Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/2lveMNcBB_nDXBCuygK2qYqchdo.roa
File: 2lveMNcBB_nDXBCuygK2qYqchdo.roa (raw, json)
Hash identifier: UryL7hZh0gT0TckQG+JEGdH93aPdbzpxXkQFV9xFpmA=
Subject key identifier: DA:5B:DE:30:D7:01:07:F9:C3:5C:10:AE:CA:02:B6:A9:8A:9C:85:DA
Certificate issuer: /CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Certificate serial: 018409D49A626001E56A51E21B8DC5FEDA1B
Authority key identifier: AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/2lveMNcBB_nDXBCuygK2qYqchdo.roa
Signing time: Mon 24 Oct 2022 11:50:38 +0000
ROA not before: Mon 24 Oct 2022 11:50:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 77.83.152.0/22 maxlen: 24
45.147.148.0/22 maxlen: 22
77.83.154.0/23 maxlen: 23
139.28.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:09:d4:9a:62:60:01:e5:6a:51:e2:1b:8d:c5:fe:da:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada25aafe3a9870e9524afa0265987ed5a5a4da3
Validity
Not Before: Oct 24 11:50:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da5bde30d70107f9c35c10aeca02b6a98a9c85da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:59:04:17:cb:07:bb:78:01:06:9d:d9:0a:9c:
9a:57:c9:46:c4:c2:98:0b:c5:fe:32:a0:15:04:b7:
c4:ae:ac:f0:60:69:f7:1a:22:ce:b5:b3:e6:d7:d6:
e1:1b:d5:05:b2:d6:81:c6:57:b0:e6:8e:e4:13:ea:
14:fc:f2:77:87:a3:31:62:0f:fc:85:5b:5e:04:b3:
5c:96:51:e2:55:b5:35:34:a7:2c:60:59:f9:81:52:
45:bd:47:77:27:67:64:96:5e:cb:5d:30:31:b0:ad:
65:4b:68:41:c4:35:3a:d6:a1:15:19:c2:97:40:4a:
14:e2:30:13:2f:c1:3a:ad:e2:84:09:ba:d9:0e:fd:
b2:8c:9a:6c:90:b7:d6:62:6b:c6:52:74:b0:2f:19:
80:e5:69:82:34:f5:12:65:3a:a4:87:17:32:51:79:
0b:c9:5d:a0:07:b8:95:ce:a7:8d:2d:81:a4:3d:27:
36:6e:f0:9e:27:36:b1:15:9c:6f:04:0f:20:f8:ef:
ca:d6:89:b7:2a:5d:e2:72:b3:9b:ee:d7:87:76:fc:
37:20:ce:cc:9c:9c:dc:fd:e4:d9:f7:d2:2d:e7:26:
65:ca:1e:25:af:cd:1c:bc:f4:de:27:25:b7:be:80:
ca:5f:bb:92:f3:8a:95:6b:bc:37:ec:e1:cd:ad:09:
18:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5B:DE:30:D7:01:07:F9:C3:5C:10:AE:CA:02:B6:A9:8A:9C:85:DA
X509v3 Authority Key Identifier:
keyid:AD:A2:5A:AF:E3:A9:87:0E:95:24:AF:A0:26:59:87:ED:5A:5A:4D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raJar-Ophw6VJK-gJlmH7VpaTaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/2lveMNcBB_nDXBCuygK2qYqchdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/810d24-acbe-4cb2-9ac5-9d5875d86373/1/raJar-Ophw6VJK-gJlmH7VpaTaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.148.0/22
77.83.152.0/22
