Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/2i3CPwir4G78JrHnDx-vD2zgoLw.roa
File: 2i3CPwir4G78JrHnDx-vD2zgoLw.roa (raw, json)
Hash identifier: RyT0GArJ8kt1wXAx4wGMIm///LGIDpTtp800Zsz9ZWY=
Subject key identifier: DA:2D:C2:3F:08:AB:E0:6E:FC:26:B1:E7:0F:1F:AF:0F:6C:E0:A0:BC
Certificate issuer: /CN=ebbc0d60bd3a90bd5e31509deadf447076b078d8
Certificate serial: 0185718310FBCA36239D2ECF2BB430F13CF7
Authority key identifier: EB:BC:0D:60:BD:3A:90:BD:5E:31:50:9D:EA:DF:44:70:76:B0:78:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/2i3CPwir4G78JrHnDx-vD2zgoLw.roa
Signing time: Mon 02 Jan 2023 08:04:53 +0000
ROA not before: Mon 02 Jan 2023 08:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41017
IP address blocks: 79.134.56.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:10:fb:ca:36:23:9d:2e:cf:2b:b4:30:f1:3c:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebbc0d60bd3a90bd5e31509deadf447076b078d8
Validity
Not Before: Jan 2 08:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da2dc23f08abe06efc26b1e70f1faf0f6ce0a0bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:89:62:5a:24:49:5a:16:4b:14:0b:cc:24:3e:
95:cb:4f:e9:e9:41:38:b0:0f:df:b0:0b:b4:4f:e9:
1f:d4:e3:29:d8:b5:08:74:b8:72:1a:41:c0:ab:30:
b9:b3:71:a7:28:cf:dc:41:35:83:37:75:10:5c:06:
3d:00:f6:82:10:f3:dc:4a:f0:43:95:9f:d5:44:1b:
14:e5:db:cf:41:72:82:d6:79:44:38:39:77:0d:db:
12:ce:9b:87:f8:da:e6:f4:89:6c:92:dc:1c:ea:6a:
ca:e8:cc:fd:8e:ff:bb:3d:be:a6:97:40:69:95:0e:
2d:45:c9:c8:c0:33:cb:7d:a7:f2:c6:9b:47:37:79:
31:e9:f4:70:80:44:a6:9c:23:d6:24:19:88:3e:51:
79:d8:b9:53:c6:db:4f:7e:be:47:82:52:43:6a:1a:
bb:c9:31:91:14:35:d4:82:b9:53:5d:b5:17:b1:a2:
53:0f:23:85:d5:43:fb:f9:2f:45:8b:67:45:63:3b:
75:40:a8:bf:0d:f0:a4:fe:07:72:1b:e6:78:49:5a:
91:2d:e4:81:c8:02:00:cf:28:be:df:c1:58:ee:3d:
3f:57:d4:c2:3c:eb:04:06:66:e1:97:8b:fb:1f:aa:
9b:29:be:0b:69:fd:8b:39:7d:fd:c4:03:e0:44:16:
59:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:2D:C2:3F:08:AB:E0:6E:FC:26:B1:E7:0F:1F:AF:0F:6C:E0:A0:BC
X509v3 Authority Key Identifier:
keyid:EB:BC:0D:60:BD:3A:90:BD:5E:31:50:9D:EA:DF:44:70:76:B0:78:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/67wNYL06kL1eMVCd6t9EcHaweNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/2i3CPwir4G78JrHnDx-vD2zgoLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/080af6-8dc4-48e6-9c63-a6b95991cd2c/1/67wNYL06kL1eMVCd6t9EcHaweNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.134.56.0/23
Signature Algorithm: sha256WithRSAEncryption
