Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/2t8r0GBffF_MzyEEuMKm-42-doM.roa
File: 2t8r0GBffF_MzyEEuMKm-42-doM.roa (raw, json)
Hash identifier: RCFNQldnu+o+NBfRR1ZynG/uT1RSaAdxtq7hbnh5ArE=
Subject key identifier: DA:DF:2B:D0:60:5F:7C:5F:CC:CF:21:04:B8:C2:A6:FB:8D:BE:76:83
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 0185406C5D6FE17474EC55DF7FC16AB0D8BA
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/2t8r0GBffF_MzyEEuMKm-42-doM.roa
Signing time: Fri 23 Dec 2022 19:18:41 +0000
ROA not before: Fri 23 Dec 2022 19:18:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 193.233.251.0/24 maxlen: 24
193.233.250.0/24 maxlen: 24
193.233.249.0/24 maxlen: 24
193.233.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:40:6c:5d:6f:e1:74:74:ec:55:df:7f:c1:6a:b0:d8:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Dec 23 19:18:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dadf2bd0605f7c5fcccf2104b8c2a6fb8dbe7683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f0:14:a0:48:be:a2:bc:ad:11:d2:51:c1:9a:
b8:fb:7c:f4:00:79:3b:82:9a:3b:07:a2:e7:b9:07:
26:a4:59:14:b3:2a:70:5b:89:16:65:2d:48:4c:30:
7a:3f:a3:99:88:7d:2f:6e:c7:e9:f2:47:80:d3:e1:
a5:14:90:eb:f7:f3:35:2d:8b:5d:fe:0d:03:71:70:
f0:91:f0:e7:72:b7:29:68:49:f6:c9:2c:8b:c8:e4:
7c:81:34:6e:1d:93:04:f4:48:18:ef:9d:6b:60:b0:
0b:c8:cc:91:d2:02:7e:6e:38:4d:05:d5:90:e8:95:
ee:b8:fc:d1:1a:f7:eb:31:28:1c:80:8d:f8:c7:e0:
27:4c:65:68:41:63:99:3e:b2:da:b8:25:a2:46:17:
c1:25:69:37:61:06:a6:3f:c3:d0:6c:4a:d8:a1:bb:
a1:f6:12:d7:2b:1a:42:1b:da:33:76:17:eb:3f:2a:
1b:c0:79:b3:76:f6:ee:63:d3:a9:10:70:ac:5c:2e:
bd:60:52:30:4a:f9:85:d5:8c:ee:17:8a:75:df:71:
61:8b:a0:aa:b5:87:c6:03:35:be:d2:bc:ee:e9:ae:
11:0a:d2:e5:c7:8a:cb:e2:8d:90:53:e5:df:2e:8a:
9e:01:0d:8a:fd:aa:4b:e0:00:61:ef:7b:24:13:18:
44:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DF:2B:D0:60:5F:7C:5F:CC:CF:21:04:B8:C2:A6:FB:8D:BE:76:83
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/2t8r0GBffF_MzyEEuMKm-42-doM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.248.0/22
Signature Algorithm: sha256WithRSAEncryption
69:f4:98:84:82:d3:f1:4c:89:b3:1c:2a:7a:d2:0f:52:26:08:
c6:00:18:e1:3e:a7:43:a9:a8:6f:d7:18:54:65:63:85:b7:10:
5a:62:0f:4c:c2:fb:13:20:41:d2:e1:73:fc:9a:16:6b:ff:84:
7e:6d:48:da:37:22:2f:be:07:c2:53:11:09:af:cd:db:96:4c:
ec:88:f4:6f:e0:0b:4e:b0:4d:62:e3:59:78:6a:e5:4f:26:e7:
9c:21:6b:34:4d:33:62:b8:1b:9c:2d:32:de:f3:bf:19:09:d5:
03:bb:32:a1:50:d4:f7:64:7e:f8:dd:c4:02:a1:68:c4:13:12:
4c:0e:c2:0d:1b:c0:21:eb:b7:5a:a8:4e:25:df:c5:23:84:cb:
61:97:88:2f:c9:be:65:90:9d:89:ac:96:b4:4c:b6:5f:7f:a7:
af:6c:ff:2a:db:fd:89:70:2b:29:c3:b5:90:c7:78:5b:69:82:
2e:72:2b:73:1e:40:6a:12:0b:86:f3:dd:7e:ad:d5:b0:96:e5:
ac:9d:2a:06:45:42:34:a2:81:c7:c1:3e:84:53:d7:81:2f:e6:
d1:44:54:17:70:03:0c:f2:61:31:c1:c2:bc:76:1a:cb:ea:91:
96:4d:4c:2f:aa:87:8c:fd:b0:00:23:10:cb:ad:f5:e6:d3:39:
08:9f:d3:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVAbF1v4XR07FXff8FqsNi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjIxMjIzMTkxODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWRmMmJkMDYwNWY3YzVmY2NjZjIxMDRiOGMyYTZmYjhkYmU3NjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfAUoEi+orytEdJRwZq4+3z0AHk7
gpo7B6LnuQcmpFkUsypwW4kWZS1ITDB6P6OZiH0vbsfp8keA0+GlFJDr9/M1LYtd
/g0DcXDwkfDncrcpaEn2ySyLyOR8gTRuHZME9EgY751rYLALyMyR0gJ+bjhNBdWQ
6JXuuPzRGvfrMSgcgI34x+AnTGVoQWOZPrLauCWiRhfBJWk3YQamP8PQbErYobuh
9hLXKxpCG9ozdhfrPyobwHmzdvbuY9OpEHCsXC69YFIwSvmF1YzuF4p133Fhi6Cq
tYfGAzW+0rzu6a4RCtLlx4rL4o2QU+XfLoqeAQ2K/apL4ABh73skExhE8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrfK9BgX3xfzM8hBLjCpvuNvnaDMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMnQ4cjBHQmZmRl9NenlFRXVNS20tNDItZG9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwen4MA0G
CSqGSIb3DQEBCwUAA4IBAQBp9JiEgtPxTImzHCp60g9SJgjGABjhPqdDqahv1xhU
ZWOFtxBaYg9MwvsTIEHS4XP8mhZr/4R+bUjaNyIvvgfCUxEJr83blkzsiPRv4AtO
sE1i41l4auVPJuecIWs0TTNiuBucLTLe878ZCdUDuzKhUNT3ZH743cQCoWjEExJM
DsING8Ah67daqE4l38UjhMthl4gvyb5lkJ2JrJa0TLZff6evbP8q2/2JcCspw7WQ
x3hbaYIucitzHkBqEguG891+rdWwluWsnSoGRUI0ooHHwT6EU9eBL+bRRFQXcAMM
8mExwcK8dhrL6pGWTUwvqoeM/bAAIxDLrfXm0zkIn9Nd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:32 2024 by rpki-client on console-ams.rpki-client.org