Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Lz1xox4eScXWpS5e2WUwgcPXq4A.roa
File: Lz1xox4eScXWpS5e2WUwgcPXq4A.roa (raw, json)
Hash identifier: g7vkSGfmJ334VdJP3T1EFPhIMdLDIXaONeUs3dSpMcY=
Subject key identifier: 2F:3D:71:A3:1E:1E:49:C5:D6:A5:2E:5E:D9:65:30:81:C3:D7:AB:80
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 0CB832C1
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Lz1xox4eScXWpS5e2WUwgcPXq4A.roa
Signing time: Sat 01 Jan 2022 11:54:55 +0000
ROA not before: Sat 01 Jan 2022 11:54:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205215
IP address blocks: 185.218.208.0/22 maxlen: 22
2a0b:e3c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213398209 (0xcb832c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Jan 1 11:54:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f3d71a31e1e49c5d6a52e5ed9653081c3d7ab80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9b:0d:03:cd:62:ea:e7:11:0e:d0:6d:d3:de:
fa:7a:1d:ee:ed:a2:cb:d3:3c:ae:ed:96:76:5e:7a:
42:3e:4e:08:f8:7b:40:65:a4:6d:ac:05:67:9a:05:
df:87:61:6f:b6:20:c4:79:45:fe:e1:99:67:e6:6e:
69:cb:15:0d:2d:66:fa:25:ab:d2:1d:56:dc:73:d5:
d1:a6:cd:a5:c0:d1:64:de:78:9f:1f:d9:4c:a1:60:
e8:8a:d8:d6:57:21:5f:4b:05:cd:47:a3:1d:85:10:
7d:70:cf:40:c9:e9:59:75:b9:b0:4b:d6:07:64:70:
5d:ec:ae:a3:37:f3:5e:4e:c0:14:6e:4d:25:de:f1:
19:81:32:a2:df:93:cb:79:61:89:33:f6:2d:fa:3f:
32:32:10:33:56:b9:c8:dc:da:0c:5f:fb:58:80:ad:
da:41:f1:2a:f6:4c:e8:42:0f:2d:2a:8c:4c:59:37:
00:d9:01:22:27:4c:da:91:1d:af:e8:45:ce:c7:32:
76:f8:79:e7:56:c6:28:fb:d0:bf:c5:d4:8c:5e:7a:
2f:ba:36:63:aa:3e:65:51:9a:6d:f4:78:b1:c4:75:
2b:26:92:c9:37:6e:ba:c0:74:dd:24:0e:3e:c5:f8:
ea:0c:80:fa:81:46:d3:65:18:1b:41:9e:25:03:f6:
60:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3D:71:A3:1E:1E:49:C5:D6:A5:2E:5E:D9:65:30:81:C3:D7:AB:80
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/Lz1xox4eScXWpS5e2WUwgcPXq4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.208.0/22
IPv6:
2a0b:e3c0::/29
Signature Algorithm: sha256WithRSAEncryption
60:82:db:e2:bf:e1:78:45:2d:41:9d:37:e5:33:80:78:bc:c3:
75:5c:fd:6c:97:04:e2:a0:f1:98:ef:41:bf:d2:cc:89:fa:75:
9b:20:fd:21:29:ef:9c:d6:fa:2a:c8:52:2d:a5:04:ae:b9:2b:
9c:b8:2f:56:3f:bd:e7:a1:97:24:24:81:47:a1:33:24:2b:fa:
cb:03:cd:6d:86:2d:6d:e7:ea:ea:12:b2:97:bf:5b:b5:83:12:
fe:d2:4f:11:27:1f:7c:b2:3e:a3:18:e6:90:2b:11:9e:d9:14:
79:53:38:68:84:ef:0e:23:24:35:56:f5:65:56:ea:55:da:61:
54:be:c9:dc:41:c4:e2:65:dd:28:0a:6b:f0:e0:56:34:98:f5:
26:f8:0a:fc:8f:9d:17:6c:d0:0c:20:24:6a:29:cc:5b:05:8f:
4a:5c:77:4c:67:03:0a:70:bb:8c:0b:df:92:17:9f:a2:36:49:
a1:09:53:4e:22:c2:20:00:e3:e8:1f:33:c3:f7:b6:b8:0b:43:
50:55:bd:f2:de:7e:d8:e7:2d:5a:a7:08:fa:2a:b0:a2:c9:f9:
45:58:d4:27:28:69:9c:28:40:f9:10:24:15:58:9e:d9:3d:42:
ed:20:b2:ad:af:41:43:f4:d9:07:e8:1c:50:d9:56:a9:cb:8d:
23:5f:75:6d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDLgywTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTQ3OWI4M2M1MjBkNzg0NDQ1YzI0ODI4YmFiNjMzZjBkNzAyY2YzMB4XDTIyMDEw
MTExNTQ1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmYzZDcxYTMxZTFl
NDljNWQ2YTUyZTVlZDk2NTMwODFjM2Q3YWI4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALebDQPNYurnEQ7QbdPe+nod7u2iy9M8ru2Wdl56Qj5OCPh7
QGWkbawFZ5oF34dhb7YgxHlF/uGZZ+ZuacsVDS1m+iWr0h1W3HPV0abNpcDRZN54
nx/ZTKFg6IrY1lchX0sFzUejHYUQfXDPQMnpWXW5sEvWB2RwXeyuozfzXk7AFG5N
Jd7xGYEyot+Ty3lhiTP2Lfo/MjIQM1a5yNzaDF/7WICt2kHxKvZM6EIPLSqMTFk3
ANkBIidM2pEdr+hFzscydvh551bGKPvQv8XUjF56L7o2Y6o+ZVGabfR4scR1KyaS
yTduusB03SQOPsX46gyA+oFG02UYG0GeJQP2YPkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQvPXGjHh5JxdalLl7ZZTCBw9ergDAfBgNVHSMEGDAWgBTxR5uDxSDXhERc
JIKLq2M/DXAs8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhVZWJnOFVnMTRSRVhDU0NpNnRqUHcxd0xQTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvYTk3ZTIxLWI1ZmUtNGE1Ni1hOThhLWJkZDRhZjVmMzVkMS8x
L0x6MXhveDRlU2NYV3BTNWUyV1V3Z2NQWHE0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
YTk3ZTIxLWI1ZmUtNGE1Ni1hOThhLWJkZDRhZjVmMzVkMS8xLzhVZWJnOFVnMTRS
RVhDU0NpNnRqUHcxd0xQTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArna0DANBAIAAjAHAwUDKgvjwDAN
BgkqhkiG9w0BAQsFAAOCAQEAYILb4r/heEUtQZ035TOAeLzDdVz9bJcE4qDxmO9B
v9LMifp1myD9ISnvnNb6KshSLaUErrkrnLgvVj+956GXJCSBR6EzJCv6ywPNbYYt
befq6hKyl79btYMS/tJPEScffLI+oxjmkCsRntkUeVM4aITvDiMkNVb1ZVbqVdph
VL7J3EHE4mXdKApr8OBWNJj1JvgK/I+dF2zQDCAkainMWwWPSlx3TGcDCnC7jAvf
khefojZJoQlTTiLCIADj6B8zw/e2uAtDUFW98t5+2OctWqcI+iqwosn5RVjUJyhp
nChA+RAkFVie2T1C7SCyra9BQ/TZB+gcUNlWqcuNI191bQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org