Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/fa78bd-03bb-434c-a714-10ad5a8bfd08/1/_tH4CKQlmTlAdzLonCEGyJEP1C0.roa
File: _tH4CKQlmTlAdzLonCEGyJEP1C0.roa (raw, json)
Hash identifier: 2KnmmHQjZIBl+SxlSTeY2NNzD2IGYnwTVUnqejPSqW4=
Subject key identifier: FE:D1:F8:08:A4:25:99:39:40:77:32:E8:9C:21:06:C8:91:0F:D4:2D
Certificate issuer: /CN=02b798bf1b6118db3f38fe69b9d8aa0277c04a0b
Certificate serial: 01831D9D2E3B31154201D47C696F027C7CCC
Authority key identifier: 02:B7:98:BF:1B:61:18:DB:3F:38:FE:69:B9:D8:AA:02:77:C0:4A:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AreYvxthGNs_OP5pudiqAnfASgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/fa78bd-03bb-434c-a714-10ad5a8bfd08/1/_tH4CKQlmTlAdzLonCEGyJEP1C0.roa
Signing time: Thu 08 Sep 2022 14:59:43 +0000
ROA not before: Thu 08 Sep 2022 14:59:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212271
IP address blocks: 88.151.9.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1d:9d:2e:3b:31:15:42:01:d4:7c:69:6f:02:7c:7c:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b798bf1b6118db3f38fe69b9d8aa0277c04a0b
Validity
Not Before: Sep 8 14:59:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fed1f808a4259939407732e89c2106c8910fd42d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d6:45:0c:d5:b6:46:44:9c:cd:bc:a2:b9:19:
78:48:0f:c4:b2:ee:60:fa:d2:a4:9f:ff:2f:d2:d4:
a8:cc:84:3d:00:df:f8:36:5c:fe:7c:bc:4e:ff:07:
01:ac:c9:e1:5e:9f:cf:99:c8:a7:10:be:bc:ba:a8:
e0:41:16:bd:98:c9:e2:bd:ee:5a:18:39:51:a3:c8:
2e:58:13:e2:f1:95:86:1f:80:fb:0b:8c:62:ca:67:
44:68:c1:8e:d5:fa:d8:53:83:77:da:7b:bb:c5:d0:
c8:62:13:84:5d:7f:b1:26:07:50:fe:bd:df:c4:7e:
c4:a5:62:9d:87:14:74:c5:cf:93:d0:0c:95:a6:16:
99:02:44:58:6f:67:fb:70:17:59:4b:6f:bc:8e:ad:
72:f1:f9:01:d1:8c:30:e9:10:a9:a1:fd:a0:76:41:
57:c6:e5:38:41:ec:a2:f5:e5:a5:08:95:55:9e:d7:
2e:c7:31:49:8c:64:24:98:d6:69:21:a1:77:12:ed:
57:1e:53:10:23:5e:f5:87:99:b1:16:62:a7:e4:d4:
5f:25:3f:cd:bd:57:0a:62:b0:b9:80:f3:bf:31:0e:
b4:b3:f0:da:01:54:dd:c5:15:ce:59:b3:10:bb:a8:
d5:d1:ee:79:ed:27:dd:e0:cd:0e:07:69:b3:18:71:
76:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:D1:F8:08:A4:25:99:39:40:77:32:E8:9C:21:06:C8:91:0F:D4:2D
X509v3 Authority Key Identifier:
keyid:02:B7:98:BF:1B:61:18:DB:3F:38:FE:69:B9:D8:AA:02:77:C0:4A:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AreYvxthGNs_OP5pudiqAnfASgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/fa78bd-03bb-434c-a714-10ad5a8bfd08/1/_tH4CKQlmTlAdzLonCEGyJEP1C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/fa78bd-03bb-434c-a714-10ad5a8bfd08/1/AreYvxthGNs_OP5pudiqAnfASgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.9.0/24
