqrJrELJu5CzLX
G0sdYVwmkLDURtUNe2789kMwsjD+7yNteKMJX0B2orFnRaFUQCUgnznKMt3l
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org