Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/2FWkHqln9PIue6Hd1vI8VrtZKy0.roa
File: 2FWkHqln9PIue6Hd1vI8VrtZKy0.roa (raw, json)
Hash identifier: gQgTGJc7geYxgBw6pDoZLoLZ8I1HI4Lt1ww2vhWjmnI=
Subject key identifier: D8:55:A4:1E:A9:67:F4:F2:2E:7B:A1:DD:D6:F2:3C:56:BB:59:2B:2D
Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Certificate serial: 08FD3F90
Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/2FWkHqln9PIue6Hd1vI8VrtZKy0.roa
Signing time: Sat 01 Jan 2022 01:59:19 +0000
ROA not before: Sat 01 Jan 2022 01:59:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58327
IP address blocks: 193.242.188.0/23 maxlen: 24
176.120.168.0/21 maxlen: 24
185.239.4.0/22 maxlen: 24
5.252.252.0/22 maxlen: 24
188.212.32.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150814608 (0x8fd3f90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Validity
Not Before: Jan 1 01:59:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d855a41ea967f4f22e7ba1ddd6f23c56bb592b2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:09:1d:48:19:9d:bf:1b:ee:3e:fb:d2:61:d3:
08:47:7e:c1:97:0f:22:87:22:29:07:af:67:79:b9:
e9:61:d8:a4:bd:ba:3f:e3:4f:29:85:71:00:dc:54:
1c:91:58:b4:78:7c:b8:b9:70:a4:bd:da:a5:0f:64:
22:e1:80:74:23:e3:37:e7:cb:22:1e:75:86:18:c9:
d6:4a:41:68:8d:78:4d:c4:5c:53:ad:f1:5d:80:49:
a9:59:5a:0e:ed:31:f7:b0:ce:f9:38:25:d8:8f:b4:
0c:50:8e:a9:33:ae:d1:8d:b5:09:dc:ac:fc:1c:48:
f7:f1:58:39:8f:b3:0f:fd:44:43:ea:03:a6:82:cf:
6f:2d:6d:ec:26:1c:39:7e:e5:84:2e:fa:9d:a2:b0:
db:21:d7:bb:d9:96:15:7c:b3:68:f3:7d:f2:f1:5b:
23:55:c2:bc:fd:8d:ab:11:b3:75:a6:ba:8c:fe:e8:
29:f2:58:b5:f8:65:86:f5:21:08:97:ef:a4:09:3b:
d0:6b:cc:7e:05:38:22:0e:6d:a5:5e:23:b1:2e:d0:
1e:10:2a:b6:26:42:a1:24:a1:87:58:79:97:76:2e:
34:93:b5:ea:75:aa:88:da:1b:56:f6:54:3b:24:8c:
40:f6:57:9a:83:21:f1:28:ea:85:6f:99:e3:68:74:
ef:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:55:A4:1E:A9:67:F4:F2:2E:7B:A1:DD:D6:F2:3C:56:BB:59:2B:2D
X509v3 Authority Key Identifier:
keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/2FWkHqln9PIue6Hd1vI8VrtZKy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.252.0/22
176.120.168.0/21
185.239.4.0/22
188.212.32.0/23
193.242.188.0/23
Signature Algorithm: sha256WithRSAEncryption
91:63:09:a9:e3:8e:85:4f:e7:f5:42:6a:03:44:6f:ac:58:1d:
19:ac:b0:64:ce:20:a3:31:69:8a:c8:5c:b2:b1:37:55:54:e9:
4f:d5:bf:d7:8c:13:f3:5f:8a:4e:b0:af:8e:16:1e:bf:a9:3a:
