Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/1f7bad-e5dd-4e52-b0d4-8f5c9867e998/1/2NWM6snrE8TS35-ogtyx76Nb36M.roa
File: 2NWM6snrE8TS35-ogtyx76Nb36M.roa (raw, json)
Hash identifier: evRwkF8GSvPvi+PrG99O5lvykfLz3giyVHlG22QSSN8=
Subject key identifier: D8:D5:8C:EA:C9:EB:13:C4:D2:DF:9F:A8:82:DC:B1:EF:A3:5B:DF:A3
Certificate issuer: /CN=500db1715052253bf523f140b9f5637a11d5e9af
Certificate serial: 332CB4E3
Authority key identifier: 50:0D:B1:71:50:52:25:3B:F5:23:F1:40:B9:F5:63:7A:11:D5:E9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UA2xcVBSJTv1I_FAufVjehHV6a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/1f7bad-e5dd-4e52-b0d4-8f5c9867e998/1/2NWM6snrE8TS35-ogtyx76Nb36M.roa
Signing time: Sat 01 Jan 2022 03:53:35 +0000
ROA not before: Sat 01 Jan 2022 03:53:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29326
IP address blocks: 176.67.88.0/21 maxlen: 21
185.103.64.0/22 maxlen: 22
2a00:89c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 858567907 (0x332cb4e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=500db1715052253bf523f140b9f5637a11d5e9af
Validity
Not Before: Jan 1 03:53:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8d58ceac9eb13c4d2df9fa882dcb1efa35bdfa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:5b:fd:ef:1c:05:ea:cc:97:bb:6a:f2:82:d0:
78:68:b8:6b:1e:ad:f2:84:d8:6a:a6:0d:8d:94:bf:
73:9e:61:34:d7:f2:a2:06:5d:df:ed:6d:ac:05:f1:
28:34:83:32:3d:bd:98:ca:08:27:33:c9:41:f5:79:
59:f3:43:35:70:a3:5a:72:32:3b:ff:e1:60:01:fb:
ed:e2:db:37:f9:99:d5:ff:f2:96:4f:d1:2b:3c:ac:
f2:b3:fe:92:ae:b5:50:a1:aa:6e:49:38:44:e8:79:
70:59:c0:83:8d:ad:fd:70:ea:f2:8f:c5:6b:2f:4e:
b6:f0:da:37:b7:f7:2f:c0:58:fc:d9:94:6c:1b:20:
0a:ee:d6:d7:bd:35:d8:7d:62:62:53:b5:58:e6:a7:
3c:0a:5c:a9:95:9c:39:92:1f:db:8f:64:ae:b1:eb:
f3:c5:41:c5:45:e1:63:50:aa:9c:55:c0:af:7f:22:
26:0c:93:df:5d:8e:30:dd:78:2f:9e:81:89:5f:db:
28:24:bc:d4:2d:43:33:28:be:0b:fa:8a:9f:31:18:
d2:24:77:a4:97:08:2c:2d:81:54:5d:13:c7:f4:e9:
3e:03:32:51:d1:0b:ba:85:fa:51:1e:01:bc:00:bf:
9e:3c:72:49:b5:54:1d:bb:0b:f7:d1:50:d0:ef:72:
e1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D5:8C:EA:C9:EB:13:C4:D2:DF:9F:A8:82:DC:B1:EF:A3:5B:DF:A3
X509v3 Authority Key Identifier:
keyid:50:0D:B1:71:50:52:25:3B:F5:23:F1:40:B9:F5:63:7A:11:D5:E9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UA2xcVBSJTv1I_FAufVjehHV6a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1f7bad-e5dd-4e52-b0d4-8f5c9867e998/1/2NWM6snrE8TS35-ogtyx76Nb36M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1f7bad-e5dd-4e52-b0d4-8f5c9867e998/1/UA2xcVBSJTv1I_FAufVjehHV6a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.88.0/21
