Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/31d275-acfc-4878-8f57-121d535085d6/1/l_Gn2Ir5tCsoQdL1-lFUwFgN4f4.roa
File: l_Gn2Ir5tCsoQdL1-lFUwFgN4f4.roa (raw, json)
Hash identifier: K0gCbusjMCUPM2ejDt3jlZCcp5aptOcD5qleDjYddow=
Subject key identifier: 97:F1:A7:D8:8A:F9:B4:2B:28:41:D2:F5:FA:51:54:C0:58:0D:E1:FE
Certificate issuer: /CN=249b558c48550e06234c5ddffcaa1fcf2e9ac6ff
Certificate serial: 01856EB92A47CCCBB6911822E7D051413C8E
Authority key identifier: 24:9B:55:8C:48:55:0E:06:23:4C:5D:DF:FC:AA:1F:CF:2E:9A:C6:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JJtVjEhVDgYjTF3f_Kofzy6axv8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/31d275-acfc-4878-8f57-121d535085d6/1/l_Gn2Ir5tCsoQdL1-lFUwFgN4f4.roa
Signing time: Sun 01 Jan 2023 19:05:06 +0000
ROA not before: Sun 01 Jan 2023 19:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13157
IP address blocks: 185.244.56.0/24 maxlen: 24
185.244.56.0/22 maxlen: 22
62.112.32.0/19 maxlen: 19
2a04:ce40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:2a:47:cc:cb:b6:91:18:22:e7:d0:51:41:3c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=249b558c48550e06234c5ddffcaa1fcf2e9ac6ff
Validity
Not Before: Jan 1 19:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97f1a7d88af9b42b2841d2f5fa5154c0580de1fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:16:81:33:0a:fd:9a:a9:c0:a7:a1:bc:3b:1b:
75:43:c4:f8:b7:91:c3:ad:2b:f7:c0:a9:51:2c:12:
9a:e9:e8:14:48:ef:19:c7:99:b7:79:04:46:43:c8:
dc:ab:2c:55:d7:6c:67:16:99:27:83:ee:b7:3b:ef:
f2:4c:c7:4a:7d:dc:44:35:04:7f:30:7d:1e:b7:ff:
dd:27:c9:4c:a1:36:a0:91:d4:64:7f:c0:77:b1:5c:
c0:ff:99:2d:a4:69:3d:72:0d:fc:35:f3:6d:26:04:
62:b1:d0:ca:93:f8:e0:43:7e:6f:7c:bc:00:31:22:
da:db:8b:5d:ed:4a:43:45:6e:33:2e:17:48:a2:6c:
da:3c:58:1f:f3:fd:37:fd:14:c5:ae:d8:da:c9:2f:
90:ff:c6:77:a0:fb:5a:3a:8d:c5:79:79:75:b7:5c:
ac:4b:c6:d6:53:8b:1f:f4:fa:50:9c:5a:50:c3:c5:
97:2c:77:b1:00:c1:fb:ac:f9:20:90:23:2a:f9:3e:
9c:f6:b4:5c:bf:82:26:78:65:c3:ba:3d:df:c8:05:
cb:74:ff:57:9a:7f:80:39:19:28:f7:dd:d4:44:4e:
17:e1:78:c3:98:85:a1:b6:4f:48:b8:9e:18:81:f9:
f9:91:ce:ab:1b:eb:0b:33:c2:08:7c:31:36:b2:80:
9c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F1:A7:D8:8A:F9:B4:2B:28:41:D2:F5:FA:51:54:C0:58:0D:E1:FE
X509v3 Authority Key Identifier:
keyid:24:9B:55:8C:48:55:0E:06:23:4C:5D:DF:FC:AA:1F:CF:2E:9A:C6:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JJtVjEhVDgYjTF3f_Kofzy6axv8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/31d275-acfc-4878-8f57-121d535085d6/1/l_Gn2Ir5tCsoQdL1-lFUwFgN4f4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/31d275-acfc-4878-8f57-121d535085d6/1/JJtVjEhVDgYjTF3f_Kofzy6axv8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.32.0/19
