Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/L8iN1asHNcWFvQSMUQZAjvFBr5Q.roa
File: L8iN1asHNcWFvQSMUQZAjvFBr5Q.roa (raw, json)
Hash identifier: EhvjHodAI6+hWKnFjE/5w2a2svJTEeHE+rcf94l/2T4=
Subject key identifier: 2F:C8:8D:D5:AB:07:35:C5:85:BD:04:8C:51:06:40:8E:F1:41:AF:94
Certificate issuer: /CN=ba7966ecfd8bc2d31833f70afba4f7f8a15b24a3
Certificate serial: 0E5F2D04
Authority key identifier: BA:79:66:EC:FD:8B:C2:D3:18:33:F7:0A:FB:A4:F7:F8:A1:5B:24:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/unlm7P2LwtMYM_cK-6T3-KFbJKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/L8iN1asHNcWFvQSMUQZAjvFBr5Q.roa
Signing time: Sat 01 Jan 2022 04:01:53 +0000
ROA not before: Sat 01 Jan 2022 04:01:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 396362
IP address blocks: 185.215.225.0/24 maxlen: 24
185.215.226.0/24 maxlen: 24
2a0b:ae40:6::/48 maxlen: 48
2a0b:ae40:7::/48 maxlen: 48
2a0b:ae40:5::/48 maxlen: 48
2a0b:ae40:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 241118468 (0xe5f2d04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba7966ecfd8bc2d31833f70afba4f7f8a15b24a3
Validity
Not Before: Jan 1 04:01:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fc88dd5ab0735c585bd048c5106408ef141af94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5a:6c:12:31:7b:52:16:43:5f:df:fa:e7:14:
7d:f2:12:ac:bd:fa:66:13:17:8b:f9:65:c2:d4:ed:
20:29:4c:45:bb:d5:49:33:80:90:66:a6:26:b0:bf:
b4:dc:2e:6e:0d:b9:09:fb:04:88:91:69:28:88:87:
9f:be:7f:92:7c:7b:ba:21:42:b2:c9:dd:d3:e5:23:
ee:1f:b4:00:08:6e:00:41:19:42:ed:29:3d:9b:7c:
64:b9:a8:83:b5:71:0c:1c:4d:cb:c9:28:fe:0e:16:
c7:e5:c0:35:da:dd:28:ec:31:22:d3:6a:75:be:e1:
5f:5c:5e:cd:c3:ba:5c:2c:d8:e5:6c:74:7c:9d:c4:
7a:16:be:e5:a9:20:45:5e:fc:0d:e4:cb:da:eb:09:
a9:6b:a0:d9:e1:61:74:4d:19:ac:99:6d:19:97:ac:
64:5a:b0:6e:d4:e3:2a:73:1b:44:67:d7:4c:76:75:
93:ae:1d:f8:e1:1e:bd:3f:01:c4:b3:3a:95:05:71:
60:29:0f:17:5b:c3:1b:ab:82:0e:4a:08:d7:d2:42:
a9:3f:f4:55:13:0c:e9:00:69:91:a0:7a:07:17:33:
39:4c:a4:aa:12:ab:0e:d4:af:f4:85:4c:a1:ae:25:
bf:2e:85:32:22:45:e2:10:07:1a:5c:0c:60:82:42:
06:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C8:8D:D5:AB:07:35:C5:85:BD:04:8C:51:06:40:8E:F1:41:AF:94
X509v3 Authority Key Identifier:
keyid:BA:79:66:EC:FD:8B:C2:D3:18:33:F7:0A:FB:A4:F7:F8:A1:5B:24:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/unlm7P2LwtMYM_cK-6T3-KFbJKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/L8iN1asHNcWFvQSMUQZAjvFBr5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/86f350-94df-4830-8e9b-fb0443b8d9be/1/unlm7P2LwtMYM_cK-6T3-KFbJKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.225.0-185.215.226.255
IPv6:
