Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/2FC2YoJB6_jDWkLVyRJqoe97FaI.roa
File: 2FC2YoJB6_jDWkLVyRJqoe97FaI.roa (raw, json)
Hash identifier: Fzu6UMQhDRWtc28p6lEl+jzDdB9Tl/7LcH5F4PK/G1k=
Subject key identifier: D8:50:B6:62:82:41:EB:F8:C3:5A:42:D5:C9:12:6A:A1:EF:7B:15:A2
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 0184A916052FBD8663630DCB62ECD2EE7C4A
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/2FC2YoJB6_jDWkLVyRJqoe97FaI.roa
Signing time: Thu 24 Nov 2022 10:01:43 +0000
ROA not before: Thu 24 Nov 2022 10:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197706
IP address blocks: 185.233.124.0/24 maxlen: 24
185.233.125.0/24 maxlen: 24
185.233.127.0/24 maxlen: 24
185.233.126.0/24 maxlen: 24
185.53.100.0/22 maxlen: 24
31.171.152.0/21 maxlen: 21
31.171.152.0/22 maxlen: 22
31.171.159.0/24 maxlen: 24
31.171.158.0/24 maxlen: 24
31.171.156.0/24 maxlen: 24
31.171.157.0/24 maxlen: 24
45.66.252.0/22 maxlen: 22
109.74.31.0/24 maxlen: 24
109.74.29.0/24 maxlen: 24
109.74.30.0/24 maxlen: 24
109.74.28.0/24 maxlen: 24
194.113.80.0/23 maxlen: 23
194.113.94.0/24 maxlen: 24
194.113.95.0/24 maxlen: 24
45.142.24.0/22 maxlen: 22
2a0d:4a40::/29 maxlen: 29
2a0e:d4c0::/29 maxlen: 29
2a09:6e47::/48 maxlen: 48
2a04:27c0::/29 maxlen: 29
2a0d:42c0::/29 maxlen: 29
2a09:6e40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:16:05:2f:bd:86:63:63:0d:cb:62:ec:d2:ee:7c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Nov 24 10:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d850b6628241ebf8c35a42d5c9126aa1ef7b15a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3e:65:06:12:3c:58:0e:33:f1:3b:b8:4b:c5:
0c:68:11:21:74:72:de:8e:38:6f:eb:b1:a3:69:ac:
38:28:8a:5d:b7:91:08:d5:3c:15:19:76:36:a0:10:
40:fb:25:da:cf:f2:50:50:57:ec:f1:fe:fa:3b:32:
75:c9:b3:5a:70:a8:41:94:93:e7:f0:d5:dd:69:b2:
3d:3f:51:17:be:43:00:bd:36:68:51:fb:dd:a5:54:
35:8d:8d:01:05:d0:13:e4:99:13:ba:36:db:57:94:
6f:83:59:49:cb:97:11:66:b8:b8:69:b7:c5:df:46:
f0:34:39:83:4d:c6:59:2c:52:9f:c6:19:9c:4d:21:
66:11:7d:50:bb:58:cc:84:8c:8f:1c:5f:c1:90:75:
e3:81:0b:39:91:7a:5c:d3:24:67:35:3a:44:59:34:
2a:ae:25:48:45:c0:34:eb:9d:0e:5a:ad:f5:89:74:
d8:32:4a:a7:d8:56:10:7b:db:40:a6:db:d6:a3:a0:
ab:de:ac:90:bd:f7:67:20:b0:26:3c:c1:4d:f3:44:
bb:f1:b2:b5:b7:7e:07:3e:8d:48:60:f3:8d:8d:91:
75:31:9e:74:9c:a4:2b:6a:ad:40:da:1f:53:35:0c:
c3:95:ef:58:31:b5:e2:60:35:e8:f0:be:68:92:0e:
15:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:50:B6:62:82:41:EB:F8:C3:5A:42:D5:C9:12:6A:A1:EF:7B:15:A2
