Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/2M7OKqinDQxuvws6a-FIDCvvnVk.roa
File: 2M7OKqinDQxuvws6a-FIDCvvnVk.roa (raw, json)
Hash identifier: oIAZVCy129+nlZqBmvUcPDFnLyREKQbyVQpIAzItLhI=
Subject key identifier: D8:CE:CE:2A:A8:A7:0D:0C:6E:BF:0B:3A:6B:E1:48:0C:2B:EF:9D:59
Certificate issuer: /CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Certificate serial: 0182CA629EA406299F73ADEF94E9B3BD75D1
Authority key identifier: 39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/2M7OKqinDQxuvws6a-FIDCvvnVk.roa
Signing time: Tue 23 Aug 2022 11:07:16 +0000
ROA not before: Tue 23 Aug 2022 11:07:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12337
IP address blocks: 185.250.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:62:9e:a4:06:29:9f:73:ad:ef:94:e9:b3:bd:75:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Validity
Not Before: Aug 23 11:07:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8cece2aa8a70d0c6ebf0b3a6be1480c2bef9d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fe:35:4a:c8:1e:16:48:88:73:e9:00:b4:0f:
ce:27:f7:cd:b2:c0:d5:43:6c:79:e1:9e:2e:66:4b:
b4:90:d9:2f:5c:28:14:46:da:f2:f5:6e:99:fe:ca:
30:43:5a:69:11:25:c2:05:ff:b7:60:ef:66:28:8d:
6c:e3:c6:79:3e:14:0b:4b:9d:43:90:d8:38:4c:83:
3c:ab:8e:87:ac:f5:7d:85:ab:e8:6c:6c:87:d2:95:
5b:fb:b3:6b:30:f2:8a:b4:b6:17:20:9a:f7:a3:c2:
3e:23:b4:af:d6:b8:5f:c8:46:e6:5f:51:b4:d1:94:
31:e6:86:05:28:64:31:65:6a:60:2c:66:f7:be:78:
ea:ba:33:83:92:a0:c7:1e:b9:1e:7b:1a:d1:a8:b9:
ce:4c:03:9b:65:b9:0a:e1:01:d3:63:10:42:f2:ba:
33:28:89:f2:df:e7:00:83:19:d5:68:fe:26:a1:cf:
7b:e7:85:2c:65:b3:10:8f:3f:d2:11:e4:5d:e4:a9:
8d:74:7d:79:a5:54:ae:73:f4:9e:e6:5f:9f:5d:c2:
e8:0d:b7:d3:24:c9:35:9b:1b:d6:80:ce:bb:74:e7:
e7:8e:92:a2:6d:74:dc:0a:76:25:05:32:51:93:23:
c9:96:2d:1e:9f:a1:28:14:d0:2a:35:cf:23:96:42:
d1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CE:CE:2A:A8:A7:0D:0C:6E:BF:0B:3A:6B:E1:48:0C:2B:EF:9D:59
X509v3 Authority Key Identifier:
keyid:39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/2M7OKqinDQxuvws6a-FIDCvvnVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/OffHSY_ZyfKGgElRYrnrdq1HxgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.111.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:93:42:cb:58:f0:58:21:79:32:70:e9:f6:e5:b8:57:23:8e:
bb:40:25:f0:ef:69:34:45:00:97:3a:bf:7a:80:1a:b5:78:b1:
15:1d:9a:97:74:0e:10:dc:e2:ef:f4:02:47:9a:a4:1c:16:34:
4d:29:cc:7f:9f:70:ee:b2:b8:d5:29:de:fb:44:ab:8a:bb:ed:
3b:61:ae:d6:43:d4:bf:31:23:02:76:a7:38:84:5e:7e:32:21:
ec:31:1e:db:23:de:fc:5e:16:3e:70:27:ae:eb:ba:d3:fa:8f:
a7:f6:49:81:cb:e6:b7:7f:f1:e3:33:48:bb:5b:95:80:4a:e9:
8f:44:93:ea:e5:1a:0b:61:f7:84:33:ea:55:2b:22:8e:9e:f8:
fd:7e:24:6d:3d:47:60:67:aa:d9:f4:87:8f:43:92:a4:dd:bf:
9a:79:32:69:79:b3:61:40:2e:1e:ec:09:35:9e:1c:5b:a6:d3:
77:4d:b8:2b:f3:4e:5e:8a:83:5a:77:2e:7f:5c:61:73:15:e5:
f8:1f:97:ea:b0:11:d2:61:d6:ca:07:2a:f5:67:46:82:2e:e5:
7e:f9:c5:01:18:03:53:38:ba:a2:e1:98:5c:6a:09:e1:f6:64:
dd:62:a6:59:36:f0:cb:14:1e:9a:63:f7:ba:ff:80:a9:e4:85:
cc:65:57:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLKYp6kBimfc63vlOmzvXXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZjdjNzQ5OGZkOWM5ZjI4NjgwNDk1MTYyYjllYjc2YWQ0
N2M2MDMwHhcNMjIwODIzMTEwNzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGNlY2UyYWE4YTcwZDBjNmViZjBiM2E2YmUxNDgwYzJiZWY5ZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/41SsgeFkiIc+kAtA/OJ/fNssDV
Q2x54Z4uZku0kNkvXCgURtry9W6Z/sowQ1ppESXCBf+3YO9mKI1s48Z5PhQLS51D
kNg4TIM8q46HrPV9havobGyH0pVb+7NrMPKKtLYXIJr3o8I+I7Sv1rhfyEbmX1G0
0ZQx5oYFKGQxZWpgLGb3vnjqujODkqDHHrkeexrRqLnOTAObZbkK4QHTYxBC8roz
KIny3+cAgxnVaP4moc9754UsZbMQjz/SEeRd5KmNdH15pVSuc/Se5l+fXcLoDbfT
JMk1mxvWgM67dOfnjpKibXTcCnYlBTJRkyPJli0en6EoFNAqNc8jlkLRSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjOziqopw0Mbr8LOmvhSAwr751ZMB8GA1UdIwQY
MBaAFDn3x0mP2cnyhoBJUWK563atR8YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZmSFNZX1p5ZktHZ0VsUllybnJkcTFIeGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xZDViMGItNGIwNS00MDJjLTgyNjUt
ZWZjZmJhOTkwN2RjLzEvMk03T0txaW5EUXh1dndzNmEtRklEQ3Z2blZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xZDViMGItNGIwNS00MDJjLTgyNjUtZWZjZmJhOTkwN2Rj
LzEvT2ZmSFNZX1p5ZktHZ0VsUllybnJkcTFIeGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufpvMA0G
CSqGSIb3DQEBCwUAA4IBAQAdk0LLWPBYIXkycOn25bhXI467QCXw72k0RQCXOr96
gBq1eLEVHZqXdA4Q3OLv9AJHmqQcFjRNKcx/n3DusrjVKd77RKuKu+07Ya7WQ9S/
MSMCdqc4hF5+MiHsMR7bI978XhY+cCeu67rT+o+n9kmBy+a3f/HjM0i7W5WASumP
RJPq5RoLYfeEM+pVKyKOnvj9fiRtPUdgZ6rZ9IePQ5Kk3b+aeTJpebNhQC4e7Ak1
nhxbptN3Tbgr805eioNady5/XGFzFeX4H5fqsBHSYdbKByr1Z0aCLuV++cUBGANT
OLqi4Zhcagnh9mTdYqZZNvDLFB6aY/e6/4Cp5IXMZVf2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:54 2024 by rpki-client on console-fra.rpki-client.org