2a0b:ae40:5::-2a0b:ae40:8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
47:fa:d1:16:db:b1:61:f1:9e:5a:53:39:8a:c4:cb:43:19:13:
64:8f:09:cf:8b:26:ab:b6:35:cf:f0:35:1d:45:37:42:38:77:
18:9a:6b:93:9d:8c:99:30:a7:f5:f7:5c:42:0d:bc:13:7d:e8:
0c:20:ae:27:60:9d:e2:2b:9f:30:9e:0b:61:9a:41:14:12:80:
46:1b:cf:65:12:79:bb:c5:82:36:26:ba:ec:fb:1f:88:85:b5:
cf:2a:9b:6b:00:1a:49:84:c1:8c:c1:c0:27:4e:2b:9c:43:c9:
62:aa:f0:f5:83:b2:33:0f:2e:6c:e1:b7:b6:c8:94:48:ea:64:
0f:d6:c9:c9:7f:30:6f:28:77:88:57:ac:05:2a:58:9e:59:c1:
3d:88:7a:6b:14:82:4e:71:4b:f7:65:25:d8:d0:5e:44:f4:41:
0a:59:7c:a1:b3:6d:79:18:86:9e:32:15:54:72:c2:09:90:1b:
44:43:5d:96:8e:7f:a4:00:5f:13:b7:04:77:03:50:c1:b3:58:
3c:92:05:63:ea:97:5b:d8:bd:1c:9a:c0:04:30:fa:de:c8:62:
9d:3b:6d:2d:0c:09:83:19:ed:7d:d8:42:b6:0b:72:5e:1a:05:
65:6b:56:5b:41:14:05:e7:86:cf:98:2f:1d:25:8b:46:06:28:
49:5e:9d:40
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEDl8tBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTc5NjZlY2ZkOGJjMmQzMTgzM2Y3MGFmYmE0ZjdmOGExNWIyNGEzMB4XDTIyMDEw
MTA0MDE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmZjODhkZDVhYjA3
MzVjNTg1YmQwNDhjNTEwNjQwOGVmMTQxYWY5NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBabBIxe1IWQ1/f+ucUffISrL36ZhMXi/llwtTtIClMRbvV
STOAkGamJrC/tNwubg25CfsEiJFpKIiHn75/knx7uiFCssnd0+Uj7h+0AAhuAEEZ
Qu0pPZt8ZLmog7VxDBxNy8ko/g4Wx+XANdrdKOwxItNqdb7hX1xezcO6XCzY5Wx0
fJ3Eeha+5akgRV78DeTL2usJqWug2eFhdE0ZrJltGZesZFqwbtTjKnMbRGfXTHZ1
k64d+OEevT8BxLM6lQVxYCkPF1vDG6uCDkoI19JCqT/0VRMM6QBpkaB6BxczOUyk
qhKrDtSv9IVMoa4lvy6FMiJF4hAHGlwMYIJCBv8CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQvyI3Vqwc1xYW9BIxRBkCO8UGvlDAfBgNVHSMEGDAWgBS6eWbs/YvC0xgz
9wr7pPf4oVskozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VubG03UDJMd3RNWU1fY0stNlQzLUtGYkpLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvODZmMzUwLTk0ZGYtNDgzMC04ZTliLWZiMDQ0M2I4ZDliZS8x
L0w4aU4xYXNITmNXRnZRU01VUVpBanZGQnI1US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
ODZmMzUwLTk0ZGYtNDgzMC04ZTliLWZiMDQ0M2I4ZDliZS8xL3VubG03UDJMd3RN
WU1fY0stNlQzLUtGYkpLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwFAQCAAEwDjAMAwQAudfhAwQAudfiMBoEAgACMBQw
EgMHACoLrkAABQMHACoLrkAACDANBgkqhkiG9w0BAQsFAAOCAQEAR/rRFtuxYfGe
WlM5isTLQxkTZI8Jz4smq7Y1z/A1HUU3Qjh3GJprk52MmTCn9fdcQg28E33oDCCu
J2Cd4iufMJ4LYZpBFBKARhvPZRJ5u8WCNia67PsfiIW1zyqbawAaSYTBjMHAJ04r
nEPJYqrw9YOyMw8ubOG3tsiUSOpkD9bJyX8wbyh3iFesBSpYnlnBPYh6axSCTnFL
92Ul2NBeRPRBCll8obNteRiGnjIVVHLCCZAbRENdlo5/pABfE7cEdwNQwbNYPJIF
Y+qXW9i9HJrABDD63shinTttLQwJgxntfdhCtgtyXhoFZWtWW0EUBeeGz5gvHSWL
RgYoSV6dQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:22 2024 by rpki-client on console-ams.rpki-client.org