Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/SPt2vHMlrcmFQ8TR1mLPIlgfMTQ.roa
File: SPt2vHMlrcmFQ8TR1mLPIlgfMTQ.roa (raw, json)
Hash identifier: Tr/jBH2zPFsQ+ZDxsTgEpmUOIsfjjHl9clKr2Roi9Qg=
Subject key identifier: 48:FB:76:BC:73:25:AD:C9:85:43:C4:D1:D6:62:CF:22:58:1F:31:34
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 0183FA6CB5BB6E974197497008C79C6A6893
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/SPt2vHMlrcmFQ8TR1mLPIlgfMTQ.roa
Signing time: Fri 21 Oct 2022 12:02:51 +0000
ROA not before: Fri 21 Oct 2022 12:02:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196755
IP address blocks: 157.143.248.0/21 maxlen: 21
178.157.24.0/23 maxlen: 23
178.157.26.0/23 maxlen: 23
80.251.108.0/23 maxlen: 23
178.157.28.0/22 maxlen: 22
217.181.252.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fa:6c:b5:bb:6e:97:41:97:49:70:08:c7:9c:6a:68:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Oct 21 12:02:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48fb76bc7325adc98543c4d1d662cf22581f3134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:70:cc:b3:b6:24:ac:e6:60:1d:f1:a6:40:24:
ac:c0:ca:57:3d:ad:02:46:6a:87:03:68:73:b1:4d:
be:b4:0e:00:ac:73:3e:65:d8:d0:fc:8e:e9:eb:8b:
7f:b8:02:26:8b:59:d0:4e:fe:2f:3b:a7:61:e4:8c:
bc:a8:af:45:b8:c1:f1:93:03:a0:30:5a:31:d6:3a:
a0:f6:fb:44:8d:d0:d8:5f:9b:2b:2d:e5:89:b6:aa:
c1:70:50:0f:2d:04:47:09:01:04:bc:e7:b7:79:a5:
df:6c:a4:bf:c5:89:65:d3:f1:6b:50:9d:0f:23:68:
b4:21:50:9b:69:81:86:16:f5:96:62:ec:5d:f3:8f:
ed:da:22:34:fe:ab:28:7d:42:ad:90:96:ed:23:98:
20:5e:3a:2d:3a:58:26:f1:71:2d:24:72:6a:af:f0:
22:77:60:b8:67:f7:3f:08:84:ec:05:b2:e8:ab:49:
67:b1:13:59:83:16:11:8e:6a:ae:cc:c0:dd:a2:8a:
69:a7:f9:75:ff:8d:f0:33:74:ab:d6:e0:71:cf:5e:
0c:d4:85:d5:eb:6e:1b:91:8a:f7:fe:38:11:8d:83:
26:5d:03:14:c0:96:67:2e:dc:60:77:34:9f:a8:0d:
fb:bb:52:f4:fc:72:b0:8b:29:7b:3f:a4:e4:2e:e2:
cc:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:FB:76:BC:73:25:AD:C9:85:43:C4:D1:D6:62:CF:22:58:1F:31:34
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/SPt2vHMlrcmFQ8TR1mLPIlgfMTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.251.108.0/23
157.143.248.0/21
178.157.24.0/21
217.181.252.0/23
Signature Algorithm: sha256WithRSAEncryption
60:34:1e:bf:46:62:2e:5c:9e:5d:88:ac:0c:11:33:98:90:05:
65:21:75:0b:93:81:76:34:8e:53:45:3b:8c:59:49:25:e0:b2:
16:18:1e:cf:10:b0:19:86:bd:5b:f1:b1:50:f5:4a:6e:ad:91:
5f:f8:6c:62:b5:47:c4:24:f7:a3:01:a4:80:40:1f:ca:ed:59:
85:97:90:b9:c1:c4:48:f5:8d:69:a0:2d:06:72:78:3d:60:d1:
0d:c9:bd:bb:07:22:d4:1a:44:9c:b0:4e:dc:e9:53:b1:b4:1b:
61:c7:4f:25:69:6c:31:1d:3b:2b:99:80:ed:ea:04:50:2c:6a:
dd:7e:46:a5:f5:2c:ff:d2:25:bd:09:2a:bf:13:3b:1b:31:2a:
a4:74:49:5b:2c:c8:11:88:50:f7:60:8f:ab:e7:f6:38:22:77:
06:29:86:9c:42:35:6f:1d:be:b9:db:3d:f2:e9:4c:10:ec:5c:
80:d0:3d:85:90:90:c5:f0:ac:1a:09:2c:fb:fa:75:38:44:bf:
d6:4b:50:b2:b8:a5:cc:34:c7:a7:23:7d:e1:b9:90:e6:8b:8e:
7f:f0:20:6b:b3:a3:7e:b8:0f:9f:e4:25:5b:5b:8d:61:46:56:
23:80:18:21:56:cf:8f:42:00:80:49:8a:38:4e:13:7f:44:57:
e8:eb:c2:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYP6bLW7bpdBl0lwCMecamiTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjIxMDIxMTIwMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGZiNzZiYzczMjVhZGM5ODU0M2M0ZDFkNjYyY2YyMjU4MWYzMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnDMs7YkrOZgHfGmQCSswMpXPa0C
RmqHA2hzsU2+tA4ArHM+ZdjQ/I7p64t/uAImi1nQTv4vO6dh5Iy8qK9FuMHxkwOg
MFox1jqg9vtEjdDYX5srLeWJtqrBcFAPLQRHCQEEvOe3eaXfbKS/xYll0/FrUJ0P
I2i0IVCbaYGGFvWWYuxd84/t2iI0/qsofUKtkJbtI5ggXjotOlgm8XEtJHJqr/Ai
d2C4Z/c/CITsBbLoq0lnsRNZgxYRjmquzMDdooppp/l1/43wM3Sr1uBxz14M1IXV
624bkYr3/jgRjYMmXQMUwJZnLtxgdzSfqA37u1L0/HKwiyl7P6TkLuLM1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEj7drxzJa3JhUPE0dZizyJYHzE0MB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvU1B0MnZITWxyY21GUThUUjFtTFBJbGdmTVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUPtsAwQD
nY/4AwQDsp0YAwQB2bX8MA0GCSqGSIb3DQEBCwUAA4IBAQBgNB6/RmIuXJ5diKwM
ETOYkAVlIXULk4F2NI5TRTuMWUkl4LIWGB7PELAZhr1b8bFQ9UpurZFf+GxitUfE
JPejAaSAQB/K7VmFl5C5wcRI9Y1poC0Gcng9YNENyb27ByLUGkScsE7c6VOxtBth
x08laWwxHTsrmYDt6gRQLGrdfkal9Sz/0iW9CSq/EzsbMSqkdElbLMgRiFD3YI+r
5/Y4IncGKYacQjVvHb652z3y6UwQ7FyA0D2FkJDF8KwaCSz7+nU4RL/WS1CyuKXM
NMenI33huZDmi45/8CBrs6N+uA+f5CVbW41hRlYjgBghVs+PQgCASYo4ThN/RFfo
68Ia
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org