Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/2Lq8BE0WhLSYgbm7ORcQwOONHzY.roa
File: 2Lq8BE0WhLSYgbm7ORcQwOONHzY.roa (raw, json)
Hash identifier: P8gZYwVlCXVLL62MkDAvMsR/EpRMBK9THgO6DXhPznE=
Subject key identifier: D8:BA:BC:04:4D:16:84:B4:98:81:B9:BB:39:17:10:C0:E3:8D:1F:36
Certificate issuer: /CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Certificate serial: 02696ECE
Authority key identifier: 87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/2Lq8BE0WhLSYgbm7ORcQwOONHzY.roa
Signing time: Mon 06 Jun 2022 09:41:29 +0000
ROA not before: Mon 06 Jun 2022 09:41:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398465
IP address blocks: 85.237.92.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40464078 (0x2696ece)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=874bf8070cee4305d1a389e910fb5102bbcc1941
Validity
Not Before: Jun 6 09:41:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8babc044d1684b49881b9bb391710c0e38d1f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2e:3c:a3:a2:73:80:f8:e6:99:b1:9d:ef:c6:
30:77:5c:38:63:4c:5a:01:8e:3c:e9:16:96:a2:d4:
17:54:89:68:9c:07:d9:c8:bb:b7:c0:ff:3f:f7:12:
5b:51:3f:d4:eb:7b:14:c8:b9:5a:68:b8:2d:58:e0:
d5:3d:ba:a6:53:a5:87:d6:2c:6d:6a:06:fd:36:5a:
8b:b8:0d:04:95:bc:44:a3:da:0e:d9:ac:ae:28:2b:
90:ea:56:e1:16:f0:32:36:b8:cf:c8:f1:2a:a0:10:
83:20:7e:30:c1:30:2d:6a:93:10:15:ec:ca:66:73:
d3:48:3b:5f:21:6d:24:a0:49:cb:40:8d:46:6d:6b:
83:20:73:a9:8c:bd:fa:41:fc:fd:c4:f1:80:8c:09:
3b:b0:00:d0:bb:c0:d6:59:af:37:f9:65:9d:52:fd:
5b:f7:1e:d6:3c:67:f8:19:d1:8d:b9:59:ae:29:8a:
95:fc:71:86:70:a7:45:12:19:96:0f:05:64:08:37:
35:36:a6:68:24:0a:47:fd:4a:8d:bf:20:5b:11:72:
2d:26:56:59:af:51:e6:82:52:97:86:d6:79:84:79:
1b:38:45:ef:8a:de:ce:36:0d:59:95:8b:ec:06:3b:
0e:31:ef:54:63:b9:c8:fd:ae:f9:16:72:29:7e:9a:
95:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BA:BC:04:4D:16:84:B4:98:81:B9:BB:39:17:10:C0:E3:8D:1F:36
X509v3 Authority Key Identifier:
keyid:87:4B:F8:07:0C:EE:43:05:D1:A3:89:E9:10:FB:51:02:BB:CC:19:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h0v4BwzuQwXRo4npEPtRArvMGUE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/2Lq8BE0WhLSYgbm7ORcQwOONHzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/eee131-bb8c-4887-869b-6fe4d8fed160/1/h0v4BwzuQwXRo4npEPtRArvMGUE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.92.0/22
Signature Algorithm: sha256WithRSAEncryption
9b:a9:a8:0c:a2:17:23:7c:8f:55:aa:18:fc:fd:71:40:fb:8f:
3b:5e:58:20:28:b4:43:74:30:0c:cc:3b:d9:13:a0:c9:86:e5:
5d:57:a0:44:66:e0:ae:48:d8:bf:1a:81:b3:e3:7c:e8:16:ce:
43:8a:19:d0:b9:e6:64:b5:9f:9a:a1:03:a9:2c:e0:0e:f3:aa:
3b:1a:38:17:8d:a1:f4:f6:63:44:cf:67:f6:d9:37:f8:44:42:
75:ca:30:07:48:1b:44:6f:13:17:7b:53:dd:6d:5f:39:7e:6f:
1e:ba:5e:47:82:58:3d:c0:76:25:09:43:28:ee:43:47:61:81:
a0:88:c4:3d:c6:0e:25:30:42:bd:bb:60:7d:08:fd:1a:39:52:
37:f4:f4:1c:44:08:09:c8:ba:96:76:6f:37:49:4b:34:02:2a:
36:3f:e1:47:17:2a:80:e4:e3:ce:20:27:11:bf:b3:8b:c3:06:
15:59:24:6b:e2:ca:79:4d:e0:4c:dd:a4:da:fe:01:21:2a:c0:
0e:4c:dd:51:39:c8:ef:8e:f0:9d:08:57:28:f0:19:ce:8f:d7:
8e:8e:3d:30:25:26:0b:f6:6c:4d:42:36:78:8c:8d:09:d7:aa:
cd:b0:6b:e9:75:b9:24:4e:91:f2:fb:d5:62:5c:1d:41:cc:a3:
21:e3:97:a5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmluzjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NzRiZjgwNzBjZWU0MzA1ZDFhMzg5ZTkxMGZiNTEwMmJiY2MxOTQxMB4XDTIyMDYw
NjA5NDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhiYWJjMDQ0ZDE2
ODRiNDk4ODFiOWJiMzkxNzEwYzBlMzhkMWYzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0uPKOic4D45pmxne/GMHdcOGNMWgGOPOkWlqLUF1SJaJwH
2ci7t8D/P/cSW1E/1Ot7FMi5Wmi4LVjg1T26plOlh9YsbWoG/TZai7gNBJW8RKPa
DtmsrigrkOpW4RbwMja4z8jxKqAQgyB+MMEwLWqTEBXsymZz00g7XyFtJKBJy0CN
Rm1rgyBzqYy9+kH8/cTxgIwJO7AA0LvA1lmvN/llnVL9W/ce1jxn+BnRjblZrimK
lfxxhnCnRRIZlg8FZAg3NTamaCQKR/1Kjb8gWxFyLSZWWa9R5oJSl4bWeYR5GzhF
74rezjYNWZWL7AY7DjHvVGO5yP2u+RZyKX6alXkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTYurwETRaEtJiBubs5FxDA440fNjAfBgNVHSMEGDAWgBSHS/gHDO5DBdGj
iekQ+1ECu8wZQTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2gwdjRCd3p1UXdYUm80bnBFUHRSQXJ2TUdVRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZWVlMTMxLWJiOGMtNDg4Ny04NjliLTZmZTRkOGZlZDE2MC8x
LzJMcThCRTBXaExTWWdibTdPUmNRd09PTkh6WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZWVlMTMxLWJiOGMtNDg4Ny04NjliLTZmZTRkOGZlZDE2MC8xL2gwdjRCd3p1UXdY
Um80bnBFUHRSQXJ2TUdVRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlXtXDANBgkqhkiG9w0BAQsFAAOC
AQEAm6moDKIXI3yPVaoY/P1xQPuPO15YICi0Q3QwDMw72ROgyYblXVegRGbgrkjY
vxqBs+N86BbOQ4oZ0LnmZLWfmqEDqSzgDvOqOxo4F42h9PZjRM9n9tk3+ERCdcow
B0gbRG8TF3tT3W1fOX5vHrpeR4JYPcB2JQlDKO5DR2GBoIjEPcYOJTBCvbtgfQj9
GjlSN/T0HEQICci6lnZvN0lLNAIqNj/hRxcqgOTjziAnEb+zi8MGFVkka+LKeU3g
TN2k2v4BISrADkzdUTnI747wnQhXKPAZzo/Xjo49MCUmC/ZsTUI2eIyNCdeqzbBr
6XW5JE6R8vvVYlwdQcyjIeOXpQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:59 2023 by rpki-client on console-fra.rpki-client.org