Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/C2m5NElB_aO2UjkmM1qW-FiBuA0.roa
File: C2m5NElB_aO2UjkmM1qW-FiBuA0.roa (raw, json)
Hash identifier: Qnm657i0UotFsqlTvUZOoVN4Pf5awBzjnHd4C7mnHKw=
Subject key identifier: 0B:69:B9:34:49:41:FD:A3:B6:52:39:26:33:5A:96:F8:58:81:B8:0D
Certificate issuer: /CN=1ea0a9eb47d824b51f154442481a257168394551
Certificate serial: 01767D
Authority key identifier: 1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/C2m5NElB_aO2UjkmM1qW-FiBuA0.roa
Signing time: Wed 11 May 2022 17:09:53 +0000
ROA not before: Wed 11 May 2022 17:09:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41044
IP address blocks: 194.24.229.0/24 maxlen: 24
217.113.192.0/20 maxlen: 20
194.24.228.0/23 maxlen: 23
194.24.228.0/24 maxlen: 24
217.113.206.0/24 maxlen: 24
217.113.204.0/24 maxlen: 24
217.113.205.0/24 maxlen: 24
217.113.207.0/24 maxlen: 24
2a11:fac0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95869 (0x1767d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea0a9eb47d824b51f154442481a257168394551
Validity
Not Before: May 11 17:09:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b69b9344941fda3b6523926335a96f85881b80d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e1:1f:2e:c2:f2:da:45:68:0b:ff:1d:d6:3a:
b5:e3:61:d8:fd:54:bc:9c:fc:b3:22:11:e0:ca:57:
97:b8:fe:e3:6e:09:ce:59:f7:c9:5a:0a:17:f0:e5:
77:17:48:5b:aa:a7:40:e7:87:a1:7f:50:02:6d:70:
3c:97:ce:72:58:fe:8b:b6:3d:8c:26:8c:fa:89:0b:
1c:47:24:77:7e:3e:ca:3f:d8:ee:7b:b0:c0:3a:ea:
91:34:a9:80:14:b3:6d:60:5d:41:db:95:ca:9b:17:
13:e8:3c:60:49:2a:58:f0:07:e9:66:35:c2:09:70:
1b:e6:f2:c4:7e:09:30:9b:bb:2b:3e:3a:b3:9d:d6:
7e:31:47:e1:9e:8f:94:77:f7:60:b8:cb:14:90:0f:
0b:54:fb:0a:6c:8f:0f:c1:ba:95:17:79:f2:1d:ea:
84:de:a0:b3:55:9a:1a:f1:13:64:36:1f:e8:32:2f:
cb:08:3e:11:dc:68:50:b6:12:31:da:e3:fd:ca:6f:
e3:73:9e:a2:51:0c:de:2f:9e:4a:cf:ae:84:ab:16:
58:1c:62:e6:27:fb:60:ac:88:a4:63:75:7c:46:9e:
73:b0:49:8c:b0:34:be:56:8e:25:52:7c:00:e4:ea:
64:54:72:dd:47:dd:fd:0c:a3:3f:04:f8:f4:8d:5e:
99:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:69:B9:34:49:41:FD:A3:B6:52:39:26:33:5A:96:F8:58:81:B8:0D
X509v3 Authority Key Identifier:
keyid:1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/C2m5NElB_aO2UjkmM1qW-FiBuA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/HqCp60fYJLUfFURCSBolcWg5RVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.228.0/23
217.113.192.0/20
IPv6:
2a11:fac0::/29
Signature Algorithm: sha256WithRSAEncryption
