Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e8c2bd-98fa-4bdf-80bb-c5eee57ed2e6/1/2Mc1C4-1moO8qJC1tMFO0WoGzIg.roa
File: 2Mc1C4-1moO8qJC1tMFO0WoGzIg.roa (raw, json)
Hash identifier: D/t7Sa01TiMAd/1nsrhzVo8V9R4PAVA51ntx/KarCt4=
Subject key identifier: D8:C7:35:0B:8F:B5:9A:83:BC:A8:90:B5:B4:C1:4E:D1:6A:06:CC:88
Certificate issuer: /CN=c4f2d8ba1b19211fa9f9c0db551545133102ccbb
Certificate serial: 01856D6F5049560BF666F449C95758349371
Authority key identifier: C4:F2:D8:BA:1B:19:21:1F:A9:F9:C0:DB:55:15:45:13:31:02:CC:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xPLYuhsZIR-p-cDbVRVFEzECzLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e8c2bd-98fa-4bdf-80bb-c5eee57ed2e6/1/2Mc1C4-1moO8qJC1tMFO0WoGzIg.roa
Signing time: Sun 01 Jan 2023 13:04:49 +0000
ROA not before: Sun 01 Jan 2023 13:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199516
IP address blocks: 185.13.80.0/24 maxlen: 24
185.13.83.0/24 maxlen: 24
185.13.80.0/22 maxlen: 22
185.13.81.0/24 maxlen: 24
185.13.82.0/24 maxlen: 24
2a02:f380::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:50:49:56:0b:f6:66:f4:49:c9:57:58:34:93:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4f2d8ba1b19211fa9f9c0db551545133102ccbb
Validity
Not Before: Jan 1 13:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8c7350b8fb59a83bca890b5b4c14ed16a06cc88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:55:b2:89:46:42:ab:a2:f0:c7:b9:3b:c3:7c:
54:04:43:0e:52:6a:89:5b:d5:62:d4:84:3a:f1:91:
12:f0:31:87:6f:07:36:a5:d7:ef:6d:21:ec:d0:29:
73:1e:71:3a:ec:58:d9:0a:68:23:40:04:58:c7:b8:
9a:66:8e:73:26:ba:db:7e:0b:53:4e:56:7b:36:48:
6f:79:46:03:81:6a:6f:8d:0c:af:b4:3e:57:c9:43:
c5:13:7c:80:6e:3b:7f:ae:7c:30:43:90:59:85:db:
02:be:11:6e:f4:80:3e:d6:5a:d0:06:58:02:38:05:
03:e8:b4:c3:09:75:47:97:17:0a:1c:d9:79:53:9e:
15:12:13:fb:a0:6c:f9:8a:06:0f:b4:1e:14:43:90:
22:5d:35:e3:76:57:56:f0:05:4a:07:ff:4f:39:ca:
03:68:17:2e:a6:06:15:aa:de:f5:c0:48:5b:ba:a5:
0f:2a:0b:cd:91:5d:f7:7f:e6:5e:99:23:92:2f:1f:
8d:c0:ec:51:c9:05:df:03:c8:e1:fd:a2:df:fc:93:
c4:ed:0f:47:d2:c1:73:4f:e1:1c:83:09:20:03:9d:
e4:0d:e5:24:2f:31:94:52:45:cb:b3:63:54:77:46:
0c:42:92:79:ee:01:2c:0d:a4:22:8e:56:c9:31:de:
ba:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:C7:35:0B:8F:B5:9A:83:BC:A8:90:B5:B4:C1:4E:D1:6A:06:CC:88
X509v3 Authority Key Identifier:
keyid:C4:F2:D8:BA:1B:19:21:1F:A9:F9:C0:DB:55:15:45:13:31:02:CC:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xPLYuhsZIR-p-cDbVRVFEzECzLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e8c2bd-98fa-4bdf-80bb-c5eee57ed2e6/1/2Mc1C4-1moO8qJC1tMFO0WoGzIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e8c2bd-98fa-4bdf-80bb-c5eee57ed2e6/1/xPLYuhsZIR-p-cDbVRVFEzECzLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.80.0/22
