Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/2g-Y5BofJDpHHZ2vUEI90Z0BC-k.roa
File: 2g-Y5BofJDpHHZ2vUEI90Z0BC-k.roa (raw, json)
Hash identifier: zK4x/ygJl87fG11hkvX6ujGQtLM57wAMe4cWACJjj/k=
Subject key identifier: DA:0F:98:E4:1A:1F:24:3A:47:1D:9D:AF:50:42:3D:D1:9D:01:0B:E9
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01843F24C3F5891E5C67BDF8FCBC137D96EA
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/2g-Y5BofJDpHHZ2vUEI90Z0BC-k.roa
Signing time: Thu 03 Nov 2022 20:18:04 +0000
ROA not before: Thu 03 Nov 2022 20:18:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 82.163.56.0/22 maxlen: 24
82.163.60.0/22 maxlen: 24
82.163.68.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3f:24:c3:f5:89:1e:5c:67:bd:f8:fc:bc:13:7d:96:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 3 20:18:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da0f98e41a1f243a471d9daf50423dd19d010be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:20:85:f7:46:15:97:19:0b:a6:0d:b3:b1:f8:
4e:8d:62:50:f1:a5:a6:cc:5b:67:e9:e9:74:a4:f2:
e2:45:3a:a5:44:82:8f:71:13:12:fe:c3:46:6e:fe:
51:e6:a2:4e:06:be:90:2c:6e:76:b4:0d:d4:26:02:
d7:8d:02:e4:ef:ca:ad:bb:65:de:5f:5d:a0:c1:b0:
57:62:a4:fe:50:4a:a2:46:21:0e:70:19:d9:f9:e8:
36:e4:40:52:04:53:75:2b:79:e5:7c:4e:84:5b:c4:
2e:59:a1:90:11:dd:a4:ea:31:f4:d0:10:82:ed:da:
a7:9a:7b:dc:f0:15:08:32:4c:a0:04:ee:20:42:bc:
a9:22:04:9d:b4:1e:d5:4d:f8:2f:37:c3:c4:85:cf:
4b:9c:9b:3c:76:fe:a4:ee:14:96:c7:e0:ec:d7:eb:
92:41:a8:5e:cf:49:b0:55:98:29:d2:8e:01:9c:2c:
43:40:a6:6a:1d:2c:6a:2d:41:e1:14:d4:65:d6:28:
f0:96:8b:5e:db:17:57:df:1a:5d:a8:60:f9:00:bc:
f4:c0:eb:d8:ae:36:fd:77:7a:8a:c6:8f:10:98:6a:
ca:cc:98:39:55:ee:7a:05:67:ce:e7:0e:e2:1b:9c:
94:2d:37:2b:a4:61:61:58:d0:b8:72:3a:28:48:42:
7b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:0F:98:E4:1A:1F:24:3A:47:1D:9D:AF:50:42:3D:D1:9D:01:0B:E9
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/2g-Y5BofJDpHHZ2vUEI90Z0BC-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.56.0/21
82.163.68.0/22
82.163.224.0/22
Signature Algorithm: sha256WithRSAEncryption
57:2c:50:0e:e5:c9:17:f5:5d:65:20:58:28:b9:f6:ec:87:6f:
90:5f:19:86:2c:53:aa:fb:c3:fd:46:72:e4:15:2c:b4:54:17:
cc:b7:da:5d:30:ff:b5:03:d0:59:d3:c7:19:8f:f3:d7:af:b6:
79:48:79:a6:97:5f:fb:86:d0:f7:6c:02:93:81:93:52:cb:88:
cb:19:e4:d9:f8:3a:30:34:e6:aa:1d:f9:a1:51:97:2d:f3:56:
81:36:9e:64:f6:82:fe:2c:65:ce:f7:20:d6:72:d2:bf:95:97:
1e:75:94:95:9e:95:d8:f5:d0:5d:5f:7a:a3:58:1e:9b:a8:8e:
90:1d:e2:69:09:25:22:3a:80:58:bb:63:cc:f9:ca:4b:36:5b:
26:24:d7:31:f9:fb:2b:96:53:23:1e:6c:4d:99:5f:30:2f:f6:
a5:34:f0:62:fe:75:3d:e4:27:59:eb:14:51:1d:e5:2b:06:35:
81:10:5f:8e:bb:6f:29:d3:25:4e:54:69:6f:7d:6a:ea:49:d4:
88:6a:92:48:27:02:79:a9:d5:24:80:2e:cf:34:12:b3:b0:e1:
ce:16:f4:4a:48:29:3c:6a:0e:80:4f:c1:81:f8:e2:8d:1f:b9:
b5:06:90:7a:dd:76:7e:b4:99:b3:f8:30:2c:ce:b4:29:44:30:
52:8e:3d:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQ/JMP1iR5cZ734/LwTfZbqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMTAzMjAxODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTBmOThlNDFhMWYyNDNhNDcxZDlkYWY1MDQyM2RkMTlkMDEwYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSCF90YVlxkLpg2zsfhOjWJQ8aWm
zFtn6el0pPLiRTqlRIKPcRMS/sNGbv5R5qJOBr6QLG52tA3UJgLXjQLk78qtu2Xe
X12gwbBXYqT+UEqiRiEOcBnZ+eg25EBSBFN1K3nlfE6EW8QuWaGQEd2k6jH00BCC
7dqnmnvc8BUIMkygBO4gQrypIgSdtB7VTfgvN8PEhc9LnJs8dv6k7hSWx+Ds1+uS
Qahez0mwVZgp0o4BnCxDQKZqHSxqLUHhFNRl1ijwlote2xdX3xpdqGD5ALz0wOvY
rjb9d3qKxo8QmGrKzJg5Ve56BWfO5w7iG5yULTcrpGFhWNC4cjooSEJ7fQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNoPmOQaHyQ6Rx2dr1BCPdGdAQvpMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMmctWTVCb2ZKRHBISFoydlVFSTkwWjBCQy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUqM4AwQC
UqNEAwQCUqPgMA0GCSqGSIb3DQEBCwUAA4IBAQBXLFAO5ckX9V1lIFgoufbsh2+Q
XxmGLFOq+8P9RnLkFSy0VBfMt9pdMP+1A9BZ08cZj/PXr7Z5SHmml1/7htD3bAKT
gZNSy4jLGeTZ+DowNOaqHfmhUZct81aBNp5k9oL+LGXO9yDWctK/lZcedZSVnpXY
9dBdX3qjWB6bqI6QHeJpCSUiOoBYu2PM+cpLNlsmJNcx+fsrllMjHmxNmV8wL/al
NPBi/nU95CdZ6xRRHeUrBjWBEF+Ou28p0yVOVGlvfWrqSdSIapJIJwJ5qdUkgC7P
NBKzsOHOFvRKSCk8ag6AT8GB+OKNH7m1BpB63XZ+tJmz+DAszrQpRDBSjj2Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org