Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/s2GvY-dZp-a2AWFf6SWgQGYYvpU.roa
File: s2GvY-dZp-a2AWFf6SWgQGYYvpU.roa (raw, json)
Hash identifier: 9JwcVk8F71saMjtXc2jiAyDYVDo2CsxblThe36LMFlM=
Subject key identifier: B3:61:AF:63:E7:59:A7:E6:B6:01:61:5F:E9:25:A0:40:66:18:BE:95
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018385D9386523B6C6FD9D378A3FD4D4DCC7
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/s2GvY-dZp-a2AWFf6SWgQGYYvpU.roa
Signing time: Wed 28 Sep 2022 20:45:48 +0000
ROA not before: Wed 28 Sep 2022 20:45:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58212
IP address blocks: 185.236.8.0/24 maxlen: 24
185.236.11.0/24 maxlen: 24
85.117.243.0/24 maxlen: 24
192.144.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:85:d9:38:65:23:b6:c6:fd:9d:37:8a:3f:d4:d4:dc:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Sep 28 20:45:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b361af63e759a7e6b601615fe925a0406618be95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9c:80:1a:02:49:ac:52:56:6e:78:77:25:1d:
ab:2a:4f:1f:d7:c1:8c:b3:8f:de:1e:09:28:76:8e:
be:2a:5e:a6:c4:d3:74:35:c2:2e:3d:25:4a:8b:ba:
46:96:e3:66:e1:7d:29:89:60:cc:c7:fb:9d:1d:0a:
98:b9:e1:64:aa:53:ba:84:20:73:e8:f3:74:61:6b:
49:81:88:c2:1d:e6:1a:7c:f8:82:96:7b:a2:77:cd:
06:e5:da:b5:eb:ba:b8:88:48:5d:eb:4c:5e:a1:75:
69:b3:09:0f:0e:f4:fe:a3:49:04:ce:db:19:56:02:
02:e6:12:83:de:a2:8d:de:e6:5b:ef:24:6c:32:1c:
50:b0:56:07:68:7b:17:bd:14:58:58:21:a6:fd:7e:
6c:13:c5:4a:01:4f:25:e7:46:db:49:02:e3:62:aa:
bd:9d:b4:47:77:89:b1:e9:9a:71:50:c4:3f:ae:6f:
aa:6c:7a:02:57:ea:0e:64:1e:34:f1:7e:fb:09:97:
c8:1c:c5:f3:db:59:31:2e:14:52:91:34:4c:ff:74:
24:73:aa:63:47:a0:13:e5:a6:9f:11:d9:2a:c7:be:
7c:11:b4:91:27:d9:75:0a:ec:67:cc:76:1f:a2:ed:
b4:26:5c:37:b0:08:c7:65:1a:6d:50:15:f6:2e:61:
ab:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:61:AF:63:E7:59:A7:E6:B6:01:61:5F:E9:25:A0:40:66:18:BE:95
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/s2GvY-dZp-a2AWFf6SWgQGYYvpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
185.236.8.0/24
185.236.11.0/24
192.144.34.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:fc:e9:02:56:4f:74:f5:ef:46:e7:d0:7c:5d:92:39:33:58:
7d:21:35:32:d3:f3:79:3a:2c:f5:f7:4a:88:a7:11:9a:d6:d6:
01:29:3e:75:fd:53:eb:b2:a0:1f:9c:20:c1:2b:d9:75:4b:20:
f4:73:48:49:4c:e8:f3:9e:eb:cd:37:40:ac:16:1a:75:58:6d:
68:78:b1:20:34:af:69:e3:f7:77:41:3a:2f:ce:12:50:af:48:
46:d3:e8:0c:9b:c2:c4:60:f5:53:bf:7e:5e:86:b6:06:38:8f:
c6:eb:a9:60:61:10:c4:94:07:42:0e:04:37:30:0b:92:09:f0:
03:f1:12:b6:be:ed:12:0c:5b:6d:fb:ac:2b:ec:ec:07:11:ce:
0a:34:c4:bf:63:ea:7f:4b:86:85:c4:57:fa:c1:98:27:3e:8c:
31:63:9f:af:08:ef:fd:a6:fb:4c:31:b7:51:f5:d8:0c:97:4e:
bd:93:cf:c9:fe:74:73:4f:a6:f3:a1:4a:ff:d4:02:8c:95:c8:
49:9e:18:71:35:2d:d8:56:d7:6c:c4:96:c2:c9:0d:11:be:ff:
26:82:98:70:50:d8:11:fd:50:99:64:9d:8a:20:45:6b:d1:a1:
e3:cd:7e:27:63:3b:18:8a:0f:90:f3:7c:bb:71:3d:22:c0:22:
c7:72:0d:71
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYOF2ThlI7bG/Z03ij/U1NzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjIwOTI4MjA0NTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzYxYWY2M2U3NTlhN2U2YjYwMTYxNWZlOTI1YTA0MDY2MThiZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpyAGgJJrFJWbnh3JR2rKk8f18GM
s4/eHgkodo6+Kl6mxNN0NcIuPSVKi7pGluNm4X0piWDMx/udHQqYueFkqlO6hCBz
6PN0YWtJgYjCHeYafPiClnuid80G5dq167q4iEhd60xeoXVpswkPDvT+o0kEztsZ
VgIC5hKD3qKN3uZb7yRsMhxQsFYHaHsXvRRYWCGm/X5sE8VKAU8l50bbSQLjYqq9
nbRHd4mx6ZpxUMQ/rm+qbHoCV+oOZB408X77CZfIHMXz21kxLhRSkTRM/3Qkc6pj
R6AT5aafEdkqx758EbSRJ9l1CuxnzHYfou20Jlw3sAjHZRptUBX2LmGrcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLNhr2PnWafmtgFhX+kloEBmGL6VMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvczJHdlktZFpwLWEyQVdGZjZTV2dRR1lZdnBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVXXzAwQA
uewIAwQAuewLAwQAwJAiMA0GCSqGSIb3DQEBCwUAA4IBAQBM/OkCVk909e9G59B8
XZI5M1h9ITUy0/N5Oiz190qIpxGa1tYBKT51/VPrsqAfnCDBK9l1SyD0c0hJTOjz
nuvNN0CsFhp1WG1oeLEgNK9p4/d3QTovzhJQr0hG0+gMm8LEYPVTv35ehrYGOI/G
66lgYRDElAdCDgQ3MAuSCfAD8RK2vu0SDFtt+6wr7OwHEc4KNMS/Y+p/S4aFxFf6
wZgnPowxY5+vCO/9pvtMMbdR9dgMl069k8/J/nRzT6bzoUr/1AKMlchJnhhxNS3Y
VtdsxJbCyQ0Rvv8mgphwUNgR/VCZZJ2KIEVr0aHjzX4nYzsYig+Q83y7cT0iwCLH
cg1x
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:27 2023 by rpki-client on console-ams.rpki-client.org