Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/p2-gxvbiXsZk1p3FuQArUJMfCRo.roa
File: p2-gxvbiXsZk1p3FuQArUJMfCRo.roa (raw, json)
Hash identifier: lHQqSaYXP/ZU8Ltx1II/7sVw8Nzhr/SuPRUNEd6KmC8=
Subject key identifier: A7:6F:A0:C6:F6:E2:5E:C6:64:D6:9D:C5:B9:00:2B:50:93:1F:09:1A
Certificate issuer: /CN=b2f27953ad4690c068fb40f9f356003379bb63f8
Certificate serial: 01098D4D
Authority key identifier: B2:F2:79:53:AD:46:90:C0:68:FB:40:F9:F3:56:00:33:79:BB:63:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/svJ5U61GkMBo-0D581YAM3m7Y_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/p2-gxvbiXsZk1p3FuQArUJMfCRo.roa
Signing time: Sat 01 Jan 2022 05:56:39 +0000
ROA not before: Sat 01 Jan 2022 05:56:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9085
IP address blocks: 212.180.128.0/17 maxlen: 17
185.53.124.0/22 maxlen: 22
212.75.96.0/19 maxlen: 19
2001:4c30::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17403213 (0x1098d4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2f27953ad4690c068fb40f9f356003379bb63f8
Validity
Not Before: Jan 1 05:56:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a76fa0c6f6e25ec664d69dc5b9002b50931f091a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:58:d5:e6:79:4f:45:7e:c8:dc:78:c6:10:13:
fb:7d:e2:0a:80:78:3f:2d:a1:78:2a:22:05:39:a6:
3c:b6:23:19:90:8e:90:d4:b7:ea:8a:f8:9b:45:40:
45:9e:f1:4d:b3:57:f3:d7:51:88:a2:28:87:14:0d:
06:8c:1d:2e:6f:6c:c7:9f:77:9b:09:a1:25:32:62:
b8:9e:c2:2c:fc:48:8a:4f:ae:f4:54:e5:62:8d:c4:
b6:fb:09:fb:e2:f7:7d:d5:a5:a3:33:87:44:ea:ec:
2b:a2:3f:2e:9e:43:f9:c5:29:8f:ce:a8:41:07:2b:
cb:f7:2b:37:98:36:57:63:cf:b3:eb:50:74:bd:7f:
d6:f0:b8:ee:dd:ee:dc:8b:92:81:03:cc:87:9c:8a:
94:ba:e1:37:fc:5a:d0:45:9a:88:73:69:19:cb:8a:
55:e8:71:c0:54:3a:ca:37:4e:18:73:86:e7:6c:d1:
01:bf:01:20:8d:6d:80:58:e4:1d:49:a7:5d:4d:66:
8a:4f:cc:fc:ec:06:fa:3d:08:15:b7:41:cf:85:f8:
b1:c3:2c:da:63:13:cc:32:98:8d:12:34:56:1d:32:
d7:57:4f:36:33:c5:9f:0e:bf:3f:a5:dc:69:24:65:
94:e0:16:a5:87:c8:0f:d8:32:5a:38:67:91:9b:88:
2c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:6F:A0:C6:F6:E2:5E:C6:64:D6:9D:C5:B9:00:2B:50:93:1F:09:1A
X509v3 Authority Key Identifier:
keyid:B2:F2:79:53:AD:46:90:C0:68:FB:40:F9:F3:56:00:33:79:BB:63:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/svJ5U61GkMBo-0D581YAM3m7Y_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/p2-gxvbiXsZk1p3FuQArUJMfCRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/svJ5U61GkMBo-0D581YAM3m7Y_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.124.0/22
212.75.96.0/19
212.180.128.0/17
IPv6:
2001:4c30::/32
