Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/xSKfv2V6u71KGalD1Hbr6rnAKMQ.roa
File: xSKfv2V6u71KGalD1Hbr6rnAKMQ.roa (raw, json)
Hash identifier: +ZgFO8CyEOfhGhHu+8lhIUrAYBcZ2mNuHwoznBe4Iek=
Subject key identifier: C5:22:9F:BF:65:7A:BB:BD:4A:19:A9:43:D4:76:EB:EA:B9:C0:28:C4
Certificate issuer: /CN=2db616f3ad0363e7269cc2eb58d1bc086cc975f2
Certificate serial: 1266F64D
Authority key identifier: 2D:B6:16:F3:AD:03:63:E7:26:9C:C2:EB:58:D1:BC:08:6C:C9:75:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LbYW860DY-cmnMLrWNG8CGzJdfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/xSKfv2V6u71KGalD1Hbr6rnAKMQ.roa
Signing time: Sat 01 Jan 2022 02:52:55 +0000
ROA not before: Sat 01 Jan 2022 02:52:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51056
IP address blocks: 109.233.192.0/21 maxlen: 24
185.64.236.0/22 maxlen: 24
2a02:1618::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 308737613 (0x1266f64d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2db616f3ad0363e7269cc2eb58d1bc086cc975f2
Validity
Not Before: Jan 1 02:52:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5229fbf657abbbd4a19a943d476ebeab9c028c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:47:17:3d:4f:0b:48:3a:7d:a0:3b:45:64:2e:
68:9d:28:6d:bc:5e:7b:a5:16:87:79:2a:f2:32:c6:
7e:b4:97:95:df:10:6d:32:f3:15:07:bd:ba:d4:26:
c7:33:58:2a:c7:59:d0:e5:99:90:46:d4:b9:be:5c:
1c:b0:aa:db:f8:17:ef:44:83:67:e3:a9:65:f9:12:
44:9d:c9:81:bf:8d:84:2a:48:2f:40:a0:ba:b3:15:
b4:8d:8f:28:50:5c:93:09:37:3c:ee:41:dc:c3:21:
3c:c2:c1:27:ed:a1:8d:44:c2:8b:af:f8:d6:9f:39:
3b:5f:b4:80:50:5c:0e:c5:5b:08:80:07:2d:cd:b6:
38:e1:0c:e8:49:f9:67:c4:1a:37:ee:8e:1e:4e:42:
83:0a:a7:10:e0:ea:4c:b3:14:e9:dd:d7:c8:a5:74:
0f:38:95:71:62:f3:39:32:86:2e:aa:69:3c:63:b8:
09:e7:35:19:91:e9:f2:d9:ca:0a:4d:70:73:19:08:
e8:af:91:75:c2:28:cc:7c:bd:86:52:0a:1a:10:b8:
80:bc:53:87:13:0f:6f:72:b3:95:a8:8e:a4:27:fd:
8d:eb:83:03:68:9a:8b:f6:22:c8:1e:98:f7:fc:6c:
b5:85:4e:0c:38:fd:7d:35:0d:1b:9f:c1:de:dd:48:
af:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:22:9F:BF:65:7A:BB:BD:4A:19:A9:43:D4:76:EB:EA:B9:C0:28:C4
X509v3 Authority Key Identifier:
keyid:2D:B6:16:F3:AD:03:63:E7:26:9C:C2:EB:58:D1:BC:08:6C:C9:75:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LbYW860DY-cmnMLrWNG8CGzJdfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/xSKfv2V6u71KGalD1Hbr6rnAKMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/2a226d-c72c-4c12-bbba-a4b55a71c228/1/LbYW860DY-cmnMLrWNG8CGzJdfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.192.0/21
185.64.236.0/22
IPv6:
2a02:1618::/32
