Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/77b86f-7a94-4847-903b-61e4ebf671ab/1/2hK13zM-VZvYzzspdQ_AEvfe-2M.roa
File: 2hK13zM-VZvYzzspdQ_AEvfe-2M.roa (raw, json)
Hash identifier: KG8/keM4MfigeyRmnEYi7ixV7bKTNTMT7eM4afowcfg=
Subject key identifier: DA:12:B5:DF:33:3E:55:9B:D8:CF:3B:29:75:0F:C0:12:F7:DE:FB:63
Certificate issuer: /CN=5ec044b4b96f21fa9a84645bd5e3a9e19723082d
Certificate serial: 01856D0A83262A908AC201913319EDA737AD
Authority key identifier: 5E:C0:44:B4:B9:6F:21:FA:9A:84:64:5B:D5:E3:A9:E1:97:23:08:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XsBEtLlvIfqahGRb1eOp4ZcjCC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/77b86f-7a94-4847-903b-61e4ebf671ab/1/2hK13zM-VZvYzzspdQ_AEvfe-2M.roa
Signing time: Sun 01 Jan 2023 11:14:43 +0000
ROA not before: Sun 01 Jan 2023 11:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212748
IP address blocks: 83.242.104.0/24 maxlen: 24
83.242.104.0/23 maxlen: 23
83.242.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:0a:83:26:2a:90:8a:c2:01:91:33:19:ed:a7:37:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ec044b4b96f21fa9a84645bd5e3a9e19723082d
Validity
Not Before: Jan 1 11:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da12b5df333e559bd8cf3b29750fc012f7defb63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:02:7a:84:67:d0:a2:1d:22:4b:34:ec:01:4d:
0e:91:52:98:c1:9f:08:a8:95:34:ab:05:64:f9:bf:
a0:8b:22:c3:6b:23:e4:d3:e1:c6:5b:40:c9:b6:92:
3a:00:02:21:dd:de:46:c2:fd:e9:75:d0:b7:89:44:
ad:3a:79:0f:14:44:41:50:f2:c5:ad:49:f2:1c:b6:
00:60:c6:05:93:ea:ba:cb:55:c4:f7:e1:1e:2b:42:
28:33:b8:6b:d1:42:50:c8:8f:7e:2f:d1:95:2e:2b:
26:f1:c4:e8:d9:6a:25:bf:84:10:8c:7a:fc:c4:81:
3a:79:0a:a2:df:2b:69:68:67:c3:2b:e6:85:5c:3a:
ea:7c:72:87:b8:a9:23:04:ef:c4:6b:7a:a6:07:e4:
82:c2:5b:47:83:63:11:7f:a8:2b:14:c3:82:c2:4e:
14:fd:21:00:72:db:b9:81:52:0f:41:bb:6a:a3:59:
28:fa:0b:36:89:a8:9f:c8:a7:c5:25:54:fa:2a:d2:
70:72:2c:1b:0c:de:aa:69:cc:d5:f5:5e:fe:e2:7e:
a8:ad:c9:7c:c0:a6:77:f3:20:90:de:05:27:75:8b:
0f:ba:ab:63:6a:81:88:95:e6:69:f1:ee:27:4c:df:
84:8f:a9:bb:79:87:1a:8a:45:f6:02:a7:ac:ba:ec:
b2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:12:B5:DF:33:3E:55:9B:D8:CF:3B:29:75:0F:C0:12:F7:DE:FB:63
X509v3 Authority Key Identifier:
keyid:5E:C0:44:B4:B9:6F:21:FA:9A:84:64:5B:D5:E3:A9:E1:97:23:08:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XsBEtLlvIfqahGRb1eOp4ZcjCC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/77b86f-7a94-4847-903b-61e4ebf671ab/1/2hK13zM-VZvYzzspdQ_AEvfe-2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/77b86f-7a94-4847-903b-61e4ebf671ab/1/XsBEtLlvIfqahGRb1eOp4ZcjCC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.242.104.0/23