27:b8:7e:a8:3c:e5:53:ba:37:81:ad:fc:2b:6f:68:46:4d:bd:
bb:74:b2:86:90:d1:e5:9f:e8:32:01:20:2e:23:cc:22:08:3a:
ac:fd:45:f5:1d:da:55:62:c2:5a:04:36:ad:5c:f1:df:b0:37:
50:00:b1:96:4c:35:14:7d:e4:5c:6e:93:a6:0b:90:14:d7:b5:
e4:3b:cf:04:57:32:e0:df:60:5b:0c:47:4b:15:e4:6d:61:9f:
f8:45:cd:3e:41:7d:b5:5b:76:c4:b4:11:1b:ce:b7:0b:9f:17:
2c:f6:32:83:62:bc:70:4b:04:60:89:a1:a8:e5:1b:2a:eb:d9:
bd:7a:08:8e:d5:3d:ee:69:5e:bc:59:f7:28:c9:ce:5d:16:6d:
cb:2f:83:29:1b:e2:a6:c3:f9:f0:2d:48:2a:6d:17:5c:4c:08:
a4:61:58:51:4b:cb:b0:78:e7:b9:90:0c:6a:2c:56:15:61:1c:
da:a4:88:ab:64:65:2d:b0:53:f3:39:3b:68:e4:18:cf:7e:74:
45:f1:47:b1:ee:38:cf:b7:e8:7e:e4:54:6b:b3:67:f0:4f:f6:
b3:42:be:ea:12:cc:06:2b:cc:24:6d:dd:10:cf:5b:fc:62:82:
42:a1:83:d9:b1:36:be:ef:01:24:40:3c:57:1c:5c:88:59:50:
b6:a0:53:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxgxD7yjYjnS7PK7Qw8Tz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViYmMwZDYwYmQzYTkwYmQ1ZTMxNTA5ZGVhZGY0NDcwNzZi
MDc4ZDgwHhcNMjMwMTAyMDgwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTJkYzIzZjA4YWJlMDZlZmMyNmIxZTcwZjFmYWYwZjZjZTBhMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYliWiRJWhZLFAvMJD6Vy0/p6UE4
sA/fsAu0T+kf1OMp2LUIdLhyGkHAqzC5s3GnKM/cQTWDN3UQXAY9APaCEPPcSvBD
lZ/VRBsU5dvPQXKC1nlEODl3DdsSzpuH+Nrm9Ilsktwc6mrK6Mz9jv+7Pb6ml0Bp
lQ4tRcnIwDPLfafyxptHN3kx6fRwgESmnCPWJBmIPlF52LlTxttPfr5HglJDahq7
yTGRFDXUgrlTXbUXsaJTDyOF1UP7+S9Fi2dFYzt1QKi/DfCk/gdyG+Z4SVqRLeSB
yAIAzyi+38FY7j0/V9TCPOsEBmbhl4v7H6qbKb4Laf2LOX39xAPgRBZZIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNotwj8Iq+Bu/Cax5w8frw9s4KC8MB8GA1UdIwQY
MBaAFOu8DWC9OpC9XjFQnerfRHB2sHjYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjd3TllMMDZrTDFlTVZDZDZ0OUVjSGF3ZU5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8wODBhZjYtOGRjNC00OGU2LTljNjMt
YTZiOTU5OTFjZDJjLzEvMmkzQ1B3aXI0Rzc4SnJIbkR4LXZEMnpnb0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8wODBhZjYtOGRjNC00OGU2LTljNjMtYTZiOTU5OTFjZDJj
LzEvNjd3TllMMDZrTDFlTVZDZDZ0OUVjSGF3ZU5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBT4Y4MA0G
CSqGSIb3DQEBCwUAA4IBAQAnuH6oPOVTujeBrfwrb2hGTb27dLKGkNHln+gyASAu
I8wiCDqs/UX1HdpVYsJaBDatXPHfsDdQALGWTDUUfeRcbpOmC5AU17XkO88EVzLg
32BbDEdLFeRtYZ/4Rc0+QX21W3bEtBEbzrcLnxcs9jKDYrxwSwRgiaGo5Rsq69m9
egiO1T3uaV68Wfcoyc5dFm3LL4MpG+Kmw/nwLUgqbRdcTAikYVhRS8uweOe5kAxq
LFYVYRzapIirZGUtsFPzOTto5BjPfnRF8Uex7jjPt+h+5FRrs2fwT/azQr7qEswG
K8wkbd0Qz1v8YoJCoYPZsTa+7wEkQDxXHFyIWVC2oFMG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:36 2025 by rpki-client