Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/2zyLZDwc0wGW_8OdkV8x9Y9beo8.roa
File: 2zyLZDwc0wGW_8OdkV8x9Y9beo8.roa (raw, json)
Hash identifier: 1V9K80/4AU19RH9Ql8jktLKcA/6yB+Y+BX9OCadLIaI=
Subject key identifier: DB:3C:8B:64:3C:1C:D3:01:96:FF:C3:9D:91:5F:31:F5:8F:5B:7A:8F
Certificate issuer: /CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Certificate serial: 0185635D13797C533CA1A92A539006B0CB0D
Authority key identifier: 67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/2zyLZDwc0wGW_8OdkV8x9Y9beo8.roa
Signing time: Fri 30 Dec 2022 14:08:42 +0000
ROA not before: Fri 30 Dec 2022 14:08:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60385
IP address blocks: 87.238.139.0/24 maxlen: 24
185.18.251.0/24 maxlen: 24
185.18.248.0/24 maxlen: 24
185.18.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:63:5d:13:79:7c:53:3c:a1:a9:2a:53:90:06:b0:cb:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=672f0e42b08aa451fc583a358ec370ffbd2dac68
Validity
Not Before: Dec 30 14:08:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db3c8b643c1cd30196ffc39d915f31f58f5b7a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:38:92:b4:39:4b:6a:b2:1e:dd:2f:33:54:11:
92:81:8f:6b:b8:f7:1e:46:6a:c8:83:a9:b7:0f:db:
f4:6f:37:ca:d4:9b:37:77:2a:f9:9e:b6:f0:73:b8:
98:77:66:93:8a:64:eb:ec:d1:05:df:c4:46:37:da:
35:68:37:45:82:e0:c5:09:e7:b2:1c:c1:72:f9:9b:
e0:44:29:24:4a:3b:8d:fa:ff:55:74:b8:d5:08:48:
19:1c:a8:eb:5e:05:72:48:df:5a:2d:5c:4f:ce:23:
cf:8b:d1:6b:9a:04:4d:ca:e7:70:d6:da:98:b1:c0:
a3:fe:28:bb:9d:2f:08:b2:3a:6c:ca:52:bc:d3:29:
7f:8b:52:a6:8a:dd:98:bd:a3:3f:42:54:3d:46:ef:
c1:ab:b6:0e:f3:f0:ce:8d:9c:4a:93:de:3c:e5:90:
5f:d9:2f:49:bf:f7:86:7d:81:4a:7f:6f:74:75:77:
18:69:f0:aa:2e:59:96:f2:93:07:2e:9a:f4:25:c4:
9e:86:25:16:86:84:e0:f6:27:1e:0f:b7:a4:6e:5e:
9d:b8:4f:0f:0e:7b:7b:83:f7:64:29:0c:c2:e4:13:
99:40:62:a5:36:d8:89:79:3a:b6:62:27:7c:cb:c2:
49:a6:30:39:3d:46:cd:98:5a:a5:be:c5:18:c0:df:
6b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3C:8B:64:3C:1C:D3:01:96:FF:C3:9D:91:5F:31:F5:8F:5B:7A:8F
X509v3 Authority Key Identifier:
keyid:67:2F:0E:42:B0:8A:A4:51:FC:58:3A:35:8E:C3:70:FF:BD:2D:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zy8OQrCKpFH8WDo1jsNw_70trGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/2zyLZDwc0wGW_8OdkV8x9Y9beo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/59a6b9-cd20-4cd7-b4a7-f0b962f52414/1/Zy8OQrCKpFH8WDo1jsNw_70trGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.238.139.0/24