Signature Algorithm: sha256WithRSAEncryption
33:af:95:8a:ec:ce:41:66:04:8f:f3:ee:31:2a:fd:3c:cc:92:
3e:e2:5a:be:81:0e:4c:a0:54:63:9c:a0:13:06:16:03:91:97:
4a:f3:71:ce:be:dd:8c:27:22:9d:78:31:3f:8c:71:cc:9f:63:
13:35:a5:2c:0f:5d:f7:cd:4f:a4:0a:f9:ad:e5:14:58:e9:a1:
0a:53:2f:f0:ff:df:9b:15:4a:a5:a5:00:86:3c:28:bd:e1:98:
9d:89:9a:b0:2a:09:ca:b8:fb:cb:d8:cd:ae:47:f3:b1:5e:6e:
14:52:b3:0a:6d:fa:1c:1a:45:7f:81:ca:09:41:6a:64:03:61:
b4:06:18:87:9a:3e:04:7a:cb:55:3e:bc:4a:82:6e:1b:d2:90:
fd:0d:55:88:4b:96:be:da:f1:7e:c4:cf:43:23:fb:b0:30:c8:
91:96:da:f3:de:be:89:2e:90:4c:db:fa:54:92:10:2b:55:bf:
11:fe:fc:88:c0:ef:ee:90:d3:97:d1:be:aa:25:2d:2c:9c:3d:
f9:d5:dc:2a:57:5b:e8:0c:30:92:2a:e0:b6:ad:40:7a:94:47:
48:be:97:69:96:0e:5b:71:13:8b:23:cb:68:37:d1:7b:a5:e8:
48:49:17:ca:f9:69:01:ce:bc:96:2a:8b:ac:b9:fd:8f:24:97:
13:37:50:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMdnS47MRVCAdR8aW8CfHzMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYjc5OGJmMWI2MTE4ZGIzZjM4ZmU2OWI5ZDhhYTAyNzdj
MDRhMGIwHhcNMjIwOTA4MTQ1OTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWQxZjgwOGE0MjU5OTM5NDA3NzMyZTg5YzIxMDZjODkxMGZkNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstZFDNW2RkSczbyiuRl4SA/Esu5g
+tKkn/8v0tSozIQ9AN/4Nlz+fLxO/wcBrMnhXp/PmcinEL68uqjgQRa9mMnive5a
GDlRo8guWBPi8ZWGH4D7C4xiymdEaMGO1frYU4N32nu7xdDIYhOEXX+xJgdQ/r3f
xH7EpWKdhxR0xc+T0AyVphaZAkRYb2f7cBdZS2+8jq1y8fkB0Yww6RCpof2gdkFX
xuU4Qeyi9eWlCJVVntcuxzFJjGQkmNZpIaF3Eu1XHlMQI171h5mxFmKn5NRfJT/N
vVcKYrC5gPO/MQ60s/DaAVTdxRXOWbMQu6jV0e557Sfd4M0OB2mzGHF2cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP7R+AikJZk5QHcy6JwhBsiRD9QtMB8GA1UdIwQY
MBaAFAK3mL8bYRjbPzj+abnYqgJ3wEoLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJlWXZ4dGhHTnNfT1A1cHVkaXFBbmZBU2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mYTc4YmQtMDNiYi00MzRjLWE3MTQt
MTBhZDVhOGJmZDA4LzEvX3RINENLUWxtVGxBZHpMb25DRUd5SkVQMUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mYTc4YmQtMDNiYi00MzRjLWE3MTQtMTBhZDVhOGJmZDA4
LzEvQXJlWXZ4dGhHTnNfT1A1cHVkaXFBbmZBU2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWJcJMA0G
CSqGSIb3DQEBCwUAA4IBAQAzr5WK7M5BZgSP8+4xKv08zJI+4lq+gQ5MoFRjnKAT
BhYDkZdK83HOvt2MJyKdeDE/jHHMn2MTNaUsD133zU+kCvmt5RRY6aEKUy/w/9+b
FUqlpQCGPCi94ZidiZqwKgnKuPvL2M2uR/OxXm4UUrMKbfocGkV/gcoJQWpkA2G0
BhiHmj4EestVPrxKgm4b0pD9DVWIS5a+2vF+xM9DI/uwMMiRltrz3r6JLpBM2/pU
khArVb8R/vyIwO/ukNOX0b6qJS0snD351dwqV1voDDCSKuC2rUB6lEdIvpdplg5b
cROLI8toN9F7pehISRfK+WkBzryWKousuf2PJJcTN1Dc
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:58 2023 by rpki-client on console-ams.rpki-client.org