185.244.56.0/22
IPv6:
2a04:ce40::/29
Signature Algorithm: sha256WithRSAEncryption
3e:21:12:d4:e9:4f:58:2a:ae:d7:02:d9:e8:2a:a9:a1:81:88:
75:28:65:4c:01:85:86:a5:05:5c:d7:e0:21:ad:fc:1c:a6:8a:
a5:bb:0f:a7:56:59:76:a0:1e:0e:cf:bf:d9:3d:be:de:ad:dc:
33:aa:05:04:06:9c:58:cc:34:78:d5:39:59:07:02:03:db:14:
30:8a:90:bf:cd:11:2b:a0:fc:22:99:a5:c0:72:e6:fd:f8:e8:
7b:aa:9a:aa:97:85:45:41:9d:62:bb:2a:d7:00:c4:41:ea:8a:
e2:28:77:80:7b:22:70:88:4e:b5:be:04:36:37:4c:ac:3c:4e:
ca:11:38:f5:0e:11:6d:4a:e2:5c:29:c3:81:3d:dd:03:0a:ac:
f1:b3:ef:8c:3b:bb:0b:0f:b7:b4:a6:a2:da:ae:98:c0:11:52:
89:ca:13:1a:fb:9c:01:00:d2:8f:74:d6:e9:e1:bb:7a:19:83:
f5:4b:ff:c2:38:f4:8f:a8:71:f0:d7:23:a6:23:75:74:0d:64:
3a:3c:93:b9:31:27:fd:3b:66:4b:e9:68:37:c3:c0:e1:f9:5e:
fc:e3:41:80:5b:a6:06:e8:a2:46:b6:53:c4:ec:66:18:4e:30:
70:49:92:cc:8b:e3:b9:c8:55:68:be:6d:60:26:c4:32:8b:a1:
b4:a5:51:f6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuuSpHzMu2kRgi59BRQTyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0OWI1NThjNDg1NTBlMDYyMzRjNWRkZmZjYWExZmNmMmU5
YWM2ZmYwHhcNMjMwMTAxMTkwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2YxYTdkODhhZjliNDJiMjg0MWQyZjVmYTUxNTRjMDU4MGRlMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhaBMwr9mqnAp6G8Oxt1Q8T4t5HD
rSv3wKlRLBKa6egUSO8Zx5m3eQRGQ8jcqyxV12xnFpkng+63O+/yTMdKfdxENQR/
MH0et//dJ8lMoTagkdRkf8B3sVzA/5ktpGk9cg38NfNtJgRisdDKk/jgQ35vfLwA
MSLa24td7UpDRW4zLhdIomzaPFgf8/03/RTFrtjayS+Q/8Z3oPtaOo3FeXl1t1ys
S8bWU4sf9PpQnFpQw8WXLHexAMH7rPkgkCMq+T6c9rRcv4ImeGXDuj3fyAXLdP9X
mn+AORko993URE4X4XjDmIWhtk9IuJ4Ygfn5kc6rG+sLM8IIfDE2soCczQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJfxp9iK+bQrKEHS9fpRVMBYDeH+MB8GA1UdIwQY
MBaAFCSbVYxIVQ4GI0xd3/yqH88umsb/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkp0VmpFaFZEZ1lqVEYzZl9Lb2Z6eTZheHY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8zMWQyNzUtYWNmYy00ODc4LThmNTct
MTIxZDUzNTA4NWQ2LzEvbF9HbjJJcjV0Q3NvUWRMMS1sRlV3RmdONGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8zMWQyNzUtYWNmYy00ODc4LThmNTctMTIxZDUzNTA4NWQ2
LzEvSkp0VmpFaFZEZ1lqVEYzZl9Lb2Z6eTZheHY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPnAgAwQC
ufQ4MA0EAgACMAcDBQMqBM5AMA0GCSqGSIb3DQEBCwUAA4IBAQA+IRLU6U9YKq7X
AtnoKqmhgYh1KGVMAYWGpQVc1+Ahrfwcpoqluw+nVll2oB4Oz7/ZPb7erdwzqgUE
BpxYzDR41TlZBwID2xQwipC/zREroPwimaXAcub9+Oh7qpqql4VFQZ1iuyrXAMRB
6oriKHeAeyJwiE61vgQ2N0ysPE7KETj1DhFtSuJcKcOBPd0DCqzxs++MO7sLD7e0
pqLarpjAEVKJyhMa+5wBANKPdNbp4bt6GYP1S//COPSPqHHw1yOmI3V0DWQ6PJO5
MSf9O2ZL6Wg3w8Dh+V7840GAW6YG6KJGtlPE7GYYTjBwSZLMi+O5yFVovm1gJsQy
i6G0pVH2
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:25 2025 by rpki-client