Signature Algorithm: sha256WithRSAEncryption
56:ce:f7:8d:ec:60:60:2f:8c:91:fd:6c:ac:24:18:e3:27:24:
49:9a:e1:60:66:e7:db:a6:aa:57:d7:3f:e2:c8:f4:f0:37:81:
02:d7:9f:ae:a7:7d:ab:21:e1:2f:89:55:41:df:52:b8:76:1d:
21:06:89:67:6a:e8:e6:10:64:bb:2d:8f:9a:f0:ff:b6:d5:03:
f7:a0:96:71:ce:29:cb:6e:31:95:c5:aa:5a:aa:b0:89:a8:0a:
c7:c7:8c:db:03:d6:52:6b:c3:88:02:7b:c0:a5:2d:2c:cd:5c:
45:fe:60:52:c3:d9:1d:6c:8a:e4:f7:03:18:1f:4f:94:47:52:
93:b8:b4:b1:ed:7f:57:fc:0e:f2:14:f0:76:80:83:b9:92:18:
a0:9c:9a:a8:80:2f:35:38:7f:cc:5e:a4:18:8d:15:8a:2b:e4:
13:f1:0e:06:1b:5d:37:78:a9:ae:79:fd:19:cb:d6:47:13:81:
e0:e6:1b:2d:d0:1e:83:27:b5:b3:d6:fc:7b:d1:0b:c7:a0:1f:
78:71:28:89:8a:cd:6e:b4:07:11:3b:ce:a1:f5:97:45:26:20:
e5:03:07:04:fa:51:24:2d:2b:67:d3:ce:30:89:39:53:89:75:
8a:59:ca:28:40:88:6c:af:a1:4f:f8:e0:9f:83:c6:33:17:0e:
0c:2c:42:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtCoMmKpCKwgGRMxntpzetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYzA0NGI0Yjk2ZjIxZmE5YTg0NjQ1YmQ1ZTNhOWUxOTcy
MzA4MmQwHhcNMjMwMTAxMTExNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTEyYjVkZjMzM2U1NTliZDhjZjNiMjk3NTBmYzAxMmY3ZGVmYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQJ6hGfQoh0iSzTsAU0OkVKYwZ8I
qJU0qwVk+b+giyLDayPk0+HGW0DJtpI6AAIh3d5Gwv3pddC3iUStOnkPFERBUPLF
rUnyHLYAYMYFk+q6y1XE9+EeK0IoM7hr0UJQyI9+L9GVLism8cTo2Wolv4QQjHr8
xIE6eQqi3ytpaGfDK+aFXDrqfHKHuKkjBO/Ea3qmB+SCwltHg2MRf6grFMOCwk4U
/SEActu5gVIPQbtqo1ko+gs2iaifyKfFJVT6KtJwciwbDN6qaczV9V7+4n6orcl8
wKZ38yCQ3gUndYsPuqtjaoGIleZp8e4nTN+Ej6m7eYcaikX2AqesuuyyzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNoStd8zPlWb2M87KXUPwBL33vtjMB8GA1UdIwQY
MBaAFF7ARLS5byH6moRkW9XjqeGXIwgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHNCRXRMbHZJZnFhaEdSYjFlT3A0WmNqQ0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC83N2I4NmYtN2E5NC00ODQ3LTkwM2It
NjFlNGViZjY3MWFiLzEvMmhLMTN6TS1WWnZZenpzcGRRX0FFdmZlLTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC83N2I4NmYtN2E5NC00ODQ3LTkwM2ItNjFlNGViZjY3MWFi
LzEvWHNCRXRMbHZJZnFhaEdSYjFlT3A0WmNqQ0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBU/JoMA0G
CSqGSIb3DQEBCwUAA4IBAQBWzveN7GBgL4yR/WysJBjjJyRJmuFgZufbpqpX1z/i
yPTwN4EC15+up32rIeEviVVB31K4dh0hBolnaujmEGS7LY+a8P+21QP3oJZxzinL
bjGVxapaqrCJqArHx4zbA9ZSa8OIAnvApS0szVxF/mBSw9kdbIrk9wMYH0+UR1KT
uLSx7X9X/A7yFPB2gIO5khignJqogC81OH/MXqQYjRWKK+QT8Q4GG103eKmuef0Z
y9ZHE4Hg5hst0B6DJ7Wz1vx70QvHoB94cSiJis1utAcRO86h9ZdFJiDlAwcE+lEk
LStn084wiTlTiXWKWcooQIhsr6FP+OCfg8YzFw4MLELn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:47 2025 by rpki-client