Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/2sNlT71JLplTedO3absHU7NpK6g.roa
File: 2sNlT71JLplTedO3absHU7NpK6g.roa (raw, json)
Hash identifier: tSBcUG1AqqErxJYMrmAl6pr0ib4x064vC1phB/tttts=
Subject key identifier: DA:C3:65:4F:BD:49:2E:99:53:79:D3:B7:69:BB:07:53:B3:69:2B:A8
Certificate issuer: /CN=ad7d8de8ca061ea164e671c34eb3377f5736bbc3
Certificate serial: 02D181D1
Authority key identifier: AD:7D:8D:E8:CA:06:1E:A1:64:E6:71:C3:4E:B3:37:7F:57:36:BB:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rX2N6MoGHqFk5nHDTrM3f1c2u8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/2sNlT71JLplTedO3absHU7NpK6g.roa
Signing time: Sat 01 Jan 2022 07:00:25 +0000
ROA not before: Sat 01 Jan 2022 07:00:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33796
IP address blocks: 84.238.0.0/17 maxlen: 17
185.197.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47284689 (0x2d181d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad7d8de8ca061ea164e671c34eb3377f5736bbc3
Validity
Not Before: Jan 1 07:00:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dac3654fbd492e995379d3b769bb0753b3692ba8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:49:8a:82:ce:c4:39:59:62:97:f3:94:ae:e9:
51:68:9b:76:f2:c9:64:69:61:30:7d:db:63:d7:b4:
25:53:2b:e8:ba:ab:73:6a:e2:7d:27:87:d1:7b:dc:
60:44:f6:4a:ce:4f:bb:85:e4:89:12:1b:4e:4d:44:
08:eb:d0:65:98:d4:f0:af:d1:df:65:83:74:f7:cb:
64:ab:1d:80:ec:58:8f:f6:f4:4d:9a:d9:53:d5:0d:
ab:78:80:c1:51:11:df:32:a6:8e:dd:aa:f6:e6:0b:
e1:c3:2c:4c:9e:62:8d:ef:71:15:e9:4e:c9:fa:cb:
ad:ab:69:3f:57:55:88:2a:f1:05:3d:5c:88:07:5f:
37:8b:ce:41:a9:09:db:18:da:f7:25:9a:3f:8b:73:
7b:64:b6:ce:68:ef:3c:41:de:1b:dd:c4:43:95:5b:
d0:b5:d9:ff:d3:76:db:0d:31:5b:d0:f3:2a:ac:f3:
eb:7b:50:82:78:fc:93:60:ec:22:01:7b:50:7d:8b:
cf:8a:8b:7b:37:81:30:bf:d6:e0:84:42:3c:4b:a3:
68:10:40:0c:b3:8e:40:5c:95:6a:aa:21:9c:c3:47:
13:18:40:19:fc:90:52:df:1d:16:48:21:63:81:09:
c1:7f:56:76:97:33:02:5c:d3:c0:05:67:3e:16:4f:
93:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C3:65:4F:BD:49:2E:99:53:79:D3:B7:69:BB:07:53:B3:69:2B:A8
X509v3 Authority Key Identifier:
keyid:AD:7D:8D:E8:CA:06:1E:A1:64:E6:71:C3:4E:B3:37:7F:57:36:BB:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rX2N6MoGHqFk5nHDTrM3f1c2u8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/2sNlT71JLplTedO3absHU7NpK6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/a08520-7f06-4f12-8640-49785fcdd9c4/1/rX2N6MoGHqFk5nHDTrM3f1c2u8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.238.0.0/17
185.197.168.0/22
