Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/5eb130-a0f7-49af-a271-ebec2a42e60d/1/2T4UKtjIkIRQ17A97MrDM_R4itM.roa
File: 2T4UKtjIkIRQ17A97MrDM_R4itM.roa (raw, json)
Hash identifier: Fm80GIdXzJsvpO5cqgoBPS7tHA/dPI7t2jUx3YysRFM=
Subject key identifier: D9:3E:14:2A:D8:C8:90:84:50:D7:B0:3D:EC:CA:C3:33:F4:78:8A:D3
Certificate issuer: /CN=0260b70a50adead39b709b590046c52e0cc6929b
Certificate serial: 11848747
Authority key identifier: 02:60:B7:0A:50:AD:EA:D3:9B:70:9B:59:00:46:C5:2E:0C:C6:92:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AmC3ClCt6tObcJtZAEbFLgzGkps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/5eb130-a0f7-49af-a271-ebec2a42e60d/1/2T4UKtjIkIRQ17A97MrDM_R4itM.roa
Signing time: Sat 01 Jan 2022 09:02:18 +0000
ROA not before: Sat 01 Jan 2022 09:02:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200547
IP address blocks: 185.238.149.0/24 maxlen: 24
185.238.150.0/24 maxlen: 24
185.238.151.0/24 maxlen: 24
185.238.148.0/22 maxlen: 24
185.95.237.0/24 maxlen: 24
185.95.238.0/24 maxlen: 24
185.95.239.0/24 maxlen: 24
185.95.236.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 293898055 (0x11848747)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0260b70a50adead39b709b590046c52e0cc6929b
Validity
Not Before: Jan 1 09:02:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d93e142ad8c8908450d7b03deccac333f4788ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:91:af:9c:4e:db:cc:97:cc:23:b6:1e:e7:5b:
95:cb:37:4a:54:04:23:f4:03:4b:9d:14:6b:88:3f:
03:cc:9b:7b:88:a4:14:0f:c9:82:d8:6f:eb:19:f3:
9b:9a:21:3d:2c:92:33:53:05:74:e4:e5:af:56:41:
d1:54:9b:af:9c:f1:b9:70:f5:34:ff:99:9e:bb:5e:
9c:5a:bd:61:f0:31:b6:21:a5:cf:90:b7:c7:98:33:
28:b0:5a:98:5c:69:bf:22:1a:b0:9a:63:29:2f:f1:
8b:cd:02:98:58:12:ec:87:8b:b7:ab:6b:87:ae:50:
36:e2:8e:81:72:4d:96:9f:51:af:76:59:7f:bf:b2:
a7:1b:ae:b3:39:38:44:37:5f:dd:1c:28:a9:8d:08:
1d:7c:78:68:c4:2b:1c:26:ba:d1:04:b1:ce:db:bc:
65:2f:a5:fd:a0:1e:63:24:ce:0c:96:41:e9:1b:61:
58:85:65:84:c8:7d:b2:d4:91:39:10:7a:ef:44:67:
39:e0:e7:2a:de:ea:77:71:2f:95:d2:11:22:45:53:
57:e9:bc:bc:93:d5:61:f7:14:18:62:2e:32:cb:6a:
24:ed:0e:13:57:c7:96:c4:29:f8:ba:43:33:e9:19:
12:de:1e:83:ea:7a:8d:0d:d1:ac:73:9f:d8:bc:7c:
22:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3E:14:2A:D8:C8:90:84:50:D7:B0:3D:EC:CA:C3:33:F4:78:8A:D3
X509v3 Authority Key Identifier:
keyid:02:60:B7:0A:50:AD:EA:D3:9B:70:9B:59:00:46:C5:2E:0C:C6:92:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AmC3ClCt6tObcJtZAEbFLgzGkps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5eb130-a0f7-49af-a271-ebec2a42e60d/1/2T4UKtjIkIRQ17A97MrDM_R4itM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/5eb130-a0f7-49af-a271-ebec2a42e60d/1/AmC3ClCt6tObcJtZAEbFLgzGkps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.236.0/22