Signature Algorithm: sha256WithRSAEncryption
3c:a0:07:9a:ad:cc:3b:e3:82:71:97:3e:bd:5c:35:e1:c8:5c:
d1:2f:e7:99:20:da:f9:79:31:fa:c0:82:61:1c:56:82:24:96:
86:41:a1:ef:26:ef:67:13:05:2c:8c:b4:c2:80:ab:f3:34:97:
86:63:95:36:88:f7:34:8e:b1:3f:a9:d9:bf:ec:53:99:06:10:
46:9a:5f:52:e7:73:4a:d0:32:dc:ea:9c:d2:4b:95:70:d0:bc:
e9:17:0a:bf:e9:4c:ed:c2:e3:35:c9:ff:89:24:0a:a6:8a:65:
b7:1b:0f:2b:7f:4f:b0:81:49:ec:95:50:a5:eb:1f:87:bf:7b:
91:13:0b:76:e3:d7:7b:5b:f0:e4:2e:dd:29:89:b6:0b:8b:1c:
f5:44:7d:65:dc:48:9f:a1:23:59:a6:cb:5b:08:c5:dd:49:97:
64:fb:e3:98:a6:04:20:23:c1:5a:07:43:de:e1:23:ee:f5:02:
7d:91:18:6b:cc:69:1c:8e:0f:4a:d9:e1:1e:d8:3f:8f:90:9f:
5d:05:b8:47:7e:8d:77:39:91:14:f9:9b:c7:0c:32:32:ac:84:
4b:c3:3d:e2:6d:36:3f:b9:57:aa:04:6b:a2:e9:d8:cf:75:46:
db:df:8d:5c:25:94:c1:46:f1:4d:4d:09:11:8e:b3:98:9f:27:
d4:6d:4b:b0
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEEmb2TTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZGI2MTZmM2FkMDM2M2U3MjY5Y2MyZWI1OGQxYmMwODZjYzk3NWYyMB4XDTIyMDEw
MTAyNTI1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzUyMjlmYmY2NTdh
YmJiZDRhMTlhOTQzZDQ3NmViZWFiOWMwMjhjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPNHFz1PC0g6faA7RWQuaJ0obbxee6UWh3kq8jLGfrSXld8Q
bTLzFQe9utQmxzNYKsdZ0OWZkEbUub5cHLCq2/gX70SDZ+OpZfkSRJ3Jgb+NhCpI
L0CgurMVtI2PKFBckwk3PO5B3MMhPMLBJ+2hjUTCi6/41p85O1+0gFBcDsVbCIAH
Lc22OOEM6En5Z8QaN+6OHk5CgwqnEODqTLMU6d3XyKV0DziVcWLzOTKGLqppPGO4
Cec1GZHp8tnKCk1wcxkI6K+RdcIozHy9hlIKGhC4gLxThxMPb3KzlaiOpCf9jeuD
A2iai/YiyB6Y9/xstYVODDj9fTUNG5/B3t1Ir+8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTFIp+/ZXq7vUoZqUPUduvqucAoxDAfBgNVHSMEGDAWgBQtthbzrQNj5yac
wutY0bwIbMl18jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xiWVc4NjBEWS1jbW5NTHJXTkc4Q0d6SmRmSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvMmEyMjZkLWM3MmMtNGMxMi1iYmJhLWE0YjU1YTcxYzIyOC8x
L3hTS2Z2MlY2dTcxS0dhbEQxSGJyNnJuQUtNUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
MmEyMjZkLWM3MmMtNGMxMi1iYmJhLWE0YjU1YTcxYzIyOC8xL0xiWVc4NjBEWS1j
bW5NTHJXTkc4Q0d6SmRmSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA23pwAMEArlA7DANBAIAAjAHAwUA
KgIWGDANBgkqhkiG9w0BAQsFAAOCAQEAPKAHmq3MO+OCcZc+vVw14chc0S/nmSDa
+Xkx+sCCYRxWgiSWhkGh7ybvZxMFLIy0woCr8zSXhmOVNoj3NI6xP6nZv+xTmQYQ
RppfUudzStAy3Oqc0kuVcNC86RcKv+lM7cLjNcn/iSQKpopltxsPK39PsIFJ7JVQ
pesfh797kRMLduPXe1vw5C7dKYm2C4sc9UR9ZdxIn6EjWabLWwjF3UmXZPvjmKYE
ICPBWgdD3uEj7vUCfZEYa8xpHI4PStnhHtg/j5CfXQW4R36NdzmRFPmbxwwyMqyE
S8M94m02P7lXqgRrounYz3VG29+NXCWUwUbxTU0JEY6zmJ8n1G1LsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:08 2024 by rpki-client on console-ams.rpki-client.org