Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dec3f1-ce3a-4cb5-9cfc-a30f537d9c5b/1/2zCleIxOgAMb-9C_5lKWAKecVP8.roa
File: 2zCleIxOgAMb-9C_5lKWAKecVP8.roa (raw, json)
Hash identifier: Dwov2azAkILhpEOdPZV0r4frcQ+x0sVdCRgDjr/GR6g=
Subject key identifier: DB:30:A5:78:8C:4E:80:03:1B:FB:D0:BF:E6:52:96:00:A7:9C:54:FF
Certificate issuer: /CN=081868ee84c5f27d9169d243c337b74b6ff8c14d
Certificate serial: 01A8C648
Authority key identifier: 08:18:68:EE:84:C5:F2:7D:91:69:D2:43:C3:37:B7:4B:6F:F8:C1:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBho7oTF8n2RadJDwze3S2_4wU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dec3f1-ce3a-4cb5-9cfc-a30f537d9c5b/1/2zCleIxOgAMb-9C_5lKWAKecVP8.roa
Signing time: Sat 01 Jan 2022 14:55:09 +0000
ROA not before: Sat 01 Jan 2022 14:55:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198682
IP address blocks: 185.140.136.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27838024 (0x1a8c648)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081868ee84c5f27d9169d243c337b74b6ff8c14d
Validity
Not Before: Jan 1 14:55:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db30a5788c4e80031bfbd0bfe6529600a79c54ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:33:03:99:e5:e4:0c:40:f9:b9:86:35:bc:fa:
56:79:01:57:b3:2c:b3:6d:ad:8b:ac:1b:cc:35:50:
af:f8:90:f3:7a:4d:70:82:54:a7:3c:8d:84:b8:90:
07:1e:0d:57:20:c3:ce:b8:db:fc:38:f8:e6:d8:36:
1f:06:69:54:b2:c7:ee:04:b5:f7:d8:77:27:0e:aa:
8b:36:93:61:43:ce:2c:b4:72:a0:51:82:f0:59:4a:
6c:c9:bf:63:91:ef:c9:ab:01:0e:66:26:6f:ee:6e:
76:d2:9f:f0:dd:18:58:c2:9f:89:6d:f6:07:dc:37:
60:1f:4a:04:7a:1c:81:ce:f2:91:dd:52:ff:37:c6:
6a:2e:61:98:60:19:c7:3a:03:61:9d:7a:2c:3f:ed:
3d:33:1d:90:63:b4:fe:71:88:b5:78:5b:eb:ee:ee:
47:30:b0:f5:29:06:e8:f9:72:7f:e6:ef:df:2e:84:
c3:b7:8c:5d:33:e8:07:80:a1:ca:01:82:0a:3d:a3:
a4:17:bc:9f:60:10:69:fd:cb:2e:65:38:09:a0:8a:
bb:05:00:18:3f:4b:47:33:15:5a:90:e9:45:0c:88:
2d:bb:86:31:2a:57:ad:7b:a1:c2:71:8b:5b:43:cb:
6b:ff:46:ff:10:ef:7e:09:73:47:ab:9c:bb:af:a9:
b5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:30:A5:78:8C:4E:80:03:1B:FB:D0:BF:E6:52:96:00:A7:9C:54:FF
X509v3 Authority Key Identifier:
keyid:08:18:68:EE:84:C5:F2:7D:91:69:D2:43:C3:37:B7:4B:6F:F8:C1:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBho7oTF8n2RadJDwze3S2_4wU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dec3f1-ce3a-4cb5-9cfc-a30f537d9c5b/1/2zCleIxOgAMb-9C_5lKWAKecVP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dec3f1-ce3a-4cb5-9cfc-a30f537d9c5b/1/CBho7oTF8n2RadJDwze3S2_4wU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.136.0/22