139.28.168.0/22
Signature Algorithm: sha256WithRSAEncryption
10:3a:67:31:cc:65:56:5f:46:88:81:3f:5f:0c:dc:8c:99:a8:
79:86:d7:6a:87:dd:46:60:56:93:34:81:ff:a7:5a:75:7a:73:
dc:ea:fc:af:24:a4:da:25:78:d8:36:61:9b:5f:f0:58:d9:c5:
ce:8f:df:b4:59:a3:38:56:af:be:70:2c:24:3c:00:ac:ef:7e:
34:d8:2d:53:b8:e7:34:f3:98:e9:90:cb:27:bd:c4:cb:68:fb:
5c:d5:b1:45:79:e0:3b:3a:38:0b:ff:6f:f3:d3:ef:39:b1:d8:
4e:f3:51:22:34:0a:8d:ed:b6:e8:be:b5:94:41:0c:fc:70:23:
17:d5:9e:1d:d0:14:31:80:6d:39:d4:b4:a8:fa:46:42:11:2a:
25:8f:a9:c6:26:b2:40:fc:64:0d:b6:ff:d4:09:2a:81:17:4f:
c9:5a:76:c5:12:cf:7b:92:da:d4:c9:3a:3a:7a:42:7d:b2:14:
3a:72:3d:a7:fc:04:99:06:df:b9:72:ea:ce:51:32:31:26:15:
1c:99:6d:cb:fd:09:95:85:e3:03:1e:89:47:cb:c2:5a:1f:3d:
9f:5c:e4:36:6e:b2:e7:54:29:9f:88:7e:fd:71:53:fe:b8:7b:
7a:4b:07:a9:3d:cb:28:7f:8b:a5:39:22:1d:8c:93:df:f8:72:
23:4c:8b:52
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQJ1JpiYAHlalHiG43F/tobMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTI1YWFmZTNhOTg3MGU5NTI0YWZhMDI2NTk4N2VkNWE1
YTRkYTMwHhcNMjIxMDI0MTE1MDM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTViZGUzMGQ3MDEwN2Y5YzM1YzEwYWVjYTAyYjZhOThhOWM4NWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllkEF8sHu3gBBp3ZCpyaV8lGxMKY
C8X+MqAVBLfErqzwYGn3GiLOtbPm19bhG9UFstaBxlew5o7kE+oU/PJ3h6MxYg/8
hVteBLNcllHiVbU1NKcsYFn5gVJFvUd3J2dkll7LXTAxsK1lS2hBxDU61qEVGcKX
QEoU4jATL8E6reKECbrZDv2yjJpskLfWYmvGUnSwLxmA5WmCNPUSZTqkhxcyUXkL
yV2gB7iVzqeNLYGkPSc2bvCeJzaxFZxvBA8g+O/K1om3Kl3icrOb7teHdvw3IM7M
nJzc/eTZ99It5yZlyh4lr80cvPTeJyW3voDKX7uS84qVa7w37OHNrQkYewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNpb3jDXAQf5w1wQrsoCtqmKnIXaMB8GA1UdIwQY
MBaAFK2iWq/jqYcOlSSvoCZZh+1aWk2jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUt
OWQ1ODc1ZDg2MzczLzEvMmx2ZU1OY0JCX25EWEJDdXlnSzJxWXFjaGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84MTBkMjQtYWNiZS00Y2IyLTlhYzUtOWQ1ODc1ZDg2Mzcz
LzEvcmFKYXItT3BodzZWSkstZ0psbUg3VnBhVGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZOUAwQC
TVOYAwQCixyoMA0GCSqGSIb3DQEBCwUAA4IBAQAQOmcxzGVWX0aIgT9fDNyMmah5
htdqh91GYFaTNIH/p1p1enPc6vyvJKTaJXjYNmGbX/BY2cXOj9+0WaM4Vq++cCwk
PACs73402C1TuOc085jpkMsnvcTLaPtc1bFFeeA7OjgL/2/z0+85sdhO81EiNAqN
7bbovrWUQQz8cCMX1Z4d0BQxgG051LSo+kZCESolj6nGJrJA/GQNtv/UCSqBF0/J
WnbFEs97ktrUyTo6ekJ9shQ6cj2n/ASZBt+5curOUTIxJhUcmW3L/QmVheMDHolH
y8JaHz2fXOQ2brLnVCmfiH79cVP+uHt6SwepPcsof4ulOSIdjJPf+HIjTItS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:41 2024 by rpki-client on console-ams.rpki-client.org