Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/2glB0SDH-sK9jTl6GO985M5c1Gc.roa
File: 2glB0SDH-sK9jTl6GO985M5c1Gc.roa (raw, json)
Hash identifier: 9CcBIUKCX2X8D9rQhVmvKhP6wkzqKyi2N2nIk+uPgpc=
Subject key identifier: DA:09:41:D1:20:C7:FA:C2:BD:8D:39:7A:18:EF:7C:E4:CE:5C:D4:67
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 0182E374A79240003DFFD127663898A49572
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/2glB0SDH-sK9jTl6GO985M5c1Gc.roa
Signing time: Sun 28 Aug 2022 07:57:29 +0000
ROA not before: Sun 28 Aug 2022 07:57:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199363
IP address blocks: 94.240.38.0/24 maxlen: 24
94.240.38.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:e3:74:a7:92:40:00:3d:ff:d1:27:66:38:98:a4:95:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Aug 28 07:57:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da0941d120c7fac2bd8d397a18ef7ce4ce5cd467
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:82:7a:83:50:5e:1a:4c:61:9b:85:81:a7:36:
84:f8:bf:78:d4:e1:a2:d6:9d:05:8b:89:c1:69:69:
b9:1e:ea:86:53:e2:d3:ec:11:67:0f:25:5a:29:3d:
88:b3:d6:62:bb:e1:0f:39:7f:99:d9:e9:02:30:bc:
fb:84:40:eb:aa:c6:49:3d:f4:9f:74:a5:ab:a1:1d:
3d:94:26:29:a1:96:09:73:ea:02:dc:89:1f:e7:98:
63:cd:c9:7d:4d:cf:df:c3:42:ee:80:0c:81:89:e2:
b0:8a:96:ed:db:27:ae:59:9f:55:b4:5c:6f:5f:dc:
7b:bc:4d:c9:ed:de:c3:bd:2a:79:ae:31:3e:44:60:
4d:7a:f6:49:7f:8b:b5:ce:5d:e6:bf:c3:58:0e:e9:
98:84:73:18:49:b3:c0:e1:57:8f:26:6a:d8:fb:2b:
f1:b4:7b:8a:05:03:b3:69:21:44:67:99:d1:d3:87:
a4:3c:c2:1e:5a:fc:5c:57:2f:8c:8e:fb:09:e6:79:
95:ed:51:8d:5b:c1:ed:bd:2f:45:d4:e6:7a:c9:d8:
72:57:06:5b:cf:c1:e3:ee:d0:e8:ad:68:0b:83:07:
61:4f:38:ea:dc:c1:e1:01:78:12:07:61:f6:b0:fd:
38:44:f9:90:8e:59:8e:29:77:d9:ae:13:a4:3d:1f:
88:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:09:41:D1:20:C7:FA:C2:BD:8D:39:7A:18:EF:7C:E4:CE:5C:D4:67
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/2glB0SDH-sK9jTl6GO985M5c1Gc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.38.0/23
Signature Algorithm: sha256WithRSAEncryption
78:4a:f4:54:44:22:62:a6:01:24:9c:77:dc:0d:1f:94:e1:c3:
e6:09:76:6c:fa:55:96:3a:5d:32:5a:7b:0d:8a:ba:82:98:08:
80:2d:da:d7:57:79:71:30:4d:0b:f1:80:82:3f:e9:0e:8b:57:
0f:b5:e0:6b:37:53:c3:02:e0:7f:4f:cf:59:e1:40:61:8b:fe:
e8:ca:6b:ba:10:da:c4:53:57:e5:59:a8:37:4c:55:32:86:ab:
3a:de:41:0a:8f:5f:96:5f:06:ac:53:4b:70:2b:0d:89:8f:79:
d6:f2:49:de:28:ff:0b:38:64:50:7e:65:0b:fd:77:7f:f1:63:
64:5a:05:64:2a:55:23:93:6a:24:33:5f:03:9c:b9:68:97:b4:
65:7b:03:dd:69:3e:1c:3c:5a:d3:a5:ea:dd:27:ca:16:7a:d0:
5a:33:10:4d:9e:93:38:17:2c:97:9b:ed:87:d3:8b:c7:16:07:
6c:7f:07:3d:cc:fc:87:0b:1b:5f:1d:e1:4f:e9:90:b0:8e:53:
ba:87:e8:32:f0:d4:00:84:a0:a5:6f:80:3b:6d:29:3c:f8:c0:
65:9b:a2:1f:ea:91:cd:96:43:c2:6a:f4:ef:8b:0c:01:2d:23:
34:f2:9c:66:7f:c1:71:d8:cd:d6:d6:14:f8:71:da:8a:33:a6:
d8:75:8f:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLjdKeSQAA9/9EnZjiYpJVyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjIwODI4MDc1NzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTA5NDFkMTIwYzdmYWMyYmQ4ZDM5N2ExOGVmN2NlNGNlNWNkNDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIJ6g1BeGkxhm4WBpzaE+L941OGi
1p0Fi4nBaWm5HuqGU+LT7BFnDyVaKT2Is9Ziu+EPOX+Z2ekCMLz7hEDrqsZJPfSf
dKWroR09lCYpoZYJc+oC3Ikf55hjzcl9Tc/fw0LugAyBieKwipbt2yeuWZ9VtFxv
X9x7vE3J7d7DvSp5rjE+RGBNevZJf4u1zl3mv8NYDumYhHMYSbPA4VePJmrY+yvx
tHuKBQOzaSFEZ5nR04ekPMIeWvxcVy+MjvsJ5nmV7VGNW8HtvS9F1OZ6ydhyVwZb
z8Hj7tDorWgLgwdhTzjq3MHhAXgSB2H2sP04RPmQjlmOKXfZrhOkPR+I+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNoJQdEgx/rCvY05ehjvfOTOXNRnMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvMmdsQjBTREgtc0s5alRsNkdPOTg1TTVjMUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXvAmMA0G
CSqGSIb3DQEBCwUAA4IBAQB4SvRURCJipgEknHfcDR+U4cPmCXZs+lWWOl0yWnsN
irqCmAiALdrXV3lxME0L8YCCP+kOi1cPteBrN1PDAuB/T89Z4UBhi/7oymu6ENrE
U1flWag3TFUyhqs63kEKj1+WXwasU0twKw2Jj3nW8kneKP8LOGRQfmUL/Xd/8WNk
WgVkKlUjk2okM18DnLlol7RlewPdaT4cPFrTperdJ8oWetBaMxBNnpM4FyyXm+2H
04vHFgdsfwc9zPyHCxtfHeFP6ZCwjlO6h+gy8NQAhKClb4A7bSk8+MBlm6If6pHN
lkPCavTviwwBLSM08pxmf8Fx2M3W1hT4cdqKM6bYdY8G
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:18 2024 by rpki-client on console-fra.rpki-client.org