43:d5:53:50:d9:b5:cb:73:9f:f4:ad:c4:0b:18:c4:b5:e1:d3:
33:aa:bc:cc:f5:aa:39:bb:f7:c7:24:2a:a3:fb:a1:8f:3f:2b:
9b:cd:d6:f1:ea:d6:de:b7:5a:be:9a:20:84:52:6b:73:e2:90:
9e:ba:cc:4b:9b:bc:a9:d5:82:fc:49:bf:3f:6a:7c:a8:b9:da:
f1:c8:ca:e7:9f:60:ad:81:57:7f:17:48:25:af:4a:9c:9d:af:
57:16:73:6c:0f:a1:66:04:30:16:9a:97:cf:e0:c8:e1:96:56:
32:15:d1:d1:1f:7a:7a:ba:ed:b7:7c:be:be:2c:93:99:61:98:
03:62:35:62:67:d0:c5:95:f7:0c:ba:df:01:3e:d1:65:65:f1:
38:00:71:21:32:87:8e:9b:f8:a8:30:2b:1c:6f:c0:8b:36:18:
79:c1:5c:76:7a:bc:da:4d:30:18:dc:52:10:8e:5b:8d:cb:0b:
cf:9d:7c:09:49:a1:c3:01:a1:76:56:cb:b6:53:d1:03:b6:7f:
e5:00:4a:e5:3c:ea:fa:45:2c:7d:61:05:0d:11:c2:f4:85:56:
8d:24:90:c2:f4:bd:e6:39:e6:18:ba:40:38:6a:b3:f5:3e:98:
ea:49:ed:61:20:59:78:c3:1b:6c:f5:27:fa:98:5d:57:a9:f2:
0e:79:9f:fc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDAXZ9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFl
YTBhOWViNDdkODI0YjUxZjE1NDQ0MjQ4MWEyNTcxNjgzOTQ1NTEwHhcNMjIwNTEx
MTcwOTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwYjY5YjkzNDQ5NDFm
ZGEzYjY1MjM5MjYzMzVhOTZmODU4ODFiODBkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzeEfLsLy2kVoC/8d1jq142HY/VS8nPyzIhHgyleXuP7jbgnO
WffJWgoX8OV3F0hbqqdA54ehf1ACbXA8l85yWP6Ltj2MJoz6iQscRyR3fj7KP9ju
e7DAOuqRNKmAFLNtYF1B25XKmxcT6DxgSSpY8AfpZjXCCXAb5vLEfgkwm7srPjqz
ndZ+MUfhno+Ud/dguMsUkA8LVPsKbI8PwbqVF3nyHeqE3qCzVZoa8RNkNh/oMi/L
CD4R3GhQthIx2uP9ym/jc56iUQzeL55Kz66EqxZYHGLmJ/tgrIikY3V8Rp5zsEmM
sDS+Vo4lUnwA5OpkVHLdR939DKM/BPj0jV6ZcwIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFAtpuTRJQf2jtlI5JjNalvhYgbgNMB8GA1UdIwQYMBaAFB6gqetH2CS1HxVE
QkgaJXFoOUVRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzktODQxOGE5NmY2Nzk1LzEv
QzJtNU5FbEJfYU8yVWprbU0xcVctRmlCdUEwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8z
MDMzYzYtY2NlOC00NTBkLWEwYzktODQxOGE5NmY2Nzk1LzEvSHFDcDYwZllKTFVm
RlVSQ1NCb2xjV2c1UlZFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwhjkAwQE2XHAMA0EAgACMAcDBQMq
EfrAMA0GCSqGSIb3DQEBCwUAA4IBAQBD1VNQ2bXLc5/0rcQLGMS14dMzqrzM9ao5
u/fHJCqj+6GPPyubzdbx6tbet1q+miCEUmtz4pCeusxLm7yp1YL8Sb8/anyoudrx
yMrnn2CtgVd/F0glr0qcna9XFnNsD6FmBDAWmpfP4MjhllYyFdHRH3p6uu23fL6+
LJOZYZgDYjViZ9DFlfcMut8BPtFlZfE4AHEhMoeOm/ioMCscb8CLNhh5wVx2erza
TTAY3FIQjluNywvPnXwJSaHDAaF2Vsu2U9EDtn/lAErlPOr6RSx9YQUNEcL0hVaN
JJDC9L3mOeYYukA4arP1PpjqSe1hIFl4wxts9Sf6mF1XqfIOeZ/8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:08 2024 by rpki-client on console-fra.rpki-client.org