Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/LFf_8u4Epm4seQATspd-7KD5Yjc.roa
File: LFf_8u4Epm4seQATspd-7KD5Yjc.roa (raw, json)
Hash identifier: BdyDENA7Eqb8D7jvdAqhVnCzIwd7Z0RTX41MNJfj9Ls=
Subject key identifier: 2C:57:FF:F2:EE:04:A6:6E:2C:79:00:13:B2:97:7E:EC:A0:F9:62:37
Certificate issuer: /CN=be07895736ed92860f3135008a85813f98bbd7c1
Certificate serial: 05FFAED2
Authority key identifier: BE:07:89:57:36:ED:92:86:0F:31:35:00:8A:85:81:3F:98:BB:D7:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgeJVzbtkoYPMTUAioWBP5i718E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/LFf_8u4Epm4seQATspd-7KD5Yjc.roa
Signing time: Sat 01 Jan 2022 16:06:30 +0000
ROA not before: Sat 01 Jan 2022 16:06:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205250
IP address blocks: 185.224.74.0/23 maxlen: 23
185.224.72.0/23 maxlen: 23
2a0c:fc00::/32 maxlen: 32
2a0c:fc01::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100642514 (0x5ffaed2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be07895736ed92860f3135008a85813f98bbd7c1
Validity
Not Before: Jan 1 16:06:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c57fff2ee04a66e2c790013b2977eeca0f96237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:23:12:69:74:52:fe:d4:23:13:75:f1:6c:8e:
75:ff:c3:b3:5d:69:8d:34:e6:17:56:1e:b9:cf:31:
35:cf:75:d9:52:2c:7a:7b:bc:db:cd:41:da:09:75:
6e:30:dd:e3:e2:3a:da:86:f0:ad:bd:5b:e0:d8:ea:
de:98:85:37:fc:2a:2a:40:24:5f:b3:0e:dd:af:0e:
6c:e6:5b:9a:48:97:85:03:01:9a:e3:9c:44:5c:95:
56:cb:14:f5:a5:1c:7b:d3:b5:b7:d8:58:31:6b:6b:
25:7b:e7:2d:0a:ff:c7:27:19:79:27:2c:67:c5:ad:
90:69:ea:d5:e3:eb:ca:d4:ae:a1:c0:ef:31:33:0e:
5c:63:f3:f0:72:ef:1f:9e:e8:42:02:c7:44:ee:58:
e2:cf:1b:d7:00:e3:33:9a:f7:0c:bc:0d:be:95:69:
80:c9:7c:0c:d8:96:26:8c:b0:f3:85:1e:34:f7:cf:
70:c0:81:6d:8d:80:d5:fe:5d:21:ad:71:4e:2f:05:
41:90:aa:17:e3:2b:11:e7:cb:19:65:35:21:1d:a9:
51:6b:ab:50:f2:7b:ee:3c:8d:82:01:73:cb:67:1b:
54:9c:a2:39:aa:12:33:01:5e:8b:3a:0f:de:34:3f:
ef:27:c8:b3:ca:ff:ce:3e:a6:31:b9:9b:42:12:bd:
25:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:57:FF:F2:EE:04:A6:6E:2C:79:00:13:B2:97:7E:EC:A0:F9:62:37
X509v3 Authority Key Identifier:
keyid:BE:07:89:57:36:ED:92:86:0F:31:35:00:8A:85:81:3F:98:BB:D7:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgeJVzbtkoYPMTUAioWBP5i718E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/LFf_8u4Epm4seQATspd-7KD5Yjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/659f2c-c289-4699-87d7-21d6100383e0/1/vgeJVzbtkoYPMTUAioWBP5i718E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.72.0/22
IPv6:
2a0c:fc00::/31