185.18.248.0/23
185.18.251.0/24
Signature Algorithm: sha256WithRSAEncryption
73:a4:40:69:25:3f:f2:bc:c8:e9:21:96:49:7c:35:7b:7f:6e:
03:f1:6d:d6:89:20:45:45:f3:9c:96:c0:c9:3a:6d:80:89:a9:
99:07:07:6e:ca:b3:8e:c3:9b:f7:24:2a:7b:61:49:89:c3:09:
a1:a4:ba:e6:fd:f3:17:6f:58:66:95:5e:b6:a2:d0:5a:bc:0a:
fe:d8:ea:90:99:85:23:fe:8a:f9:36:1c:37:64:6f:7e:0e:d3:
ba:84:84:f9:db:04:4a:a7:8d:82:2c:12:da:53:5d:e7:61:29:
6c:1b:83:6c:2d:cc:6b:5a:d3:32:af:5d:26:da:5b:7a:dd:8b:
01:8d:fa:89:75:56:25:4c:62:3a:41:84:3a:52:b2:25:54:d7:
31:22:8c:be:66:06:50:15:2e:6e:88:18:bd:2b:2d:0e:a6:48:
d3:96:78:79:87:87:2e:31:b9:c7:95:c2:2e:8d:6b:aa:2c:c1:
1c:a3:f2:a3:72:b5:4f:d7:da:a1:7d:5f:3a:58:2d:ce:9f:5d:
88:ab:86:d9:dd:c9:86:f4:54:77:b0:9c:5c:87:65:c5:a1:1e:
7c:01:5f:dd:d8:f8:91:e0:8a:11:54:d1:2a:94:3f:da:f9:ee:
13:17:d1:44:76:34:99:d0:51:e5:41:9d:f8:87:60:6b:c2:af:
3f:11:fe:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVjXRN5fFM8oakqU5AGsMsNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MmYwZTQyYjA4YWE0NTFmYzU4M2EzNThlYzM3MGZmYmQy
ZGFjNjgwHhcNMjIxMjMwMTQwODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjNjOGI2NDNjMWNkMzAxOTZmZmMzOWQ5MTVmMzFmNThmNWI3YThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjiStDlLarIe3S8zVBGSgY9ruPce
RmrIg6m3D9v0bzfK1Js3dyr5nrbwc7iYd2aTimTr7NEF38RGN9o1aDdFguDFCeey
HMFy+ZvgRCkkSjuN+v9VdLjVCEgZHKjrXgVySN9aLVxPziPPi9FrmgRNyudw1tqY
scCj/ii7nS8IsjpsylK80yl/i1Kmit2YvaM/QlQ9Ru/Bq7YO8/DOjZxKk9485ZBf
2S9Jv/eGfYFKf290dXcYafCqLlmW8pMHLpr0JcSehiUWhoTg9iceD7ekbl6duE8P
Dnt7g/dkKQzC5BOZQGKlNtiJeTq2Yid8y8JJpjA5PUbNmFqlvsUYwN9r7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNs8i2Q8HNMBlv/DnZFfMfWPW3qPMB8GA1UdIwQY
MBaAFGcvDkKwiqRR/Fg6NY7DcP+9LaxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTct
ZjBiOTYyZjUyNDE0LzEvMnp5TFpEd2Mwd0dXXzhPZGtWOHg5WTliZW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My81OWE2YjktY2QyMC00Y2Q3LWI0YTctZjBiOTYyZjUyNDE0
LzEvWnk4T1FyQ0twRkg4V0RvMWpzTndfNzB0ckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV+6LAwQB
uRL4AwQAuRL7MA0GCSqGSIb3DQEBCwUAA4IBAQBzpEBpJT/yvMjpIZZJfDV7f24D
8W3WiSBFRfOclsDJOm2AiamZBwduyrOOw5v3JCp7YUmJwwmhpLrm/fMXb1hmlV62
otBavAr+2OqQmYUj/or5Nhw3ZG9+DtO6hIT52wRKp42CLBLaU13nYSlsG4NsLcxr
WtMyr10m2lt63YsBjfqJdVYlTGI6QYQ6UrIlVNcxIoy+ZgZQFS5uiBi9Ky0OpkjT
lnh5h4cuMbnHlcIujWuqLMEco/KjcrVP19qhfV86WC3On12Iq4bZ3cmG9FR3sJxc
h2XFoR58AV/d2PiR4IoRVNEqlD/a+e4TF9FEdjSZ0FHlQZ34h2Brwq8/Ef7a
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:21 2023 by rpki-client on console-ams.rpki-client.org