185.238.148.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:78:b9:b6:e1:d8:90:77:d3:82:4a:26:a7:0e:6d:ee:df:5f:
93:e6:53:fa:28:9f:78:92:9f:98:0c:aa:c9:f9:f3:50:b5:b0:
7a:26:41:a5:2a:a6:5d:73:b4:5d:d1:81:27:25:b6:b6:5f:47:
86:a3:b7:cc:05:3d:96:ed:fa:82:db:7f:4e:58:1b:36:3d:6c:
af:46:9d:22:d1:75:c8:9f:ce:d0:ea:a2:07:96:6e:fa:df:25:
9c:6a:80:67:28:72:b0:1f:2a:1a:6d:8c:af:aa:14:74:df:a7:
81:47:c3:9d:07:34:e2:42:ec:5b:50:54:fe:e1:ce:9f:06:19:
74:4c:16:85:17:81:b6:ce:75:bb:95:c3:a5:e4:94:70:95:af:
9c:26:9a:ba:b4:a3:85:d2:a7:d4:bf:1c:41:03:65:ac:92:9f:
ce:fb:f5:2a:0b:9e:e9:0f:de:c1:cb:36:49:34:27:51:02:fa:
0a:6b:14:b9:09:60:bc:da:26:5d:af:b1:ef:52:e1:30:86:e7:
c5:de:e3:bb:b7:e9:f7:25:bc:62:2b:35:61:6f:f7:b8:19:e1:
c1:38:33:a9:88:a7:7f:4b:12:e5:da:61:9e:5c:42:6d:60:c7:
ab:63:21:07:9a:7d:7c:a3:8d:33:f8:c4:33:20:d1:3d:9e:51:
0a:d4:8e:58
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEYSHRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MjYwYjcwYTUwYWRlYWQzOWI3MDliNTkwMDQ2YzUyZTBjYzY5MjliMB4XDTIyMDEw
MTA5MDIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDkzZTE0MmFkOGM4
OTA4NDUwZDdiMDNkZWNjYWMzMzNmNDc4OGFkMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANaRr5xO28yXzCO2Hudblcs3SlQEI/QDS50Ua4g/A8ybe4ik
FA/Jgthv6xnzm5ohPSySM1MFdOTlr1ZB0VSbr5zxuXD1NP+ZnrtenFq9YfAxtiGl
z5C3x5gzKLBamFxpvyIasJpjKS/xi80CmFgS7IeLt6trh65QNuKOgXJNlp9Rr3ZZ
f7+ypxuuszk4RDdf3RwoqY0IHXx4aMQrHCa60QSxztu8ZS+l/aAeYyTODJZB6Rth
WIVlhMh9stSRORB670RnOeDnKt7qd3EvldIRIkVTV+m8vJPVYfcUGGIuMstqJO0O
E1fHlsQp+LpDM+kZEt4eg+p6jQ3RrHOf2Lx8InECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTZPhQq2MiQhFDXsD3sysMz9HiK0zAfBgNVHSMEGDAWgBQCYLcKUK3q05tw
m1kARsUuDMaSmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FtQzNDbEN0NnRPYmNKdFpBRWJGTGd6R2twcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNWViMTMwLWEwZjctNDlhZi1hMjcxLWViZWMyYTQyZTYwZC8x
LzJUNFVLdGpJa0lSUTE3QTk3TXJETV9SNGl0TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NWViMTMwLWEwZjctNDlhZi1hMjcxLWViZWMyYTQyZTYwZC8xL0FtQzNDbEN0NnRP
YmNKdFpBRWJGTGd6R2twcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlf7AMEArnulDANBgkqhkiG9w0B
AQsFAAOCAQEAKni5tuHYkHfTgkompw5t7t9fk+ZT+iifeJKfmAyqyfnzULWweiZB
pSqmXXO0XdGBJyW2tl9HhqO3zAU9lu36gtt/TlgbNj1sr0adItF1yJ/O0OqiB5Zu
+t8lnGqAZyhysB8qGm2Mr6oUdN+ngUfDnQc04kLsW1BU/uHOnwYZdEwWhReBts51
u5XDpeSUcJWvnCaaurSjhdKn1L8cQQNlrJKfzvv1Kgue6Q/ewcs2STQnUQL6CmsU
uQlgvNomXa+x71LhMIbnxd7ju7fp9yW8Yis1YW/3uBnhwTgzqYinf0sS5dphnlxC
bWDHq2MhB5p9fKONM/jEMyDRPZ5RCtSOWA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:12:25 2025 by rpki-client