Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/2VyBMNsjpMXNLxcJMDVPPk-4dto.roa
File: 2VyBMNsjpMXNLxcJMDVPPk-4dto.roa (raw, json)
Hash identifier: SPfeyM5/IkLoT+92G+yjaUyQx+jSje/CFTgwc05zHHI=
Subject key identifier: D9:5C:81:30:DB:23:A4:C5:CD:2F:17:09:30:35:4F:3E:4F:B8:76:DA
Certificate issuer: /CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Certificate serial: 0B7FD94C
Authority key identifier: B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/2VyBMNsjpMXNLxcJMDVPPk-4dto.roa
Signing time: Sat 01 Jan 2022 12:05:54 +0000
ROA not before: Sat 01 Jan 2022 12:05:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35508
IP address blocks: 85.112.96.0/23 maxlen: 24
79.142.96.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192928076 (0xb7fd94c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Validity
Not Before: Jan 1 12:05:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d95c8130db23a4c5cd2f170930354f3e4fb876da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dd:6d:29:a0:b5:80:21:a7:c5:38:ef:98:a4:
94:4d:df:cd:5b:a9:c0:04:7f:99:c6:d6:aa:6a:77:
c8:ee:c8:08:34:d6:31:20:ee:77:44:37:ac:b0:68:
e7:33:ac:9c:4a:5f:df:a7:15:39:c4:78:b9:83:c7:
ed:f2:ec:82:95:18:82:61:af:5b:c3:54:f2:19:31:
81:38:65:8b:5b:6d:bb:48:f0:74:3d:79:92:b6:6e:
b2:7c:69:d6:de:e8:bb:c1:83:96:0f:3a:7c:c3:95:
76:f8:28:a4:87:02:c0:7c:9c:a6:e1:1a:8c:cb:ef:
0b:c8:20:d5:ff:66:bf:fb:55:5d:94:38:84:c9:d4:
10:90:c4:ce:d1:04:24:7f:06:3a:1c:e3:38:57:5c:
1e:c8:1d:16:af:0c:a4:c0:f7:55:13:31:d4:07:fe:
a4:55:4d:58:a7:fe:78:46:cb:fe:00:10:a6:48:d6:
80:13:20:8d:b0:c2:60:bd:fd:0c:7f:83:a0:f8:9c:
08:1f:fe:4a:1d:d7:a7:9b:2c:87:92:51:54:35:ee:
9b:9c:26:97:5d:69:c1:32:f3:9f:b1:55:e6:e8:34:
37:67:2c:e7:9b:e0:df:4d:2a:b5:ce:39:c9:23:00:
93:9b:23:33:25:9b:f7:28:34:35:7a:7e:1e:ee:b1:
50:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:5C:81:30:DB:23:A4:C5:CD:2F:17:09:30:35:4F:3E:4F:B8:76:DA
X509v3 Authority Key Identifier:
keyid:B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/2VyBMNsjpMXNLxcJMDVPPk-4dto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.96.0/23
85.112.96.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:70:80:98:2b:83:d1:36:bc:31:45:96:97:5e:3c:04:5d:82:
5f:8e:fa:26:0f:0b:95:e4:f8:37:b0:9c:0c:26:ed:98:10:53:
4a:f2:47:66:bd:64:ae:6e:4f:c7:dc:c4:23:5b:95:83:0f:81:
e5:16:93:49:cd:5b:1e:ce:05:95:3f:15:61:26:ff:a4:04:44:
6e:8c:0a:09:92:c3:c7:66:1a:9e:f7:4b:9f:0c:0d:73:5f:7e:
68:1c:c4:1d:0c:2e:7e:43:97:75:39:53:c7:07:7c:9a:0d:1c:
af:2b:3f:14:f1:d8:8e:9b:42:72:9a:6a:48:ee:05:a3:6d:6d:
87:b7:45:51:1b:2a:7a:b3:0a:29:94:00:56:5b:74:08:c7:07:
a3:44:c5:97:26:37:81:cc:a5:a0:69:8c:ff:e0:cf:21:75:80:
07:76:71:30:c1:90:78:ab:32:ea:ab:a7:8d:7b:a5:2a:64:e9:
0b:37:ad:3e:ba:1f:2a:ce:e0:e1:98:a6:5f:37:ac:e8:f6:17:
b9:2e:6f:98:86:38:98:21:1f:01:46:f6:f5:05:ac:18:d2:13:
b1:cc:cf:d8:96:81:91:64:84:bc:c7:20:f1:8d:18:9d:c7:7e:
27:9d:3e:4c:95:43:a8:c1:af:c3:df:b9:93:ab:3b:d5:c0:5c:
55:16:b4:ba
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEC3/ZTDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTQzZmE3MDNmYmVlMDRiYmQ5MWNlNjNhMzIxNDhiMzZiOGU1NWFhMB4XDTIyMDEw
MTEyMDU1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDk1YzgxMzBkYjIz
YTRjNWNkMmYxNzA5MzAzNTRmM2U0ZmI4NzZkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHdbSmgtYAhp8U475iklE3fzVupwAR/mcbWqmp3yO7ICDTW
MSDud0Q3rLBo5zOsnEpf36cVOcR4uYPH7fLsgpUYgmGvW8NU8hkxgThli1ttu0jw
dD15krZusnxp1t7ou8GDlg86fMOVdvgopIcCwHycpuEajMvvC8gg1f9mv/tVXZQ4
hMnUEJDEztEEJH8GOhzjOFdcHsgdFq8MpMD3VRMx1Af+pFVNWKf+eEbL/gAQpkjW
gBMgjbDCYL39DH+DoPicCB/+Sh3Xp5ssh5JRVDXum5wml11pwTLzn7FV5ug0N2cs
55vg300qtc45ySMAk5sjMyWb9yg0NXp+Hu6xUAECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTZXIEw2yOkxc0vFwkwNU8+T7h22jAfBgNVHSMEGDAWgBSxQ/pwP77gS72R
zmOjIUiza45VqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NVUDZjRC0tNEV1OWtjNWpveUZJczJ1T1Zhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvYjkzNDJmLTU5MTYtNDY0NC1iMWFhLTAwZDFlN2ExNzBhMi8x
LzJWeUJNTnNqcE1YTkx4Y0pNRFZQUGstNGR0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
YjkzNDJmLTU5MTYtNDY0NC1iMWFhLTAwZDFlN2ExNzBhMi8xL3NVUDZjRC0tNEV1
OWtjNWpveUZJczJ1T1Zhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAU+OYAMEAVVwYDANBgkqhkiG9w0B
AQsFAAOCAQEAtXCAmCuD0Ta8MUWWl148BF2CX476Jg8LleT4N7CcDCbtmBBTSvJH
Zr1krm5Px9zEI1uVgw+B5RaTSc1bHs4FlT8VYSb/pAREbowKCZLDx2YanvdLnwwN
c19+aBzEHQwufkOXdTlTxwd8mg0crys/FPHYjptCcppqSO4Fo21th7dFURsqerMK
KZQAVlt0CMcHo0TFlyY3gcyloGmM/+DPIXWAB3ZxMMGQeKsy6qunjXulKmTpCzet
ProfKs7g4ZimXzes6PYXuS5vmIY4mCEfAUb29QWsGNITsczP2JaBkWSEvMcg8Y0Y
ncd+J50+TJVDqMGvw9+5k6s71cBcVRa0ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:33 2024 by rpki-client on console-fra.rpki-client.org