Signature Algorithm: sha256WithRSAEncryption
6d:be:70:9f:c2:a3:a7:32:c6:49:fd:2c:ad:74:9c:27:0c:f8:
ed:cc:e4:11:7c:be:7a:98:62:44:2f:43:c8:77:fa:c5:e0:26:
76:f0:10:73:92:bc:f4:85:1f:f9:b8:1b:ed:28:a9:51:42:03:
40:b9:22:9d:f8:ee:10:b5:7d:95:cf:56:5f:09:66:19:a2:d2:
f5:8e:f3:2b:68:c9:b8:e5:db:6a:10:33:cc:73:c5:fa:52:b2:
71:b0:3a:1f:18:94:92:f7:5e:d7:a6:97:a1:40:2c:30:fe:fc:
ca:d0:6d:5d:21:06:6b:b6:c6:70:e0:7c:2b:be:c2:f7:26:4c:
f9:ea:6e:e3:6b:1f:51:ac:65:2d:a6:2d:7d:f0:24:38:dc:94:
2c:b4:76:32:05:ae:a9:60:01:43:bf:a6:7c:89:98:61:d3:7b:
09:d4:c5:23:6c:d4:96:92:71:2d:b3:c5:5d:fb:76:c9:86:26:
eb:8a:40:48:61:ac:f0:82:a7:5e:e0:0e:11:a1:3a:6d:0f:1a:
fb:ea:4b:8b:8e:30:46:ab:92:ae:7e:c7:50:86:fa:9a:df:1c:
bf:cc:b8:2b:6b:06:fe:81:b5:ea:99:87:68:1f:37:e4:e0:69:
24:a0:a7:af:80:f5:32:79:07:48:f5:a0:1e:fe:69:3e:15:65:
49:25:f2:e3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBf+u0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTA3ODk1NzM2ZWQ5Mjg2MGYzMTM1MDA4YTg1ODEzZjk4YmJkN2MxMB4XDTIyMDEw
MTE2MDYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM1N2ZmZjJlZTA0
YTY2ZTJjNzkwMDEzYjI5NzdlZWNhMGY5NjIzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO0jEml0Uv7UIxN18WyOdf/Ds11pjTTmF1Yeuc8xNc912VIs
enu8281B2gl1bjDd4+I62obwrb1b4Njq3piFN/wqKkAkX7MO3a8ObOZbmkiXhQMB
muOcRFyVVssU9aUce9O1t9hYMWtrJXvnLQr/xycZeScsZ8WtkGnq1ePrytSuocDv
MTMOXGPz8HLvH57oQgLHRO5Y4s8b1wDjM5r3DLwNvpVpgMl8DNiWJoyw84UeNPfP
cMCBbY2A1f5dIa1xTi8FQZCqF+MrEefLGWU1IR2pUWurUPJ77jyNggFzy2cbVJyi
OaoSMwFeizoP3jQ/7yfIs8r/zj6mMbmbQhK9JWkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQsV//y7gSmbix5ABOyl37soPliNzAfBgNVHSMEGDAWgBS+B4lXNu2Shg8x
NQCKhYE/mLvXwTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZnZUpWemJ0a29ZUE1UVUFpb1dCUDVpNzE4RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvNjU5ZjJjLWMyODktNDY5OS04N2Q3LTIxZDYxMDAzODNlMC8x
L0xGZl84dTRFcG00c2VRQVRzcGQtN0tENVlqYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
NjU5ZjJjLWMyODktNDY5OS04N2Q3LTIxZDYxMDAzODNlMC8xL3ZnZUpWemJ0a29Z
UE1UVUFpb1dCUDVpNzE4RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArngSDANBAIAAjAHAwUBKgz8ADAN
BgkqhkiG9w0BAQsFAAOCAQEAbb5wn8KjpzLGSf0srXScJwz47czkEXy+ephiRC9D
yHf6xeAmdvAQc5K89IUf+bgb7SipUUIDQLkinfjuELV9lc9WXwlmGaLS9Y7zK2jJ
uOXbahAzzHPF+lKycbA6HxiUkvde16aXoUAsMP78ytBtXSEGa7bGcOB8K77C9yZM
+epu42sfUaxlLaYtffAkONyULLR2MgWuqWABQ7+mfImYYdN7CdTFI2zUlpJxLbPF
Xft2yYYm64pASGGs8IKnXuAOEaE6bQ8a++pLi44wRquSrn7HUIb6mt8cv8y4K2sG
/oG16pmHaB835OBpJKCnr4D1MnkHSPWgHv5pPhVlSSXy4w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:07 2024 by rpki-client on console-ams.rpki-client.org