Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/2_V87xcExsFYoUrn-_zpdzx2Bv8.roa
File: 2_V87xcExsFYoUrn-_zpdzx2Bv8.roa (raw, json)
Hash identifier: WefAq9LYVjQzAPBu7iYdBlGMSI1mn+fEuhlRfVUEUak=
Subject key identifier: DB:F5:7C:EF:17:04:C6:C1:58:A1:4A:E7:FB:FC:E9:77:3C:76:06:FF
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 12E6278C
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/2_V87xcExsFYoUrn-_zpdzx2Bv8.roa
Signing time: Fri 14 Jan 2022 15:58:26 +0000
ROA not before: Fri 14 Jan 2022 15:58:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 185.23.96.0/23 maxlen: 23
185.23.99.0/24 maxlen: 24
128.140.128.0/20 maxlen: 20
213.180.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317073292 (0x12e6278c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jan 14 15:58:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbf57cef1704c6c158a14ae7fbfce9773c7606ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:5c:97:1f:41:65:4e:02:46:90:41:b9:5a:1f:
ff:a1:0a:1c:0f:53:8e:b9:45:fa:7b:5b:ab:6a:e2:
59:0b:48:f4:f4:4f:2c:ab:d1:ee:5c:f0:d5:e1:62:
46:97:7b:43:40:16:9d:a1:0f:41:57:91:ad:19:82:
e7:77:82:39:11:da:c3:98:b4:0f:f6:36:6c:51:1d:
e8:69:b1:fe:ba:40:b3:8b:e6:cd:19:19:eb:34:f4:
f1:3b:da:e5:bb:72:17:01:81:75:1b:43:79:ce:50:
17:4e:eb:87:35:5d:de:b0:06:cc:9b:57:d8:f9:de:
ac:55:15:05:f5:0b:80:cd:be:21:bc:6c:dc:17:fc:
4d:f4:98:01:51:39:21:e0:e7:df:9c:27:d6:19:97:
67:d5:c4:21:8d:03:af:4b:a5:75:f0:50:ee:65:5b:
e6:82:36:78:fb:c8:41:7a:5b:36:30:a1:6d:fc:82:
1d:ef:75:0c:7a:87:20:3e:4f:d3:31:84:34:1a:42:
18:60:3d:83:a5:6c:d3:80:58:53:55:8d:c2:a8:96:
97:73:44:1b:7a:c4:49:de:14:fc:b1:3a:f3:00:8b:
fc:68:ca:da:d7:1e:0f:03:eb:97:e5:a3:9f:d1:c9:
2a:66:dc:6b:8a:ee:28:72:16:a6:07:35:92:a7:3a:
52:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F5:7C:EF:17:04:C6:C1:58:A1:4A:E7:FB:FC:E9:77:3C:76:06:FF
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/2_V87xcExsFYoUrn-_zpdzx2Bv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.140.128.0/20
185.23.96.0/23
185.23.99.0/24
213.180.252.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:45:bd:56:12:25:39:d2:5e:71:ad:ca:5a:bb:fd:35:9e:5d:
f1:52:1d:7f:69:11:be:ac:07:4b:88:14:91:23:78:39:2b:32:
2a:1c:50:2b:d6:fe:05:ab:aa:61:5c:d6:bb:59:1a:7a:fa:10:
5a:3a:8e:85:21:c7:2a:08:cd:5d:a8:7b:6b:8e:f7:a2:1e:e9:
0d:26:90:3f:18:64:c8:b4:2d:8d:a0:ff:a5:92:1d:0b:ce:3a:
ed:30:d3:1a:a2:cd:f7:1e:e5:1d:99:bb:52:33:6c:85:9a:e7:
74:65:cb:62:64:c1:bf:7a:75:51:5b:bd:6a:08:25:b3:64:ac:
c0:e3:60:2f:c0:03:f7:d6:23:9d:f4:d4:44:dd:7f:aa:01:90:
c2:6e:e3:49:1d:89:47:51:55:54:e5:14:1a:52:ad:bc:58:d3:
f0:c7:f6:b1:65:bf:c7:c7:60:43:3f:3e:88:ed:c6:c6:c8:1f:
56:04:11:c5:26:ea:84:d2:78:ea:eb:2c:be:0b:3e:65:c8:be:
4e:a8:65:f5:4f:27:6d:fb:f4:94:98:2d:15:ad:c4:06:47:c3:
17:58:e2:f0:8b:cf:a9:5c:c7:69:4f:5c:97:77:4f:cc:02:06:
74:97:11:d0:f0:50:a1:44:b6:3a:7c:ef:47:f3:7e:6e:4a:63:
e4:32:0a:9e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEEuYnjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
N2U5NGNjYjdiNjAxZGEwY2EwOTQ2OWY2MGY2NTM2NDBmZWQ4YzFjMB4XDTIyMDEx
NDE1NTgyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGJmNTdjZWYxNzA0
YzZjMTU4YTE0YWU3ZmJmY2U5NzczYzc2MDZmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOdclx9BZU4CRpBBuVof/6EKHA9TjrlF+ntbq2riWQtI9PRP
LKvR7lzw1eFiRpd7Q0AWnaEPQVeRrRmC53eCORHaw5i0D/Y2bFEd6Gmx/rpAs4vm
zRkZ6zT08Tva5btyFwGBdRtDec5QF07rhzVd3rAGzJtX2PnerFUVBfULgM2+Ibxs
3Bf8TfSYAVE5IeDn35wn1hmXZ9XEIY0Dr0uldfBQ7mVb5oI2ePvIQXpbNjChbfyC
He91DHqHID5P0zGENBpCGGA9g6Vs04BYU1WNwqiWl3NEG3rESd4U/LE68wCL/GjK
2tceDwPrl+Wjn9HJKmbca4ruKHIWpgc1kqc6Uo8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTb9XzvFwTGwVihSuf7/Ol3PHYG/zAfBgNVHSMEGDAWgBRH6UzLe2AdoMoJ
Rp9g9lNkD+2MHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ItbE15M3RnSGFES0NVYWZZUFpUWkFfdGpCdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvOWUyOWRjLWNlYzktNDllMi1iY2U0LWJkOTBhM2YwNmUxNi8x
LzJfVjg3eGNFeHNGWW9Vcm4tX3pwZHp4MkJ2OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
OWUyOWRjLWNlYzktNDllMi1iY2U0LWJkOTBhM2YwNmUxNi8xL1ItbE15M3RnSGFE
S0NVYWZZUFpUWkFfdGpCdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBICMgAMEAbkXYAMEALkXYwMEAtW0
/DANBgkqhkiG9w0BAQsFAAOCAQEAH0W9VhIlOdJeca3KWrv9NZ5d8VIdf2kRvqwH
S4gUkSN4OSsyKhxQK9b+BauqYVzWu1kaevoQWjqOhSHHKgjNXah7a473oh7pDSaQ
PxhkyLQtjaD/pZIdC8467TDTGqLN9x7lHZm7UjNshZrndGXLYmTBv3p1UVu9aggl
s2SswONgL8AD99YjnfTURN1/qgGQwm7jSR2JR1FVVOUUGlKtvFjT8Mf2sWW/x8dg
Qz8+iO3GxsgfVgQRxSbqhNJ46ussvgs+Zci+Tqhl9U8nbfv0lJgtFa3EBkfDF1ji
8IvPqVzHaU9cl3dPzAIGdJcR0PBQoUS2OnzvR/N+bkpj5DIKng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:47 2024 by rpki-client on console-fra.rpki-client.org