Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2CE8uXq2ZxhorLQKo3fq-Xu1m38.roa
File: 2CE8uXq2ZxhorLQKo3fq-Xu1m38.roa (raw, json)
Hash identifier: aYDhJQcCW89gA/PZVv6+4+pc7+OpZZjMxcJYxDiUUtQ=
Subject key identifier: D8:21:3C:B9:7A:B6:67:18:68:AC:B4:0A:A3:77:EA:F9:7B:B5:9B:7F
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0183C0EC67903BA0FE25D236561928670119
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2CE8uXq2ZxhorLQKo3fq-Xu1m38.roa
Signing time: Mon 10 Oct 2022 08:04:21 +0000
ROA not before: Mon 10 Oct 2022 08:04:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56630
IP address blocks: 185.232.168.0/24 maxlen: 24
185.117.117.0/24 maxlen: 24
185.40.5.0/24 maxlen: 24
194.53.55.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c0:ec:67:90:3b:a0:fe:25:d2:36:56:19:28:67:01:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Oct 10 08:04:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8213cb97ab6671868acb40aa377eaf97bb59b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:0d:b1:80:45:83:71:b4:4d:29:5a:ff:c8:99:
4d:f1:e7:ec:59:b8:26:76:3f:7d:53:cc:6a:85:15:
22:d3:0e:a5:b6:83:c6:c2:66:45:22:64:ac:c0:25:
a4:c9:6b:a3:4a:c5:6f:51:a9:04:b6:4c:63:ac:94:
fc:81:a0:e2:86:62:16:28:de:0d:9e:11:70:05:b6:
ab:e1:38:c9:2a:36:e4:da:40:d9:15:6c:36:37:fb:
95:22:89:99:a7:3b:a7:64:9b:63:59:18:a0:1e:22:
e7:d3:9a:47:be:07:95:1a:a8:85:4f:1c:89:32:e7:
90:3e:47:9e:3a:a1:28:79:80:c2:f2:c8:68:37:a6:
dd:e5:2d:b2:c0:3b:a1:75:d6:a2:f0:d1:4d:21:1d:
fc:85:21:88:62:52:a2:d8:59:a0:c9:e6:17:bd:2a:
18:bc:e3:6c:3a:e2:2f:60:c6:6b:e3:0b:ac:84:22:
68:dd:b0:52:66:55:4f:03:c0:7b:11:79:c0:85:7d:
20:e3:f6:f1:b2:0a:aa:c9:f1:04:45:60:04:7c:4d:
c8:de:67:35:87:a0:bd:d7:6f:0e:2a:91:23:35:c6:
c3:14:22:5e:c1:10:8c:f6:6b:f4:fa:26:06:fe:35:
66:52:35:ed:6f:9e:2b:8d:32:05:39:8d:4e:4d:0b:
05:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:21:3C:B9:7A:B6:67:18:68:AC:B4:0A:A3:77:EA:F9:7B:B5:9B:7F
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/2CE8uXq2ZxhorLQKo3fq-Xu1m38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.5.0/24
185.117.117.0/24
185.232.168.0/24
194.53.55.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:f8:b3:e1:90:75:28:df:a9:58:72:14:82:cf:8f:1f:1a:b7:
e1:24:d2:db:5e:bb:30:2f:48:5c:32:7b:03:9c:61:b0:04:e4:
8a:a7:f8:3a:da:16:ef:69:0e:9a:2c:4a:69:46:37:cd:b1:d2:
82:f0:2b:c6:33:6b:37:9a:fe:9f:10:f6:6b:eb:5d:04:c1:f0:
43:91:03:de:6e:52:69:ab:48:a6:f9:c6:44:50:92:b6:28:0f:
83:e4:31:37:e2:a6:e9:2d:61:cb:4b:43:24:22:86:27:c3:82:
73:af:b6:d9:4e:7b:74:fe:bd:1e:99:b0:08:cc:6a:ba:87:b3:
bf:6c:88:c6:ad:05:ef:fe:5c:e4:60:c3:e5:81:fa:1a:13:53:
95:66:2c:f8:7d:05:9f:c6:6b:f1:95:a8:03:01:e5:4e:cb:49:
0f:04:a8:58:4a:19:f1:5f:ff:b2:69:15:4e:0e:4a:70:2e:ab:
59:ce:04:f6:e5:c8:bf:32:a8:bc:22:38:ee:c8:33:30:c8:f8:
2a:ac:e0:3b:45:4a:db:2a:fd:d7:f0:18:d2:af:05:ff:a1:2f:
91:b4:c1:52:09:98:a7:d4:3e:01:90:8a:10:92:32:1a:45:1d:
3f:3a:df:40:94:ca:0f:69:4c:1a:7a:24:48:3c:ba:98:3c:53:
af:d3:97:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPA7GeQO6D+JdI2VhkoZwEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIxMDEwMDgwNDIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODIxM2NiOTdhYjY2NzE4NjhhY2I0MGFhMzc3ZWFmOTdiYjU5YjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoA2xgEWDcbRNKVr/yJlN8efsWbgm
dj99U8xqhRUi0w6ltoPGwmZFImSswCWkyWujSsVvUakEtkxjrJT8gaDihmIWKN4N
nhFwBbar4TjJKjbk2kDZFWw2N/uVIomZpzunZJtjWRigHiLn05pHvgeVGqiFTxyJ
MueQPkeeOqEoeYDC8shoN6bd5S2ywDuhddai8NFNIR38hSGIYlKi2FmgyeYXvSoY
vONsOuIvYMZr4wushCJo3bBSZlVPA8B7EXnAhX0g4/bxsgqqyfEERWAEfE3I3mc1
h6C9128OKpEjNcbDFCJewRCM9mv0+iYG/jVmUjXtb54rjTIFOY1OTQsFtQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNghPLl6tmcYaKy0CqN36vl7tZt/MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvMkNFOHVYcTJaeGhvckxRS28zZnEtWHUxbTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuSgFAwQA
uXV1AwQAueioAwQAwjU3MA0GCSqGSIb3DQEBCwUAA4IBAQCt+LPhkHUo36lYchSC
z48fGrfhJNLbXrswL0hcMnsDnGGwBOSKp/g62hbvaQ6aLEppRjfNsdKC8CvGM2s3
mv6fEPZr610EwfBDkQPeblJpq0im+cZEUJK2KA+D5DE34qbpLWHLS0MkIoYnw4Jz
r7bZTnt0/r0embAIzGq6h7O/bIjGrQXv/lzkYMPlgfoaE1OVZiz4fQWfxmvxlagD
AeVOy0kPBKhYShnxX/+yaRVODkpwLqtZzgT25ci/Mqi8IjjuyDMwyPgqrOA7RUrb
Kv3X8BjSrwX/oS+RtMFSCZin1D4BkIoQkjIaRR0/Ot9AlMoPaUwaeiRIPLqYPFOv
05eq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:08 2024 by rpki-client on console-ams.rpki-client.org