Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/l2NqhTHABqCIU4ORRra6OknZe6E.roa
File: l2NqhTHABqCIU4ORRra6OknZe6E.roa (raw, json)
Hash identifier: vc8Fdo1smFR7m+F8GWk3/qErdANQgZZhiRKLU+tCVNE=
Subject key identifier: 97:63:6A:85:31:C0:06:A0:88:53:83:91:46:B6:BA:3A:49:D9:7B:A1
Certificate issuer: /CN=c8c2c7314593042cf74210f7f03be7106c224f89
Certificate serial: 045E16D9
Authority key identifier: C8:C2:C7:31:45:93:04:2C:F7:42:10:F7:F0:3B:E7:10:6C:22:4F:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/l2NqhTHABqCIU4ORRra6OknZe6E.roa
Signing time: Sat 01 Jan 2022 02:58:32 +0000
ROA not before: Sat 01 Jan 2022 02:58:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209286
IP address blocks: 185.233.219.0/24 maxlen: 25
185.107.135.0/24 maxlen: 24
185.107.134.0/24 maxlen: 24
2a10:4e40::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73275097 (0x45e16d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8c2c7314593042cf74210f7f03be7106c224f89
Validity
Not Before: Jan 1 02:58:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97636a8531c006a08853839146b6ba3a49d97ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ae:e6:4f:82:2a:0e:3c:1b:41:41:8a:26:48:
df:63:d1:ed:18:ce:44:75:2c:1d:94:a9:28:6f:49:
7c:5a:57:58:b3:20:64:4d:b9:cd:42:20:b5:b7:22:
8f:e9:6d:fa:ed:1d:85:d5:7a:eb:cd:17:74:88:04:
1c:ed:4c:43:4f:1e:6b:4f:fa:8d:1d:d4:ee:b7:50:
cb:58:45:1d:a3:d4:36:18:80:cf:9c:e6:5c:f4:ad:
a2:9e:25:05:30:7c:a5:99:67:22:df:40:bc:ca:d3:
4c:42:f1:17:87:14:b8:78:ca:1f:bc:6a:9d:e5:52:
3e:ad:48:60:06:f5:10:b2:ff:8e:ee:32:a4:e3:a7:
e8:f0:ef:c6:0d:44:9b:87:b1:61:ec:4c:86:2d:67:
80:45:11:3e:78:a8:6c:21:93:90:11:84:9b:d2:13:
e1:f1:99:41:c7:28:2b:c4:b5:78:bf:51:71:f3:43:
f9:9d:b0:8c:2f:9b:30:b4:a2:4c:a4:1a:42:24:f7:
76:92:fc:ac:86:3b:d6:2b:bd:71:cd:57:27:c0:42:
85:8d:76:ee:d4:e6:9c:d6:3c:c3:d2:e2:7a:34:89:
f4:28:9f:06:1b:f0:0b:75:da:8b:32:49:d4:d6:09:
62:ce:e4:97:62:0a:f4:0c:55:52:3e:78:61:0b:85:
c7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:63:6A:85:31:C0:06:A0:88:53:83:91:46:B6:BA:3A:49:D9:7B:A1
X509v3 Authority Key Identifier:
keyid:C8:C2:C7:31:45:93:04:2C:F7:42:10:F7:F0:3B:E7:10:6C:22:4F:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yMLHMUWTBCz3QhD38DvnEGwiT4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/l2NqhTHABqCIU4ORRra6OknZe6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b2dbe0-04c5-41ba-ac62-3a53d0ef8b5a/1/yMLHMUWTBCz3QhD38DvnEGwiT4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.134.0/23
185.233.219.0/24
IPv6:
2a10:4e40::/48
Signature Algorithm: sha256WithRSAEncryption