e4:76:fa:e4:fc:e1:0b:0a:5f:a2:a3:b0:6f:f1:e8:cd:e9:3d:
7f:76:bc:28:6f:58:bd:62:1a:cf:f6:28:d0:30:20:83:c7:d5:
ba:71:2c:aa:12:0c:b8:f5:f4:a3:5d:7a:25:50:98:cb:c6:df:
5b:94:b0:58:03:c4:d5:ff:71:d7:fd:fb:d9:42:38:48:44:d2:
de:6c:ac:d8:f8:2c:51:6f:42:7a:cd:b2:96:e9:04:8d:59:f5:
7b:8f:d1:46:c5:a2:bd:15:62:a0:58:b5:cd:b5:4a:56:f2:2f:
60:e8:ad:34:c4:da:9d:51:6a:03:91:06:ae:0e:1d:bc:52:6d:
b8:a0:77:f3:df:18:8d:1b:12:b4:6d:a3:10:b4:8f:46:fb:ef:
2d:25:f8:87:5b:33:4c:a0:bc:51:66:d2:77:4f:23:1b:f0:14:
59:91:cc:0b:c0:24:55:0d:c5:80:79:2f:93:55:8b:bf:6a:90:
57:70:d0:69:07:d5:b5:cd:40:76:ca:da:85:cf:05:8d:6f:ce:
04:f3:41:be
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECP0/kDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjgzZTY0ZjcyZGQ1ODg5ZmIxM2RjMjE4YzY4M2Y2ZTJmYWNmNWIyMB4XDTIyMDEw
MTAxNTkxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg1NWE0MWVhOTY3
ZjRmMjJlN2JhMWRkZDZmMjNjNTZiYjU5MmIyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcJHUgZnb8b7j770mHTCEd+wZcPIociKQevZ3m56WHYpL26
P+NPKYVxANxUHJFYtHh8uLlwpL3apQ9kIuGAdCPjN+fLIh51hhjJ1kpBaI14TcRc
U63xXYBJqVlaDu0x97DO+Tgl2I+0DFCOqTOu0Y21Cdys/BxI9/FYOY+zD/1EQ+oD
poLPby1t7CYcOX7lhC76naKw2yHXu9mWFXyzaPN98vFbI1XCvP2NqxGzdaa6jP7o
KfJYtfhlhvUhCJfvpAk70GvMfgU4Ig5tpV4jsS7QHhAqtiZCoSShh1h5l3YuNJO1
6nWqiNobVvZUOySMQPZXmoMh8SjqhW+Z42h079sCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTYVaQeqWf08i57od3W8jxWu1krLTAfBgNVHSMEGDAWgBSrg+ZPct1YifsT
3CGMaD9uL6z1sjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E0UG1UM0xkV0luN0U5d2hqR2dfYmktczliSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvOWQ2NmZjLTMxZDQtNGFiMS04ZWFlLTU0MWY0ODkyNDk1Mi8x
LzJGV2tIcWxuOVBJdWU2SGQxdkk4VnJ0Wkt5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
OWQ2NmZjLTMxZDQtNGFiMS04ZWFlLTU0MWY0ODkyNDk1Mi8xL3E0UG1UM0xkV0lu
N0U5d2hqR2dfYmktczliSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAgX8/AMEA7B4qAMEArnvBAMEAbzU
IAMEAcHyvDANBgkqhkiG9w0BAQsFAAOCAQEAkWMJqeOOhU/n9UJqA0RvrFgdGayw
ZM4gozFpishcsrE3VVTpT9W/14wT81+KTrCvjhYev6k65Hb65PzhCwpfoqOwb/Ho
zek9f3a8KG9YvWIaz/Yo0DAgg8fVunEsqhIMuPX0o116JVCYy8bfW5SwWAPE1f9x
1/372UI4SETS3mys2PgsUW9Ces2ylukEjVn1e4/RRsWivRVioFi1zbVKVvIvYOit
NMTanVFqA5EGrg4dvFJtuKB3898YjRsStG2jELSPRvvvLSX4h1szTKC8UWbSd08j
G/AUWZHMC8AkVQ3FgHkvk1WLv2qQV3DQaQfVtc1Adsrahc8FjW/OBPNBvg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:17 2025 by rpki-client