Signature Algorithm: sha256WithRSAEncryption
75:50:a7:12:7a:8d:22:43:af:7d:d4:5a:cf:ea:07:be:d0:13:
3c:9c:52:42:d5:72:e5:7f:d2:d2:a3:21:f2:fd:78:77:9e:b3:
45:16:19:07:fb:6c:4c:d3:d8:77:01:5f:61:67:34:59:55:a7:
fe:73:2c:97:76:c6:29:e6:cd:f4:43:a3:ac:9f:a8:34:12:5b:
5a:ff:40:06:97:9a:61:3f:67:b5:4e:dc:3e:1a:11:55:c1:cd:
ab:99:76:26:43:85:de:72:8b:dd:2b:ba:91:32:1a:b0:a6:4c:
f4:be:f1:4e:41:c5:f2:46:b1:73:df:eb:37:c0:37:e4:8b:5b:
60:c1:45:95:cf:72:77:92:27:0b:e0:d1:27:ba:25:d0:b9:05:
99:4d:0d:7e:09:95:29:ba:16:e5:37:7b:69:81:ea:2e:fd:37:
cc:7c:f2:1c:5d:2e:a9:f5:09:06:17:ea:99:9f:28:c0:d9:27:
bd:8e:5c:4c:ef:a2:96:75:b4:90:4a:d7:a8:5e:aa:52:58:96:
85:8e:de:8f:b1:32:69:80:74:69:42:13:23:05:44:fb:f8:95:
aa:f4:e4:a2:7f:0c:1d:94:5b:39:b6:b8:9b:e3:96:c7:b0:90:
11:0e:ae:b1:56:eb:b0:4b:b5:f1:d7:f7:79:ab:9f:cd:ef:a5:
38:fc:f0:f6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAajGSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODE4NjhlZTg0YzVmMjdkOTE2OWQyNDNjMzM3Yjc0YjZmZjhjMTRkMB4XDTIyMDEw
MTE0NTUwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIzMGE1Nzg4YzRl
ODAwMzFiZmJkMGJmZTY1Mjk2MDBhNzljNTRmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8zA5nl5AxA+bmGNbz6VnkBV7Mss22ti6wbzDVQr/iQ83pN
cIJUpzyNhLiQBx4NVyDDzrjb/Dj45tg2HwZpVLLH7gS199h3Jw6qizaTYUPOLLRy
oFGC8FlKbMm/Y5HvyasBDmYmb+5udtKf8N0YWMKfiW32B9w3YB9KBHocgc7ykd1S
/zfGai5hmGAZxzoDYZ16LD/tPTMdkGO0/nGItXhb6+7uRzCw9SkG6Plyf+bv3y6E
w7eMXTPoB4ChygGCCj2jpBe8n2AQaf3LLmU4CaCKuwUAGD9LRzMVWpDpRQyILbuG
MSpXrXuhwnGLW0PLa/9G/xDvfglzR6ucu6+ptUkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTbMKV4jE6AAxv70L/mUpYAp5xU/zAfBgNVHSMEGDAWgBQIGGjuhMXyfZFp
0kPDN7dLb/jBTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NCaG83b1RGOG4yUmFkSkR3emUzUzJfNHdVMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvZGVjM2YxLWNlM2EtNGNiNS05Y2ZjLWEzMGY1MzdkOWM1Yi8x
LzJ6Q2xlSXhPZ0FNYi05Q181bEtXQUtlY1ZQOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ZGVjM2YxLWNlM2EtNGNiNS05Y2ZjLWEzMGY1MzdkOWM1Yi8xL0NCaG83b1RGOG4y
UmFkSkR3emUzUzJfNHdVMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmMiDANBgkqhkiG9w0BAQsFAAOC
AQEAdVCnEnqNIkOvfdRaz+oHvtATPJxSQtVy5X/S0qMh8v14d56zRRYZB/tsTNPY
dwFfYWc0WVWn/nMsl3bGKebN9EOjrJ+oNBJbWv9ABpeaYT9ntU7cPhoRVcHNq5l2
JkOF3nKL3Su6kTIasKZM9L7xTkHF8kaxc9/rN8A35ItbYMFFlc9yd5InC+DRJ7ol
0LkFmU0NfgmVKboW5Td7aYHqLv03zHzyHF0uqfUJBhfqmZ8owNknvY5cTO+ilnW0
kErXqF6qUliWhY7ej7EyaYB0aUITIwVE+/iVqvTkon8MHZRbOba4m+OWx7CQEQ6u
sVbrsEu18df3eaufze+lOPzw9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:33 2024 by rpki-client on console-ams.rpki-client.org