IPv6:
2a02:f380::/29
Signature Algorithm: sha256WithRSAEncryption
2a:ad:f7:ed:2d:ca:7a:74:38:bc:fa:ee:64:55:0d:bb:80:02:
61:33:ef:83:aa:13:d6:17:be:3e:11:fc:73:64:bf:23:f7:9a:
e9:56:cc:45:3c:d1:a9:f7:9a:28:18:db:72:64:cd:ed:a9:eb:
f6:6f:86:f8:fc:93:36:43:57:d2:51:da:a9:2c:8c:25:48:13:
43:54:40:c9:33:ef:1d:46:dd:69:1b:31:bc:42:66:51:44:c1:
f0:ae:4e:45:d9:b3:98:e7:b6:91:9e:04:c7:29:93:1c:22:04:
4c:9a:61:ff:f5:97:1c:75:48:62:df:93:68:6c:fc:7e:bc:50:
b4:f4:3b:4e:1e:1f:64:f4:2b:49:9c:ce:fa:cf:55:bf:64:01:
76:9b:7f:67:6d:55:6c:f3:2b:1c:ff:0e:ac:9f:61:ea:40:0b:
5c:8f:4e:f1:08:ff:06:89:61:71:29:3b:7a:86:a9:88:a8:fa:
b1:da:a7:f7:a6:d2:22:61:32:44:82:e8:44:dd:5f:64:8b:7c:
38:1f:16:87:7d:ce:1a:ba:84:39:f9:31:f1:08:52:32:88:ac:
55:b3:16:df:c0:38:1e:a0:3d:1d:4a:b8:5e:75:c1:fb:d9:53:
d7:22:71:8e:ce:33:f4:22:2d:f6:02:b7:44:ca:a1:a2:82:28:
63:33:7b:e9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVtb1BJVgv2ZvRJyVdYNJNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0ZjJkOGJhMWIxOTIxMWZhOWY5YzBkYjU1MTU0NTEzMzEw
MmNjYmIwHhcNMjMwMTAxMTMwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGM3MzUwYjhmYjU5YTgzYmNhODkwYjViNGMxNGVkMTZhMDZjYzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglWyiUZCq6Lwx7k7w3xUBEMOUmqJ
W9Vi1IQ68ZES8DGHbwc2pdfvbSHs0ClzHnE67FjZCmgjQARYx7iaZo5zJrrbfgtT
TlZ7NkhveUYDgWpvjQyvtD5XyUPFE3yAbjt/rnwwQ5BZhdsCvhFu9IA+1lrQBlgC
OAUD6LTDCXVHlxcKHNl5U54VEhP7oGz5igYPtB4UQ5AiXTXjdldW8AVKB/9POcoD
aBcupgYVqt71wEhbuqUPKgvNkV33f+ZemSOSLx+NwOxRyQXfA8jh/aLf/JPE7Q9H
0sFzT+EcgwkgA53kDeUkLzGUUkXLs2NUd0YMQpJ57gEsDaQijlbJMd66jQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNjHNQuPtZqDvKiQtbTBTtFqBsyIMB8GA1UdIwQY
MBaAFMTy2LobGSEfqfnA21UVRRMxAsy7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFBMWXVoc1pJUi1wLWNEYlZSVkZFekVDekxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lOGMyYmQtOThmYS00YmRmLTgwYmIt
YzVlZWU1N2VkMmU2LzEvMk1jMUM0LTFtb084cUpDMXRNRk8wV29HeklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lOGMyYmQtOThmYS00YmRmLTgwYmItYzVlZWU1N2VkMmU2
LzEveFBMWXVoc1pJUi1wLWNEYlZSVkZFekVDekxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ1QMA0E
AgACMAcDBQMqAvOAMA0GCSqGSIb3DQEBCwUAA4IBAQAqrfftLcp6dDi8+u5kVQ27
gAJhM++DqhPWF74+EfxzZL8j95rpVsxFPNGp95ooGNtyZM3tqev2b4b4/JM2Q1fS
UdqpLIwlSBNDVEDJM+8dRt1pGzG8QmZRRMHwrk5F2bOY57aRngTHKZMcIgRMmmH/
9ZccdUhi35NobPx+vFC09DtOHh9k9CtJnM76z1W/ZAF2m39nbVVs8ysc/w6sn2Hq
QAtcj07xCP8GiWFxKTt6hqmIqPqx2qf3ptIiYTJEguhE3V9ki3w4HxaHfc4auoQ5
+THxCFIyiKxVsxbfwDgeoD0dSrhedcH72VPXInGOzjP0Ii32ArdEyqGigihjM3vp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:32 2025 by rpki-client