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/2FC2YoJB6_jDWkLVyRJqoe97FaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/21
45.66.252.0/22
45.142.24.0/22
109.74.28.0/22
185.53.100.0/22
185.233.124.0/22
194.113.80.0/23
194.113.94.0/23
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:d4c0::/29
Signature Algorithm: sha256WithRSAEncryption
88:1b:8a:17:78:70:25:b6:d5:0c:a9:e5:1b:25:47:8e:3f:6e:
13:30:f1:b7:2e:4a:70:37:60:ce:36:f0:f5:55:3a:1d:2b:a2:
1c:50:d9:7d:fb:2f:d6:ca:4a:82:54:de:35:c8:d2:94:bc:26:
6a:6c:cf:18:a2:c2:f5:ac:6c:99:a1:d8:12:cd:6d:73:20:53:
d8:c7:4c:59:ea:e8:fa:db:68:c5:d1:f0:4f:56:42:7f:21:69:
8c:fb:b2:41:c7:f4:13:63:80:b8:e1:a4:79:90:28:90:d6:1e:
75:78:90:6e:7e:c4:1d:e8:2b:cb:60:75:76:c8:ca:4b:cc:f5:
63:00:1d:ba:fa:5e:5b:a6:af:34:32:67:ce:96:80:cb:46:d4:
b0:32:bc:f4:36:5e:71:ea:0a:c6:7d:73:db:41:22:18:01:b1:
bd:a0:d1:a0:02:ac:62:bc:88:53:8d:1f:90:8b:cc:c1:3d:21:
9c:43:27:2c:cc:d3:3c:7e:49:56:ce:75:b2:25:12:f9:1a:7d:
1b:be:ee:5b:8d:ae:5f:1a:84:f4:71:1a:69:d7:76:84:ac:ac:
fe:cc:4c:9e:6f:79:2c:cd:63:c5:f2:8a:14:03:60:b6:33:4b:
64:a7:dc:88:8e:d7:86:ad:4a:27:55:82:9e:b4:f0:b5:b7:7d:
33:1e:5b:d5
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYSpFgUvvYZjYw3LYuzS7nxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjIxMTI0MTAwMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODUwYjY2MjgyNDFlYmY4YzM1YTQyZDVjOTEyNmFhMWVmN2IxNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhj5lBhI8WA4z8Tu4S8UMaBEhdHLe
jjhv67Gjaaw4KIpdt5EI1TwVGXY2oBBA+yXaz/JQUFfs8f76OzJ1ybNacKhBlJPn
8NXdabI9P1EXvkMAvTZoUfvdpVQ1jY0BBdAT5JkTujbbV5Rvg1lJy5cRZri4abfF
30bwNDmDTcZZLFKfxhmcTSFmEX1Qu1jMhIyPHF/BkHXjgQs5kXpc0yRnNTpEWTQq
riVIRcA0650OWq31iXTYMkqn2FYQe9tAptvWo6Cr3qyQvfdnILAmPMFN80S78bK1
t34HPo1IYPONjZF1MZ50nKQraq1A2h9TNQzDle9YMbXiYDXo8L5okg4VvwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFNhQtmKCQev4w1pC1ckSaqHvexWiMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvMkZDMllvSkI2X2pEV2tMVnlSSnFvZTk3RmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzA2BAIAATAwAwQDH6uYAwQC
LUL8AwQCLY4YAwQCbUocAwQCuTVkAwQCuel8AwQBwnFQAwQBwnFeMCkEAgACMCMD
BQMqBCfAAwUDKgluQAMFAyoNQsADBQMqDUpAAwUDKg7UwDANBgkqhkiG9w0BAQsF
AAOCAQEAiBuKF3hwJbbVDKnlGyVHjj9uEzDxty5KcDdgzjbw9VU6HSuiHFDZffsv
1spKglTeNcjSlLwmamzPGKLC9axsmaHYEs1tcyBT2MdMWero+ttoxdHwT1ZCfyFp
jPuyQcf0E2OAuOGkeZAokNYedXiQbn7EHegry2B1dsjKS8z1YwAduvpeW6avNDJn
zpaAy0bUsDK89DZeceoKxn1z20EiGAGxvaDRoAKsYryIU40fkIvMwT0hnEMnLMzT
PH5JVs51siUS+Rp9G77uW42uXxqE9HEaadd2hKys/sxMnm95LM1jxfKKFANgtjNL
ZKfciI7Xhq1KJ1WCnrTwtbd9Mx5b1Q==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:39:24 2025 by rpki-client