Signature Algorithm: sha256WithRSAEncryption
23:c7:8d:61:8d:c8:da:50:20:b2:21:f0:14:02:69:59:e4:37:
47:f3:1c:27:cd:92:a1:31:31:a7:aa:0a:3c:37:8b:62:03:d7:
26:f6:ed:2d:68:96:9d:02:75:18:a1:de:3a:56:74:12:6e:83:
bb:21:3f:6e:88:90:03:05:64:0c:e3:26:0d:31:4b:e9:e7:f9:
c6:78:d5:77:30:ca:4e:04:82:ae:39:d8:65:db:24:05:87:cd:
69:c4:bb:19:5e:11:c3:65:45:db:16:68:66:f3:1f:d1:1b:0f:
4d:73:a9:30:b3:a9:a3:13:22:8a:67:45:12:5f:b9:d7:b1:7c:
aa:37:07:b7:31:d0:63:7b:fc:c3:61:fe:d7:b9:3d:2c:e6:e7:
fa:40:2f:11:50:90:9e:e5:61:36:d7:89:1a:6f:bb:40:f6:0c:
aa:e6:f1:e9:d2:c3:61:d7:6b:e5:ba:7a:e1:84:5b:8f:a3:a5:
2d:2c:ec:01:52:d6:db:bc:1a:f9:8f:a8:6f:d5:34:6d:24:2e:
f9:8e:01:77:a3:ec:35:b4:63:82:bc:03:ba:f3:0c:1f:a5:11:
5c:6d:cd:3a:f2:09:39:09:62:a2:72:5b:a8:a0:b5:43:d3:f6:
8e:eb:02:22:3d:80:d0:f7:50:c2:1d:63:79:36:cb:67:69:f9:
ba:67:8b:61
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAtGB0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDdkOGRlOGNhMDYxZWExNjRlNjcxYzM0ZWIzMzc3ZjU3MzZiYmMzMB4XDTIyMDEw
MTA3MDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFjMzY1NGZiZDQ5
MmU5OTUzNzlkM2I3NjliYjA3NTNiMzY5MmJhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtJioLOxDlZYpfzlK7pUWibdvLJZGlhMH3bY9e0JVMr6Lqr
c2rifSeH0XvcYET2Ss5Pu4XkiRIbTk1ECOvQZZjU8K/R32WDdPfLZKsdgOxYj/b0
TZrZU9UNq3iAwVER3zKmjt2q9uYL4cMsTJ5ije9xFelOyfrLratpP1dViCrxBT1c
iAdfN4vOQakJ2xja9yWaP4tze2S2zmjvPEHeG93EQ5Vb0LXZ/9N22w0xW9DzKqzz
63tQgnj8k2DsIgF7UH2Lz4qLezeBML/W4IRCPEujaBBADLOOQFyVaqohnMNHExhA
GfyQUt8dFkghY4EJwX9WdpczAlzTwAVnPhZPk9kCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTaw2VPvUkumVN507dpuwdTs2krqDAfBgNVHSMEGDAWgBStfY3oygYeoWTm
ccNOszd/Vza7wzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JYMk42TW9HSHFGazVuSERUck0zZjFjMnU4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvYTA4NTIwLTdmMDYtNGYxMi04NjQwLTQ5Nzg1ZmNkZDljNC8x
LzJzTmxUNzFKTHBsVGVkTzNhYnNIVTdOcEs2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
YTA4NTIwLTdmMDYtNGYxMi04NjQwLTQ5Nzg1ZmNkZDljNC8xL3JYMk42TW9HSHFG
azVuSERUck0zZjFjMnU4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEB1TuAAMEArnFqDANBgkqhkiG9w0B
AQsFAAOCAQEAI8eNYY3I2lAgsiHwFAJpWeQ3R/McJ82SoTExp6oKPDeLYgPXJvbt
LWiWnQJ1GKHeOlZ0Em6DuyE/boiQAwVkDOMmDTFL6ef5xnjVdzDKTgSCrjnYZdsk
BYfNacS7GV4Rw2VF2xZoZvMf0RsPTXOpMLOpoxMiimdFEl+517F8qjcHtzHQY3v8
w2H+17k9LObn+kAvEVCQnuVhNteJGm+7QPYMqubx6dLDYddr5bp64YRbj6OlLSzs
AVLW27wa+Y+ob9U0bSQu+Y4Bd6PsNbRjgrwDuvMMH6URXG3NOvIJOQlionJbqKC1
Q9P2jusCIj2A0PdQwh1jeTbLZ2n5umeLYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:59 2024 by rpki-client on console-fra.rpki-client.org