84:8c:2d:34:d2:57:86:1a:8d:39:15:e1:50:2a:d0:3c:23:eb:
e6:50:1f:b0:2b:d5:fc:5d:d2:2b:ea:b0:cc:1a:8c:fc:9e:f1:
1b:ef:87:fb:e4:ba:9e:24:44:49:8c:9a:a4:7c:c1:eb:7b:d1:
93:06:92:94:7e:06:77:71:0b:7c:ef:27:81:65:e7:07:c5:13:
98:9b:44:97:ea:cf:0c:e5:ef:1c:ee:9d:fe:a0:ec:66:9f:17:
a0:91:cd:03:12:18:39:9b:84:91:83:60:df:f6:af:9d:36:6b:
66:9c:91:98:1a:d1:f7:94:fe:a3:42:4f:67:64:22:92:97:12:
73:78:47:12:ad:05:ca:87:72:a0:ba:40:9c:d1:75:f0:f3:8b:
d3:8b:be:15:8e:e9:d7:2c:f0:a9:d4:7e:ca:7a:89:d5:35:ef:
99:ed:40:2c:84:7e:be:c6:cf:5c:b4:68:b1:05:f5:0c:b3:c4:
ad:a0:30:b8:65:f7:0a:15:2b:c6:82:d4:89:d5:61:c7:6a:ae:
ac:4e:12:38:65:75:e8:88:63:72:75:f9:b5:6b:31:70:cb:96:
37:c2:ad:9b:48:62:34:b0:1f:c4:21:da:23:24:76:94:cc:73:
9f:27:d5:59:b7:e2:36:b2:6e:d8:d3:c5:ae:2b:7c:4b:36:8c:
3e:ac:81:82
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEBF4W2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OGMyYzczMTQ1OTMwNDJjZjc0MjEwZjdmMDNiZTcxMDZjMjI0Zjg5MB4XDTIyMDEw
MTAyNTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc2MzZhODUzMWMw
MDZhMDg4NTM4MzkxNDZiNmJhM2E0OWQ5N2JhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKu5k+CKg48G0FBiiZI32PR7RjORHUsHZSpKG9JfFpXWLMg
ZE25zUIgtbcij+lt+u0dhdV6680XdIgEHO1MQ08ea0/6jR3U7rdQy1hFHaPUNhiA
z5zmXPStop4lBTB8pZlnIt9AvMrTTELxF4cUuHjKH7xqneVSPq1IYAb1ELL/ju4y
pOOn6PDvxg1Em4exYexMhi1ngEURPniobCGTkBGEm9IT4fGZQccoK8S1eL9RcfND
+Z2wjC+bMLSiTKQaQiT3dpL8rIY71iu9cc1XJ8BChY127tTmnNY8w9LiejSJ9Cif
BhvwC3XaizJJ1NYJYs7kl2IK9AxVUj54YQuFxwcCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSXY2qFMcAGoIhTg5FGtro6Sdl7oTAfBgNVHSMEGDAWgBTIwscxRZMELPdC
EPfwO+cQbCJPiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lNTEhNVVdUQkN6M1FoRDM4RHZuRUd3aVQ0ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvYjJkYmUwLTA0YzUtNDFiYS1hYzYyLTNhNTNkMGVmOGI1YS8x
L2wyTnFoVEhBQnFDSVU0T1JScmE2T2tuWmU2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
YjJkYmUwLTA0YzUtNDFiYS1hYzYyLTNhNTNkMGVmOGI1YS8xL3lNTEhNVVdUQkN6
M1FoRDM4RHZuRUd3aVQ0ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAblrhgMEALnp2zAPBAIAAjAJAwcA
KhBOQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCEjC000leGGo05FeFQKtA8I+vmUB+w
K9X8XdIr6rDMGoz8nvEb74f75LqeJERJjJqkfMHre9GTBpKUfgZ3cQt87yeBZecH
xROYm0SX6s8M5e8c7p3+oOxmnxegkc0DEhg5m4SRg2Df9q+dNmtmnJGYGtH3lP6j
Qk9nZCKSlxJzeEcSrQXKh3KgukCc0XXw84vTi74VjunXLPCp1H7KeonVNe+Z7UAs
hH6+xs9ctGixBfUMs8StoDC4ZfcKFSvGgtSJ1WHHaq6sThI4ZXXoiGNydfm1azFw
y5Y3wq2bSGI0sB/EIdojJHaUzHOfJ9VZt+I2sm7Y08WuK3xLNow+rIGC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:53 2024 by rpki-client on console-ams.rpki-client.org