Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/2BxSH4t7ickHlf8rpB9YPiJa4HU.roa
File: 2BxSH4t7ickHlf8rpB9YPiJa4HU.roa (raw, json)
Hash identifier: VhKHfo4t4o73wtXvwFHqsZQcb2mkM51j++Y+uVXwD3Y=
Subject key identifier: D8:1C:52:1F:8B:7B:89:C9:07:95:FF:2B:A4:1F:58:3E:22:5A:E0:75
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 0182FE701A6B56BAC55C0958997FB66EBE69
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/2BxSH4t7ickHlf8rpB9YPiJa4HU.roa
Signing time: Fri 02 Sep 2022 13:42:15 +0000
ROA not before: Fri 02 Sep 2022 13:42:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200753
IP address blocks: 185.133.210.0/24 maxlen: 24
2a06:e880:c0::/46 maxlen: 48
2a06:e880::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fe:70:1a:6b:56:ba:c5:5c:09:58:99:7f:b6:6e:be:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Sep 2 13:42:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d81c521f8b7b89c90795ff2ba41f583e225ae075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:79:e7:b3:40:f4:97:41:60:2e:57:5a:f8:cc:
88:53:ed:bc:b7:d2:13:e4:2e:49:a8:8f:41:95:45:
9b:ca:32:10:dd:fe:7e:e7:82:df:67:59:67:e1:12:
fd:76:9d:14:79:75:65:2a:f2:1f:30:99:e0:26:01:
4b:ed:aa:dd:11:57:03:95:c9:34:ff:8e:9c:23:20:
f8:74:f9:09:4a:d3:64:60:a8:06:e1:3e:16:56:3f:
7e:82:92:0f:12:4e:3a:dc:ec:0e:a7:7d:92:af:32:
98:8a:ac:23:f6:76:42:48:53:4d:02:2a:0e:5a:52:
ef:0d:4b:61:da:d1:5a:a1:67:85:4b:c3:61:91:fa:
37:db:a9:ef:15:d2:94:a6:d5:51:8f:58:19:7c:f5:
74:46:36:38:5c:9c:a5:91:69:91:0d:df:b4:fe:a2:
4e:35:d4:fa:23:da:16:cb:90:15:5d:22:cb:df:f1:
5b:1b:27:0a:d0:e1:23:06:9b:ac:0f:94:1f:51:65:
ff:96:a8:c5:e0:61:e9:b4:7d:09:70:b4:09:fd:76:
bd:73:3a:ac:31:29:e3:ac:19:fc:61:5c:04:4c:7a:
6f:b3:bd:80:97:ef:95:e5:92:69:cc:b0:af:a8:32:
38:bd:e0:a9:7c:40:51:2d:d8:54:95:80:69:cb:20:
bc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1C:52:1F:8B:7B:89:C9:07:95:FF:2B:A4:1F:58:3E:22:5A:E0:75
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/2BxSH4t7ickHlf8rpB9YPiJa4HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.210.0/24
IPv6:
2a06:e880::/32
Signature Algorithm: sha256WithRSAEncryption
a0:46:dd:13:1b:3a:b7:d3:64:d6:1e:5c:82:19:d0:45:22:d9:
81:83:c7:39:2c:24:31:1d:da:28:e8:2e:cc:31:e8:f0:03:4a:
4e:f0:1e:b5:c8:5e:c4:fd:69:ea:6c:93:50:50:a7:d8:97:6e:
8e:9a:79:5b:14:bf:52:8d:6a:fa:06:16:52:09:75:d1:6e:23:
47:ca:0e:a1:9c:5c:c0:33:2c:4a:8d:6b:00:15:51:e1:e6:ea:
fe:03:48:e4:5d:8d:44:49:38:81:4b:4f:fa:da:9c:c4:fb:e5:
69:88:58:3e:db:52:a0:6e:05:ec:37:9b:72:8e:f9:b4:c1:a6:
86:98:f6:8f:03:01:38:cf:22:0c:d1:e8:29:4d:f0:e3:ec:53:
de:e3:c2:f9:a4:ca:fb:ba:f0:5e:fe:c7:45:8d:cf:bb:88:1a:
bb:bb:90:df:8c:be:28:92:60:23:b1:b1:5a:ee:2d:ff:76:0d:
c7:5a:ed:ee:fb:51:13:8f:4e:6e:59:80:1f:bd:64:8a:01:dc:
d9:ee:32:9e:f1:8f:d8:cc:0d:c8:f4:76:89:19:a5:58:25:16:
34:ac:16:13:79:5b:a7:58:d3:df:00:c7:31:b9:4a:16:42:d2:
6c:24:ed:43:f1:04:50:1c:03:6f:ab:03:c1:23:7f:3b:17:f4:
f0:0d:cd:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYL+cBprVrrFXAlYmX+2br5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjIwOTAyMTM0MjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFjNTIxZjhiN2I4OWM5MDc5NWZmMmJhNDFmNTgzZTIyNWFlMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnnns0D0l0FgLlda+MyIU+28t9IT
5C5JqI9BlUWbyjIQ3f5+54LfZ1ln4RL9dp0UeXVlKvIfMJngJgFL7ardEVcDlck0
/46cIyD4dPkJStNkYKgG4T4WVj9+gpIPEk463OwOp32SrzKYiqwj9nZCSFNNAioO
WlLvDUth2tFaoWeFS8Nhkfo326nvFdKUptVRj1gZfPV0RjY4XJylkWmRDd+0/qJO
NdT6I9oWy5AVXSLL3/FbGycK0OEjBpusD5QfUWX/lqjF4GHptH0JcLQJ/Xa9czqs
MSnjrBn8YVwETHpvs72Al++V5ZJpzLCvqDI4veCpfEBRLdhUlYBpyyC8MwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNgcUh+Le4nJB5X/K6QfWD4iWuB1MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvMkJ4U0g0dDdpY2tIbGY4cnBCOVlQaUphNEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYXSMA0E
AgACMAcDBQAqBuiAMA0GCSqGSIb3DQEBCwUAA4IBAQCgRt0TGzq302TWHlyCGdBF
ItmBg8c5LCQxHdoo6C7MMejwA0pO8B61yF7E/WnqbJNQUKfYl26OmnlbFL9SjWr6
BhZSCXXRbiNHyg6hnFzAMyxKjWsAFVHh5ur+A0jkXY1ESTiBS0/62pzE++VpiFg+
21KgbgXsN5tyjvm0waaGmPaPAwE4zyIM0egpTfDj7FPe48L5pMr7uvBe/sdFjc+7
iBq7u5DfjL4okmAjsbFa7i3/dg3HWu3u+1ETj05uWYAfvWSKAdzZ7jKe8Y/YzA3I
9HaJGaVYJRY0rBYTeVunWNPfAMcxuUoWQtJsJO1D8QRQHANvqwPBI387F/TwDc0E
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:40 2024 by rpki-client on console-ams.rpki-client.org