Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/2b9l70M0tndU1XGaDq2zxpa179k.roa
File: 2b9l70M0tndU1XGaDq2zxpa179k.roa (raw, json)
Hash identifier: ld5ttH0TSuCiuB2OM/5bYnCHiS5NlW7yYxOuncVLrQ4=
Subject key identifier: D9:BF:65:EF:43:34:B6:77:54:D5:71:9A:0E:AD:B3:C6:96:B5:EF:D9
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 0189BB58121F5B9E3554C67876CC54B9DD6A
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/2b9l70M0tndU1XGaDq2zxpa179k.roa
Signing time: Thu 03 Aug 2023 12:20:58 +0000
ROA not before: Thu 03 Aug 2023 12:20:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 46.253.80.0/21 maxlen: 21
185.21.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bb:58:12:1f:5b:9e:35:54:c6:78:76:cc:54:b9:dd:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Aug 3 12:20:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9bf65ef4334b67754d5719a0eadb3c696b5efd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b0:94:bf:a5:eb:e8:46:d0:e9:50:9c:15:65:
b3:36:4e:cc:88:8c:5b:62:32:ec:e4:b9:14:47:da:
52:d8:04:52:b9:1a:d1:92:7f:fb:c8:42:48:e5:4c:
1f:36:b5:25:28:5f:a3:da:97:b4:59:09:e1:67:cd:
dc:74:94:e8:88:c8:ab:94:97:1a:ef:a3:cc:86:8c:
ec:45:9b:7f:e6:78:f8:17:14:e1:b5:14:31:c1:29:
07:3d:63:f1:a6:73:de:f3:75:27:0a:f6:ec:cf:6d:
21:74:c7:f1:9b:69:54:d0:02:8b:68:96:4d:6b:91:
81:0b:4d:b3:70:ff:a7:d7:90:58:c7:d0:f1:c1:a5:
a6:73:66:17:4c:7e:0d:02:5f:70:8c:36:56:9e:55:
74:dc:c5:5d:3e:c3:ff:2b:d3:35:41:e6:c1:0d:9b:
ac:1b:74:32:12:24:20:3e:bf:b2:96:44:97:70:b6:
2a:e0:30:a6:6d:53:69:ff:44:3a:7b:7a:a0:c7:63:
87:e2:15:fe:08:99:0b:5d:1e:77:bf:4c:43:b9:2b:
7e:06:8f:77:2e:c6:96:05:07:09:ad:5f:6c:40:c9:
58:70:46:54:0c:40:a8:08:e7:73:91:1f:3f:3e:60:
e4:ff:07:aa:bd:16:1b:3e:c4:42:bc:56:a8:1f:e5:
52:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:BF:65:EF:43:34:B6:77:54:D5:71:9A:0E:AD:B3:C6:96:B5:EF:D9
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/2b9l70M0tndU1XGaDq2zxpa179k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.80.0/21
185.21.120.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:ea:48:17:f6:bf:fc:b9:45:d8:d2:6b:ac:8c:6b:64:33:c4:
e5:29:30:d1:16:38:bf:37:66:a4:4b:1c:64:99:22:ee:67:5f:
6b:e8:92:86:d8:6f:a1:5c:b4:9c:87:5e:b9:b7:3d:d8:ad:83:
4a:72:ac:78:1f:b8:bd:14:05:d3:82:d9:fe:e7:52:b2:67:73:
3c:4c:e0:d4:6e:1f:9f:c5:5e:68:c5:02:4d:c6:0c:eb:f9:de:
d8:ad:c9:5f:80:9d:ea:83:8e:cf:1a:2c:42:eb:e6:a6:1a:bc:
b6:39:74:64:49:13:95:9d:3e:99:89:54:a7:aa:43:e4:a2:84:
e5:d8:ef:29:66:82:1c:d3:de:3d:3c:2a:26:20:3f:9b:4a:c8:
5e:9c:a7:16:e5:de:2c:83:5b:eb:bd:40:46:8b:ce:7c:0f:73:
dc:16:87:57:40:65:77:11:3a:c8:2d:65:d8:af:ea:c4:5c:49:
2d:2a:63:bc:f9:45:88:de:50:9b:d0:7f:2a:c2:9e:91:4b:28:
e2:b7:54:fa:28:45:ce:c9:9d:84:b1:05:02:bf:c6:79:f2:b4:
9c:66:03:5b:d0:89:a3:b8:1f:b3:f5:df:70:2d:63:1b:57:db:
ad:5e:56:97:4f:59:05:4f:1f:2a:a3:a7:c9:9d:c4:d0:cd:17:
53:66:33:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYm7WBIfW541VMZ4dsxUud1qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjMwODAzMTIyMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWJmNjVlZjQzMzRiNjc3NTRkNTcxOWEwZWFkYjNjNjk2YjVlZmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLCUv6Xr6EbQ6VCcFWWzNk7MiIxb
YjLs5LkUR9pS2ARSuRrRkn/7yEJI5UwfNrUlKF+j2pe0WQnhZ83cdJToiMirlJca
76PMhozsRZt/5nj4FxThtRQxwSkHPWPxpnPe83UnCvbsz20hdMfxm2lU0AKLaJZN
a5GBC02zcP+n15BYx9DxwaWmc2YXTH4NAl9wjDZWnlV03MVdPsP/K9M1QebBDZus
G3QyEiQgPr+ylkSXcLYq4DCmbVNp/0Q6e3qgx2OH4hX+CJkLXR53v0xDuSt+Bo93
LsaWBQcJrV9sQMlYcEZUDECoCOdzkR8/PmDk/weqvRYbPsRCvFaoH+VSawIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNm/Ze9DNLZ3VNVxmg6ts8aWte/ZMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvMmI5bDcwTTB0bmRVMVhHYURxMnp4cGExNzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLv1QAwQC
uRV4MA0GCSqGSIb3DQEBCwUAA4IBAQCa6kgX9r/8uUXY0musjGtkM8TlKTDRFji/
N2akSxxkmSLuZ19r6JKG2G+hXLSch165tz3YrYNKcqx4H7i9FAXTgtn+51KyZ3M8
TODUbh+fxV5oxQJNxgzr+d7YrclfgJ3qg47PGixC6+amGry2OXRkSROVnT6ZiVSn
qkPkooTl2O8pZoIc0949PComID+bSshenKcW5d4sg1vrvUBGi858D3PcFodXQGV3
ETrILWXYr+rEXEktKmO8+UWI3lCb0H8qwp6RSyjit1T6KEXOyZ2EsQUCv8Z58rSc
ZgNb0ImjuB+z9d9wLWMbV9utXlaXT1kFTx8qo6fJncTQzRdTZjPd
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:28 2025 by rpki-client