Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/itKUy5EyQWuTWY50nfVNybYhqE8.roa
File: itKUy5EyQWuTWY50nfVNybYhqE8.roa (raw, json)
Hash identifier: SgAD/DGydW9Bk4J6H9T1PTYTVBBB05GGxEseQqo1G/s=
Subject key identifier: 8A:D2:94:CB:91:32:41:6B:93:59:8E:74:9D:F5:4D:C9:B6:21:A8:4F
Certificate issuer: /CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Certificate serial: 0A0AF0E0
Authority key identifier: E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/itKUy5EyQWuTWY50nfVNybYhqE8.roa
Signing time: Sat 01 Jan 2022 02:58:20 +0000
ROA not before: Sat 01 Jan 2022 02:58:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39311
IP address blocks: 87.237.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168489184 (0xa0af0e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Validity
Not Before: Jan 1 02:58:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ad294cb9132416b93598e749df54dc9b621a84f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f3:c3:6a:f4:4f:10:9b:80:e1:22:2f:07:8a:
27:ec:ac:6d:28:71:05:e2:56:c2:0f:41:d1:28:85:
8f:ab:1a:71:68:39:9a:1d:df:6a:4c:b9:22:55:4f:
4d:77:ac:3a:fb:54:56:08:65:6a:4b:c7:a0:5d:a7:
d3:fe:16:e8:91:b5:a6:b1:75:bc:a5:3e:aa:32:51:
60:48:12:af:9d:39:46:b6:ee:16:e2:ac:9f:d5:51:
c1:df:b3:22:8d:2d:c2:6e:08:27:a3:11:db:cc:1e:
43:b9:26:c9:2b:b9:3b:b1:47:d0:dd:8f:8b:83:f7:
dc:36:55:4e:55:6e:16:90:17:4d:2f:8a:d5:9a:80:
a8:80:3c:2e:2c:5d:bd:37:7a:04:d3:a2:b5:80:83:
d4:dc:ce:2b:f6:ed:df:3c:a9:8c:8c:b2:c2:03:9c:
af:07:26:35:9c:4d:88:af:03:2d:cc:60:1c:14:35:
d5:7b:2d:fd:8f:f7:31:43:9d:5a:ec:de:7c:cc:cc:
34:20:70:67:b3:41:6c:42:58:70:93:a8:11:8b:26:
cc:46:0d:b7:9e:43:b7:5b:54:2d:6d:5c:9f:e4:5a:
f0:fc:b7:4c:66:f8:a6:57:33:e2:12:87:13:23:2b:
98:06:31:a3:2a:1c:42:cb:dc:73:d2:3c:e5:7b:a9:
c5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D2:94:CB:91:32:41:6B:93:59:8E:74:9D:F5:4D:C9:B6:21:A8:4F
X509v3 Authority Key Identifier:
keyid:E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/itKUy5EyQWuTWY50nfVNybYhqE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/6T86Qea-UkEVxsK1WLwoAEOgIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.200.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:58:e6:a8:f1:65:1d:29:1d:54:be:ec:82:ca:c6:b1:c1:bb:
9a:68:a0:b1:a7:be:cf:c7:46:b2:1b:15:a5:af:2d:72:08:d7:
80:0f:af:d1:34:41:e3:e6:cc:66:3f:4d:6d:8f:45:16:97:60:
c0:0d:5f:63:6c:34:d0:2d:05:ad:6a:ac:80:b4:99:e7:fa:52:
17:f2:db:ea:b5:bf:48:50:84:b4:e5:d1:9a:5e:8d:d6:cd:ad:
f9:5f:fa:d1:4d:e2:7c:7a:c9:36:88:f3:be:96:08:22:08:cb:
e7:16:35:e5:c4:31:d0:9b:48:1a:b1:8d:f2:a1:b7:86:30:3a:
ee:56:69:1d:ab:ee:f0:64:a4:0c:eb:de:4c:78:ab:30:cf:6f:
60:88:c6:f6:2c:f1:2f:7c:5c:14:14:4d:48:a1:4c:6c:61:1e:
37:de:70:bf:ae:d4:f3:e7:73:6e:e1:c0:4f:3e:9e:4e:0e:ea:
98:0f:17:1d:8d:7d:d2:ed:34:d7:15:35:4b:b8:fb:8c:3f:f9:
cc:6f:5e:96:28:54:4c:40:40:29:90:2f:9e:ef:2a:ee:a1:d4:
cb:b2:45:29:6e:ba:97:30:42:65:ce:2f:87:51:85:be:37:7b:
a3:78:de:ae:61:59:3d:ff:70:68:49:28:b0:9b:c8:bf:13:90:
5d:b7:1e:a5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECgrw4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTNmM2E0MWU2YmU1MjQxMTVjNmMyYjU1OGJjMjgwMDQzYTAyMjRlMB4XDTIyMDEw
MTAyNTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFkMjk0Y2I5MTMy
NDE2YjkzNTk4ZTc0OWRmNTRkYzliNjIxYTg0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXzw2r0TxCbgOEiLweKJ+ysbShxBeJWwg9B0SiFj6sacWg5
mh3faky5IlVPTXesOvtUVghlakvHoF2n0/4W6JG1prF1vKU+qjJRYEgSr505Rrbu
FuKsn9VRwd+zIo0twm4IJ6MR28weQ7kmySu5O7FH0N2Pi4P33DZVTlVuFpAXTS+K
1ZqAqIA8LixdvTd6BNOitYCD1NzOK/bt3zypjIyywgOcrwcmNZxNiK8DLcxgHBQ1
1Xst/Y/3MUOdWuzefMzMNCBwZ7NBbEJYcJOoEYsmzEYNt55Dt1tULW1cn+Ra8Py3
TGb4plcz4hKHEyMrmAYxoyocQsvcc9I85XupxUMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSK0pTLkTJBa5NZjnSd9U3JtiGoTzAfBgNVHSMEGDAWgBTpPzpB5r5SQRXG
wrVYvCgAQ6AiTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZUODZRZWEtVWtFVnhzSzFXTHdvQUVPZ0lrNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvYTE3NDBlLTg0MDQtNDJkMi1hZjVjLTEwZTI0NjI1YTRkNC8x
L2l0S1V5NUV5UVd1VFdZNTBuZlZOeWJZaHFFOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
YTE3NDBlLTg0MDQtNDJkMi1hZjVjLTEwZTI0NjI1YTRkNC8xLzZUODZRZWEtVWtF
VnhzSzFXTHdvQUVPZ0lrNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFftyDANBgkqhkiG9w0BAQsFAAOC
AQEAK1jmqPFlHSkdVL7sgsrGscG7mmigsae+z8dGshsVpa8tcgjXgA+v0TRB4+bM
Zj9NbY9FFpdgwA1fY2w00C0FrWqsgLSZ5/pSF/Lb6rW/SFCEtOXRml6N1s2t+V/6
0U3ifHrJNojzvpYIIgjL5xY15cQx0JtIGrGN8qG3hjA67lZpHavu8GSkDOveTHir
MM9vYIjG9izxL3xcFBRNSKFMbGEeN95wv67U8+dzbuHATz6eTg7qmA8XHY190u00
1xU1S7j7jD/5zG9elihUTEBAKZAvnu8q7qHUy7JFKW66lzBCZc4vh1GFvjd7o3je
rmFZPf9waEkosJvIvxOQXbcepQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:49 2023 by rpki-client on console-ams.rpki-client.org