Signature Algorithm: sha256WithRSAEncryption
31:41:da:ad:7e:2b:75:65:64:8a:03:c3:b3:2e:e0:57:22:f8:
e3:97:2a:92:67:f1:26:58:f0:1a:74:0b:9d:6d:8b:f3:72:db:
a7:bf:34:6c:34:f0:31:9d:fc:2a:ae:e3:64:1c:e1:a9:f7:e1:
4b:19:61:c6:16:fa:73:78:26:3b:fc:63:73:20:bd:a6:4f:8e:
a1:7a:58:77:e3:60:7d:5f:15:59:7b:24:64:c4:be:74:e9:5f:
f6:6a:46:78:3c:f1:d1:83:91:c2:2e:a0:ae:61:da:57:68:53:
d7:89:fe:ad:96:27:59:98:e9:e9:7d:40:10:56:93:26:61:dd:
07:85:87:6a:bc:58:3a:67:f2:66:5f:20:f0:03:20:06:7f:b9:
24:db:5c:61:b7:90:09:02:cf:d3:2e:f5:70:9d:de:78:20:df:
2c:54:33:6d:91:ff:53:98:30:82:51:e7:3a:14:c9:76:45:7a:
01:76:15:8d:9c:17:42:ba:c6:ea:61:84:e9:08:d8:80:d9:7a:
34:3d:4c:37:0c:2a:b8:86:37:e7:f2:c6:98:8e:47:d8:f9:4d:
c6:ac:59:68:41:66:56:64:db:e1:b8:f5:b5:31:d6:fe:a0:c5:
f2:fb:14:97:6b:58:22:da:16:ae:28:94:18:ad:08:d2:ea:fb:
5c:03:89:52
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEAQmNTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MmYyNzk1M2FkNDY5MGMwNjhmYjQwZjlmMzU2MDAzMzc5YmI2M2Y4MB4XDTIyMDEw
MTA1NTYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTc2ZmEwYzZmNmUy
NWVjNjY0ZDY5ZGM1YjkwMDJiNTA5MzFmMDkxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOtY1eZ5T0V+yNx4xhAT+33iCoB4Py2heCoiBTmmPLYjGZCO
kNS36or4m0VARZ7xTbNX89dRiKIohxQNBowdLm9sx593mwmhJTJiuJ7CLPxIik+u
9FTlYo3EtvsJ++L3fdWlozOHROrsK6I/Lp5D+cUpj86oQQcry/crN5g2V2PPs+tQ
dL1/1vC47t3u3IuSgQPMh5yKlLrhN/xa0EWaiHNpGcuKVehxwFQ6yjdOGHOG52zR
Ab8BII1tgFjkHUmnXU1mik/M/OwG+j0IFbdBz4X4scMs2mMTzDKYjRI0Vh0y11dP
NjPFnw6/P6XcaSRllOAWpYfID9gyWjhnkZuILAUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSnb6DG9uJexmTWncW5ACtQkx8JGjAfBgNVHSMEGDAWgBSy8nlTrUaQwGj7
QPnzVgAzebtj+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3N2SjVVNjFHa01Cby0wRDU4MVlBTTNtN1lfZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvMDg5NzNmLWZiNmEtNDFlNS04NzIwLWZiNGNmMTM3YzFlOS8x
L3AyLWd4dmJpWHNaazFwM0Z1UUFyVUpNZkNSby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
MDg5NzNmLWZiNmEtNDFlNS04NzIwLWZiNGNmMTM3YzFlOS8xL3N2SjVVNjFHa01C
by0wRDU4MVlBTTNtN1lfZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArk1fAMEBdRLYAMEB9S0gDANBAIA
AjAHAwUAIAFMMDANBgkqhkiG9w0BAQsFAAOCAQEAMUHarX4rdWVkigPDsy7gVyL4
45cqkmfxJljwGnQLnW2L83Lbp780bDTwMZ38Kq7jZBzhqffhSxlhxhb6c3gmO/xj
cyC9pk+OoXpYd+NgfV8VWXskZMS+dOlf9mpGeDzx0YORwi6grmHaV2hT14n+rZYn
WZjp6X1AEFaTJmHdB4WHarxYOmfyZl8g8AMgBn+5JNtcYbeQCQLP0y71cJ3eeCDf
LFQzbZH/U5gwglHnOhTJdkV6AXYVjZwXQrrG6mGE6QjYgNl6ND1MNwwquIY35/LG
mI5H2PlNxqxZaEFmVmTb4bj1tTHW/qDF8vsUl2tYItoWriiUGK0I0ur7XAOJUg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:05 2023 by rpki-client on console-fra.rpki-client.org