Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/2pivG_FWRC98wBtP3iP1shvz7IE.roa
File: 2pivG_FWRC98wBtP3iP1shvz7IE.roa (raw, json)
Hash identifier: z2g4mv8frckHoe++vMrsukSW83wjKhhXGudS9eCcl7Y=
Subject key identifier: DA:98:AF:1B:F1:56:44:2F:7C:C0:1B:4F:DE:23:F5:B2:1B:F3:EC:81
Certificate issuer: /CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Certificate serial: 0252CDED
Authority key identifier: F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/2pivG_FWRC98wBtP3iP1shvz7IE.roa
Signing time: Tue 28 Jun 2022 08:07:04 +0000
ROA not before: Tue 28 Jun 2022 08:07:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 178.255.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38981101 (0x252cded)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Validity
Not Before: Jun 28 08:07:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da98af1bf156442f7cc01b4fde23f5b21bf3ec81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9a:68:d4:0c:d8:2e:9d:6f:bd:12:5c:2f:ca:
04:d7:2f:5d:1e:e6:3d:18:1a:75:a9:21:9e:1d:8b:
4e:a2:77:3d:77:29:1a:26:10:f1:10:0b:11:05:19:
e8:5d:a4:2b:a7:b3:f5:54:95:8d:58:b8:d9:9f:52:
3f:bb:6c:b3:17:72:3e:68:b6:fa:4d:24:bc:3d:74:
22:82:1f:a7:06:26:a4:71:cd:b0:90:e6:f3:57:fb:
d9:db:33:bc:20:78:ae:98:be:1c:8c:03:47:ff:e9:
65:c0:42:27:03:a0:ce:ba:b0:ea:91:4c:20:2b:2d:
20:66:a5:d1:84:c3:61:9d:a2:fc:3d:6d:97:bd:65:
cc:76:e2:80:ca:c8:8e:f7:d6:d5:2a:8d:83:a1:aa:
70:71:6f:1b:b6:8e:0d:7b:37:56:3c:31:9c:42:34:
d8:81:01:e0:84:0c:a5:e1:31:d5:be:78:66:b6:61:
29:20:e0:d5:7d:23:3f:85:c7:3d:4f:1a:88:e7:d6:
68:98:7b:53:a6:a8:ad:6e:20:2e:3f:aa:66:2a:22:
de:d3:a6:3a:a5:98:e4:56:d4:85:9c:23:6b:73:59:
9e:08:35:f4:29:ef:6a:d6:17:54:65:c5:e9:70:50:
7a:25:ef:a2:7b:06:11:40:6a:7c:7a:22:fc:f9:9b:
ec:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:98:AF:1B:F1:56:44:2F:7C:C0:1B:4F:DE:23:F5:B2:1B:F3:EC:81
X509v3 Authority Key Identifier:
keyid:F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/2pivG_FWRC98wBtP3iP1shvz7IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/87KAXYd27t63qky-WvVozbJin8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.219.0/24
Signature Algorithm: sha256WithRSAEncryption
38:74:b2:b4:bb:d7:82:8f:91:95:50:c4:4c:df:c6:e3:ea:f9:
53:a5:c0:bd:f5:dc:f9:bc:f7:3f:ae:1e:2b:56:65:2a:78:d8:
1c:95:0d:e4:cf:06:70:4c:67:8f:67:47:84:11:10:c8:6c:be:
a3:f8:24:1a:5a:4e:06:de:9f:15:b8:f6:90:2f:f0:72:13:cf:
c5:43:85:0c:b5:06:89:82:24:36:e4:dd:40:1e:eb:f0:e0:64:
9d:ce:e1:77:00:8e:55:3a:02:f8:2c:ac:dd:8b:93:d2:59:4d:
3d:06:8b:fc:fe:7e:6a:74:d6:34:0e:69:45:6d:a7:39:a8:b0:
e8:fe:36:f5:39:92:77:ce:c1:7f:34:fd:22:0c:3c:e7:3a:31:
a0:8c:3f:0a:b0:16:71:d6:4f:13:f7:f7:33:5b:d2:57:98:1a:
ad:60:a4:b4:37:b2:38:c3:5d:c5:2f:6d:78:e5:df:b7:00:66:
73:bf:5b:ae:00:5f:75:43:21:54:76:c3:07:2a:1e:9d:e6:64:
9d:d8:31:4d:1a:07:b9:3e:25:60:0a:8b:0a:8f:7d:94:be:f6:
db:e8:b8:ae:6a:62:e6:cf:06:79:bd:45:6d:bd:22:47:fa:c5:
3d:db:97:36:20:d6:a0:d5:f2:96:c5:4d:7a:9f:e6:bd:83:1b:
38:bb:1e:20
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAlLN7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
M2IyODA1ZDg3NzZlZWRlYjdhYTRjYmU1YWY1NjhjZGIyNjI5ZmMyMB4XDTIyMDYy
ODA4MDcwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE5OGFmMWJmMTU2
NDQyZjdjYzAxYjRmZGUyM2Y1YjIxYmYzZWM4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyaaNQM2C6db70SXC/KBNcvXR7mPRgadakhnh2LTqJ3PXcp
GiYQ8RALEQUZ6F2kK6ez9VSVjVi42Z9SP7tssxdyPmi2+k0kvD10IoIfpwYmpHHN
sJDm81f72dszvCB4rpi+HIwDR//pZcBCJwOgzrqw6pFMICstIGal0YTDYZ2i/D1t
l71lzHbigMrIjvfW1SqNg6GqcHFvG7aODXs3VjwxnEI02IEB4IQMpeEx1b54ZrZh
KSDg1X0jP4XHPU8aiOfWaJh7U6aorW4gLj+qZioi3tOmOqWY5FbUhZwja3NZngg1
9CnvatYXVGXF6XBQeiXvonsGEUBqfHoi/Pmb7MkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTamK8b8VZEL3zAG0/eI/WyG/PsgTAfBgNVHSMEGDAWgBTzsoBdh3bu3req
TL5a9WjNsmKfwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzg3S0FYWWQyN3Q2M3FreS1XdlZvemJKaW44SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvYjg2MmQzLTY4NDQtNDZmNy1iZDk4LTgzYmM3OTcyNzhlMi8x
LzJwaXZHX0ZXUkM5OHdCdFAzaVAxc2h2ejdJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
Yjg2MmQzLTY4NDQtNDZmNy1iZDk4LTgzYmM3OTcyNzhlMi8xLzg3S0FYWWQyN3Q2
M3FreS1XdlZvemJKaW44SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALL/2zANBgkqhkiG9w0BAQsFAAOC
AQEAOHSytLvXgo+RlVDETN/G4+r5U6XAvfXc+bz3P64eK1ZlKnjYHJUN5M8GcExn
j2dHhBEQyGy+o/gkGlpOBt6fFbj2kC/wchPPxUOFDLUGiYIkNuTdQB7r8OBknc7h
dwCOVToC+Cys3YuT0llNPQaL/P5+anTWNA5pRW2nOaiw6P429TmSd87BfzT9Igw8
5zoxoIw/CrAWcdZPE/f3M1vSV5garWCktDeyOMNdxS9teOXftwBmc79brgBfdUMh
VHbDByoeneZkndgxTRoHuT4lYAqLCo99lL722+i4rmpi5s8Geb1Fbb0iR/rFPduX
NiDWoNXylsVNep/mvYMbOLseIA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:39 2025 by rpki-client