Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/law2_sfnLokJgvIg3ChtDhoJtOM.roa
File: law2_sfnLokJgvIg3ChtDhoJtOM.roa (raw, json)
Hash identifier: k8nDiEPb5AubekFVt5/JtumNyKmWGEOKVUGQf8tPZz8=
Subject key identifier: 95:AC:36:FE:C7:E7:2E:89:09:82:F2:20:DC:28:6D:0E:1A:09:B4:E3
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 01857270F576BB026022A5C4E74D1BF6E794
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/law2_sfnLokJgvIg3ChtDhoJtOM.roa
Signing time: Mon 02 Jan 2023 12:24:43 +0000
ROA not before: Mon 02 Jan 2023 12:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48090
IP address blocks: 2.57.122.0/24 maxlen: 24
92.118.39.0/24 maxlen: 24
45.142.192.0/24 maxlen: 24
80.94.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:70:f5:76:bb:02:60:22:a5:c4:e7:4d:1b:f6:e7:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Jan 2 12:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95ac36fec7e72e890982f220dc286d0e1a09b4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:61:42:2a:f1:dc:01:9b:51:61:d0:56:c5:5e:
1a:c6:a1:01:d1:d9:83:f9:65:21:9b:c4:dc:0b:1f:
94:33:71:6e:92:d1:55:0e:09:51:d0:8c:f3:cc:a0:
70:15:b3:13:47:91:d4:fb:19:43:f3:4f:3e:e4:8f:
5e:5b:57:7c:8e:21:86:46:cc:fa:bb:b6:cd:13:14:
cb:07:0b:4b:12:9a:95:db:3d:40:03:96:d6:7f:e3:
ed:13:eb:45:28:be:20:40:c3:5c:bb:97:5b:ed:68:
0c:0c:97:63:91:53:cb:e3:52:16:fd:ba:3b:c9:72:
dd:f4:7f:41:f8:11:89:77:29:f4:77:27:bb:43:eb:
7d:77:ea:1e:c1:02:dd:cd:25:b1:f4:ef:f7:de:18:
2e:2b:8d:43:81:d8:69:0d:ce:a8:bf:de:a4:32:1a:
d1:0a:04:d2:af:c6:ca:e1:e7:19:6a:15:2f:b5:8e:
15:96:4d:e2:23:56:6b:fa:3d:c1:40:cc:7a:22:8b:
4f:ca:8d:ed:aa:12:03:74:50:68:e5:14:d6:cc:77:
cd:13:ca:42:6e:3c:80:02:05:23:fd:79:a4:8b:f6:
68:8a:ed:b5:28:cf:4c:7e:86:f2:ef:77:74:63:fe:
c6:39:9a:fb:cf:4e:4a:17:38:41:e4:fd:e7:1b:a8:
2c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AC:36:FE:C7:E7:2E:89:09:82:F2:20:DC:28:6D:0E:1A:09:B4:E3
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/law2_sfnLokJgvIg3ChtDhoJtOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.122.0/24
45.142.192.0/24
80.94.92.0/24
92.118.39.0/24
Signature Algorithm: sha256WithRSAEncryption
05:b0:cc:62:e7:b3:a6:44:96:b4:d2:db:2d:8e:50:8a:cc:fe:
c0:6a:87:96:06:2b:e6:9d:b1:31:b9:a7:84:d7:20:bb:54:51:
2a:fc:64:a1:de:6f:fe:db:41:e3:dc:a5:3a:f4:87:a4:92:d3:
51:28:74:cd:c9:e9:61:ca:c9:e9:96:01:89:d0:65:bd:d4:17:
42:ce:09:85:27:d6:65:e5:29:59:14:9f:32:f3:6f:c4:f5:d2:
40:ce:3d:0e:aa:06:51:df:2a:06:a6:91:92:cf:8e:6f:80:84:
6d:80:ea:0c:1a:71:dc:3d:b1:d9:3f:a8:96:fc:70:ad:23:08:
40:d3:bf:e6:c4:da:4a:60:f4:18:45:c6:e1:31:7d:f7:de:ce:
fe:8c:a0:5d:a4:17:62:d1:29:76:ac:c2:46:e2:e8:69:42:72:
b2:14:c2:f0:e3:8b:2b:a0:84:62:fc:64:76:cd:fe:f6:37:6a:
5f:fb:2e:40:66:ab:89:c3:43:a1:fd:39:f2:0a:4f:f1:e1:ed:
09:b5:aa:f5:3b:02:f5:e8:cc:14:a7:f2:cc:ce:9e:8b:c9:09:
a1:cd:3c:e4:ff:e8:6b:bc:9a:a3:b9:63:4f:62:ba:0b:a5:1a:
f2:c7:06:2f:94:3b:c6:cc:1e:4d:0f:6d:7a:71:62:a4:b7:53:
78:8e:ff:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVycPV2uwJgIqXE500b9ueUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjMwMTAyMTIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWFjMzZmZWM3ZTcyZTg5MDk4MmYyMjBkYzI4NmQwZTFhMDliNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymFCKvHcAZtRYdBWxV4axqEB0dmD
+WUhm8TcCx+UM3FuktFVDglR0IzzzKBwFbMTR5HU+xlD808+5I9eW1d8jiGGRsz6
u7bNExTLBwtLEpqV2z1AA5bWf+PtE+tFKL4gQMNcu5db7WgMDJdjkVPL41IW/bo7
yXLd9H9B+BGJdyn0dye7Q+t9d+oewQLdzSWx9O/33hguK41DgdhpDc6ov96kMhrR
CgTSr8bK4ecZahUvtY4Vlk3iI1Zr+j3BQMx6IotPyo3tqhIDdFBo5RTWzHfNE8pC
bjyAAgUj/Xmki/Zoiu21KM9Mfoby73d0Y/7GOZr7z05KFzhB5P3nG6gsmQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJWsNv7H5y6JCYLyINwobQ4aCbTjMB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvbGF3Ml9zZm5Mb2tKZ3ZJZzNDaHREaG9KdE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAAjl6AwQA
LY7AAwQAUF5cAwQAXHYnMA0GCSqGSIb3DQEBCwUAA4IBAQAFsMxi57OmRJa00tst
jlCKzP7AaoeWBivmnbExuaeE1yC7VFEq/GSh3m/+20Hj3KU69IekktNRKHTNyelh
ysnplgGJ0GW91BdCzgmFJ9Zl5SlZFJ8y82/E9dJAzj0OqgZR3yoGppGSz45vgIRt
gOoMGnHcPbHZP6iW/HCtIwhA07/mxNpKYPQYRcbhMX333s7+jKBdpBdi0Sl2rMJG
4uhpQnKyFMLw44sroIRi/GR2zf72N2pf+y5AZquJw0Oh/TnyCk/x4e0Jtar1OwL1
6MwUp/LMzp6LyQmhzTzk/+hrvJqjuWNPYroLpRryxwYvlDvGzB5ND216cWKkt1N4
jv9Y
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:40:27 2025 by rpki-client