Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/2xx2xL1QSlEmR5gwGsv-J3HbrCc.roa
File: 2xx2xL1QSlEmR5gwGsv-J3HbrCc.roa (raw, json)
Hash identifier: uEgeEp1MZhTYQnbZcTmmf27vc17sBGqMDu5+KBBe3JE=
Subject key identifier: DB:1C:76:C4:BD:50:4A:51:26:47:98:30:1A:CB:FE:27:71:DB:AC:27
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 0187275585D4EB0013059C9151C3257477BC
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/2xx2xL1QSlEmR5gwGsv-J3HbrCc.roa
Signing time: Tue 28 Mar 2023 08:28:48 +0000
ROA not before: Tue 28 Mar 2023 08:28:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201776
IP address blocks: 185.116.230.0/23 maxlen: 23
185.116.228.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:27:55:85:d4:eb:00:13:05:9c:91:51:c3:25:74:77:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Mar 28 08:28:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db1c76c4bd504a51264798301acbfe2771dbac27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c2:24:09:c7:c2:f7:00:16:22:c2:30:e2:1d:
f0:12:e7:b6:c7:5b:60:4c:2e:0d:8f:46:0c:b9:75:
0a:6b:de:37:46:4b:3b:29:6c:c7:8c:d3:f2:c3:96:
5d:cb:1d:9d:20:a2:33:5e:b7:ff:f1:31:e8:16:e7:
26:4e:da:af:13:38:4c:05:ac:ff:64:41:94:41:93:
5d:fa:2a:34:2c:20:58:e4:5e:f5:a3:b9:66:ae:cb:
e6:b4:d3:a1:07:f1:7f:2e:d8:30:71:6b:c5:a5:ae:
aa:77:a3:10:c4:52:28:9f:da:b0:59:ca:5d:6a:45:
02:ae:b7:7d:9a:45:c5:bc:92:b2:88:0b:1d:f0:95:
89:66:db:cc:3a:5b:35:c2:b2:1e:92:03:64:12:ef:
6a:1c:0d:c4:d9:32:2c:4d:b0:46:d2:38:d2:b5:48:
92:b8:8e:d9:d1:ec:3e:37:26:05:fd:24:a8:c9:2f:
ac:8f:c9:2d:1c:30:1a:b1:a9:b1:5f:2d:b0:c2:82:
1c:79:90:ac:76:9a:e8:18:af:55:3a:c8:fc:50:ad:
36:81:4e:20:9c:a6:9e:9e:11:cb:4d:63:cd:06:38:
df:db:16:5a:6f:0a:11:a3:15:59:66:f8:aa:88:ac:
ad:33:f1:ca:e0:f0:8a:ac:a4:11:7e:af:4b:6e:ac:
fd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1C:76:C4:BD:50:4A:51:26:47:98:30:1A:CB:FE:27:71:DB:AC:27
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/2xx2xL1QSlEmR5gwGsv-J3HbrCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.116.228.0/22
Signature Algorithm: sha256WithRSAEncryption
29:dd:bc:dd:b7:db:96:fe:31:3c:a4:cc:c2:d7:12:dc:cc:8e:
d2:56:7a:ba:7f:a1:a7:79:66:78:20:4f:7e:a9:07:7f:e6:26:
7b:0b:f7:cf:b0:c6:e9:b5:1b:9c:a3:3f:69:0e:6f:b3:6b:23:
66:c3:8a:72:10:ed:60:56:7e:96:ee:e4:33:7a:29:e1:25:25:
29:d6:39:e7:ee:95:d7:f7:bf:49:fb:fd:91:49:d6:5e:09:11:
75:56:73:5c:e0:42:45:39:70:26:a5:2e:e8:05:f4:dc:f8:5c:
ae:70:b7:af:67:ce:c8:e8:3a:5f:53:ac:80:78:df:32:d0:3b:
a9:5a:fb:d1:c3:d8:95:bc:dd:0c:5c:a3:40:4b:4a:d5:97:ff:
64:69:1e:30:b4:f3:79:28:da:ed:5d:18:7d:25:df:85:6f:84:
2b:38:03:63:7d:71:b1:ff:f3:dc:24:ed:bd:c5:f4:aa:5e:79:
cf:cc:b0:f2:b1:e6:12:1a:b9:6a:59:0e:4c:91:06:31:3c:cc:
94:8e:28:2f:47:d3:62:6b:a8:98:78:39:07:60:87:39:e4:75:
f6:e6:8b:23:8e:9d:9f:5f:8e:49:f6:76:bf:75:8b:e4:60:af:
5c:21:60:31:ee:45:44:53:0f:ad:dd:b8:97:cb:ac:2b:97:b5:
78:99:7f:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYcnVYXU6wATBZyRUcMldHe8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMzI4MDgyODQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjFjNzZjNGJkNTA0YTUxMjY0Nzk4MzAxYWNiZmUyNzcxZGJhYzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMIkCcfC9wAWIsIw4h3wEue2x1tg
TC4Nj0YMuXUKa943Rks7KWzHjNPyw5Zdyx2dIKIzXrf/8THoFucmTtqvEzhMBaz/
ZEGUQZNd+io0LCBY5F71o7lmrsvmtNOhB/F/LtgwcWvFpa6qd6MQxFIon9qwWcpd
akUCrrd9mkXFvJKyiAsd8JWJZtvMOls1wrIekgNkEu9qHA3E2TIsTbBG0jjStUiS
uI7Z0ew+NyYF/SSoyS+sj8ktHDAasamxXy2wwoIceZCsdproGK9VOsj8UK02gU4g
nKaenhHLTWPNBjjf2xZabwoRoxVZZviqiKytM/HK4PCKrKQRfq9Lbqz9vQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNscdsS9UEpRJkeYMBrL/idx26wnMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvMnh4MnhMMVFTbEVtUjVnd0dzdi1KM0hickNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXTkMA0G
CSqGSIb3DQEBCwUAA4IBAQAp3bzdt9uW/jE8pMzC1xLczI7SVnq6f6GneWZ4IE9+
qQd/5iZ7C/fPsMbptRucoz9pDm+zayNmw4pyEO1gVn6W7uQzeinhJSUp1jnn7pXX
979J+/2RSdZeCRF1VnNc4EJFOXAmpS7oBfTc+FyucLevZ87I6DpfU6yAeN8y0Dup
WvvRw9iVvN0MXKNAS0rVl/9kaR4wtPN5KNrtXRh9Jd+Fb4QrOANjfXGx//PcJO29
xfSqXnnPzLDyseYSGrlqWQ5MkQYxPMyUjigvR9Nia6iYeDkHYIc55HX25osjjp2f
X45J9na/dYvkYK9cIWAx7kVEUw+t3biXy6wrl7V4mX/l
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:12 2025 by rpki-client