185.103.64.0/22
IPv6:
2a00:89c0::/32
Signature Algorithm: sha256WithRSAEncryption
22:a7:b1:e5:cd:7f:3f:ae:ed:08:84:c7:4b:3e:f4:97:7c:81:
05:7a:4a:ad:11:fd:00:22:6d:34:9e:25:ad:2c:22:52:01:57:
40:85:2e:c2:b2:07:d1:c8:48:43:ba:92:17:34:05:d8:8c:a1:
62:75:12:2e:d4:9b:b3:8c:cd:61:14:a1:41:2b:0d:4c:41:dc:
56:ef:6f:13:2e:f1:b0:78:a0:7f:0d:f4:75:19:31:ad:18:2e:
f5:04:6a:05:d2:e2:c1:5d:6a:78:7c:7e:f0:60:c0:4c:b3:79:
5d:95:52:f5:a7:ce:f9:34:d0:43:0f:94:ea:9d:f7:d6:41:89:
fa:ec:aa:4c:97:21:7a:61:cd:3d:21:2a:7e:72:ff:a1:4d:5e:
b2:f5:18:f4:b5:90:ea:86:26:96:97:3f:c7:fb:32:67:79:e0:
29:d0:4d:cc:06:40:be:47:f6:18:81:01:ca:3d:40:44:03:dd:
e0:a2:3a:57:bc:d2:df:2f:6b:9d:fe:d9:0d:2d:bd:25:f3:b4:
2e:c5:9b:9d:5c:d1:8e:3c:77:32:cc:af:7d:a1:ae:22:9e:c3:
98:d3:2d:ce:78:f0:f5:17:d0:bc:6b:5f:e8:0e:c2:60:d7:44:
42:d5:d5:d0:3b:39:3e:f4:ed:20:92:5d:05:a3:42:71:3a:37:
70:90:8b:d9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEMyy04zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MDBkYjE3MTUwNTIyNTNiZjUyM2YxNDBiOWY1NjM3YTExZDVlOWFmMB4XDTIyMDEw
MTAzNTMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhkNThjZWFjOWVi
MTNjNGQyZGY5ZmE4ODJkY2IxZWZhMzViZGZhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhb/e8cBerMl7tq8oLQeGi4ax6t8oTYaqYNjZS/c55hNNfy
ogZd3+1trAXxKDSDMj29mMoIJzPJQfV5WfNDNXCjWnIyO//hYAH77eLbN/mZ1f/y
lk/RKzys8rP+kq61UKGqbkk4ROh5cFnAg42t/XDq8o/Fay9OtvDaN7f3L8BY/NmU
bBsgCu7W17012H1iYlO1WOanPApcqZWcOZIf249krrHr88VBxUXhY1CqnFXAr38i
JgyT312OMN14L56BiV/bKCS81C1DMyi+C/qKnzEY0iR3pJcILC2BVF0Tx/TpPgMy
UdELuoX6UR4BvAC/njxySbVUHbsL99FQ0O9y4WsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTY1YzqyesTxNLfn6iC3LHvo1vfozAfBgNVHSMEGDAWgBRQDbFxUFIlO/Uj
8UC59WN6EdXprzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VBMnhjVkJTSlR2MUlfRkF1ZlZqZWhIVjZhOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvMWY3YmFkLWU1ZGQtNGU1Mi1iMGQ0LThmNWM5ODY3ZTk5OC8x
LzJOV002c25yRThUUzM1LW9ndHl4NzZOYjM2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
MWY3YmFkLWU1ZGQtNGU1Mi1iMGQ0LThmNWM5ODY3ZTk5OC8xL1VBMnhjVkJTSlR2
MUlfRkF1ZlZqZWhIVjZhOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA7BDWAMEArlnQDANBAIAAjAHAwUA
KgCJwDANBgkqhkiG9w0BAQsFAAOCAQEAIqex5c1/P67tCITHSz70l3yBBXpKrRH9
ACJtNJ4lrSwiUgFXQIUuwrIH0chIQ7qSFzQF2IyhYnUSLtSbs4zNYRShQSsNTEHc
Vu9vEy7xsHigfw30dRkxrRgu9QRqBdLiwV1qeHx+8GDATLN5XZVS9afO+TTQQw+U
6p331kGJ+uyqTJchemHNPSEqfnL/oU1esvUY9LWQ6oYmlpc/x/syZ3ngKdBNzAZA
vkf2GIEByj1ARAPd4KI6V7zS3y9rnf7ZDS29JfO0LsWbnVzRjjx3MsyvfaGuIp7D
mNMtznjw9RfQvGtf6A7CYNdEQtXV0Ds5PvTtIJJdBaNCcTo3cJCL2Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:51 2023 by rpki-client on console-fra.rpki-client.org