Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/tS_2niA8qJE-a0K09pbFMHinHLQ.roa
File: tS_2niA8qJE-a0K09pbFMHinHLQ.roa (raw, json)
Hash identifier: JLtpG54ZF9X5+0CbYpoBXzJjcFwJpblCC1jiYvKUqhY=
Subject key identifier: B5:2F:F6:9E:20:3C:A8:91:3E:6B:42:B4:F6:96:C5:30:78:A7:1C:B4
Certificate issuer: /CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Certificate serial: 01857270F5E474F1B5FEA7F71CAB799DA392
Authority key identifier: C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/tS_2niA8qJE-a0K09pbFMHinHLQ.roa
Signing time: Mon 02 Jan 2023 12:24:43 +0000
ROA not before: Mon 02 Jan 2023 12:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49468
IP address blocks: 193.32.160.0/24 maxlen: 24
193.32.161.0/24 maxlen: 24
2.57.123.0/24 maxlen: 24
45.129.12.0/24 maxlen: 24
45.134.49.0/24 maxlen: 24
45.134.50.0/24 maxlen: 24
45.13.214.0/24 maxlen: 24
45.13.215.0/24 maxlen: 24
193.29.12.0/24 maxlen: 24
45.13.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:70:f5:e4:74:f1:b5:fe:a7:f7:1c:ab:79:9d:a3:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2c12b527a5d1f8b8bcf230eb611f52f11d52bbf
Validity
Not Before: Jan 2 12:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b52ff69e203ca8913e6b42b4f696c53078a71cb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:03:b0:68:dc:b8:dd:f4:85:e4:41:ad:d7:40:
fd:f2:f6:be:38:bf:dc:74:38:7b:1d:73:fb:72:63:
ca:92:06:1c:a5:d2:a8:82:1a:51:70:07:9a:35:8c:
4b:35:ca:c5:f7:73:d1:c6:b2:9d:f1:00:3a:6e:f9:
b5:6a:56:13:2f:ab:90:f2:6f:18:59:39:bd:dd:d9:
70:33:9f:24:ec:8d:8f:05:a7:2c:2a:59:a0:f3:be:
93:16:d8:28:3b:e9:62:03:6f:2a:85:4c:93:ad:6f:
5c:b5:f7:a7:00:6e:23:2d:a6:87:a3:09:d2:57:d2:
98:f4:da:a1:70:0a:b8:41:8c:8f:fc:fa:97:94:49:
0f:fc:21:d3:1e:e7:07:92:9c:c9:b6:97:d7:57:1a:
50:89:e5:da:06:8d:b0:55:fd:c0:7b:1b:25:13:30:
5b:26:5a:a5:c6:85:df:67:fe:c9:4f:b4:84:73:98:
19:3e:23:6a:89:49:1c:f3:7f:c8:fe:d8:d3:ab:00:
3d:68:56:77:e5:a1:e8:3d:5f:9a:65:03:52:14:30:
da:ac:5a:47:ab:51:b4:12:3f:37:c3:4a:89:e0:3d:
81:cf:34:ab:cd:f9:f2:10:fd:46:05:96:20:81:89:
fc:2f:91:45:f7:b8:00:90:ec:9a:c0:86:41:db:94:
81:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:2F:F6:9E:20:3C:A8:91:3E:6B:42:B4:F6:96:C5:30:78:A7:1C:B4
X509v3 Authority Key Identifier:
keyid:C2:C1:2B:52:7A:5D:1F:8B:8B:CF:23:0E:B6:11:F5:2F:11:D5:2B:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wsErUnpdH4uLzyMOthH1LxHVK78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/tS_2niA8qJE-a0K09pbFMHinHLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/3ebb46-b9dd-4695-815c-46ee578a0bfe/1/wsErUnpdH4uLzyMOthH1LxHVK78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.123.0/24
45.13.36.0/24
45.13.214.0/23
45.129.12.0/24
45.134.49.0-45.134.50.255
193.29.12.0/24
193.32.160.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:7e:a2:ce:79:06:7a:4c:90:88:2b:7a:9c:5d:a8:22:f2:8b:
ec:dd:e3:e9:22:c5:2b:93:cd:a7:45:4b:25:48:9c:92:4e:39:
fc:e4:04:17:d1:45:ac:2d:8b:02:c4:33:96:6b:23:dc:97:80:
01:8c:d5:49:d8:d3:d2:13:bc:a7:6d:f0:00:6a:4a:0c:fe:3f:
60:3b:47:4d:27:cc:a8:cb:c0:93:3a:40:96:14:e3:24:71:4b:
21:a1:aa:9d:c0:ff:34:a1:12:2f:55:bd:e5:02:35:5e:e2:d5:
87:8f:d5:cd:78:04:01:d9:7d:6c:94:7c:36:a3:e8:a1:69:de:
d5:36:1b:7b:44:b0:d2:d0:9e:10:78:df:ca:fd:bb:87:58:c6:
4c:bc:f4:3c:fe:dc:f0:5a:51:e9:35:8a:57:57:39:5e:6d:95:
d1:7f:c8:09:20:ad:bd:2a:90:a2:cf:f6:9f:0f:92:a1:d4:91:
4d:b8:f7:8f:95:33:ac:c9:6b:0c:ea:23:7f:34:3d:af:b6:b8:
b1:35:6c:a4:ee:25:35:91:d8:c7:b2:db:d2:78:eb:ca:95:36:
9e:2b:d5:70:b1:95:53:9d:8f:0e:7d:48:ba:49:85:d8:68:06:
a6:c2:33:d8:1a:66:36:b2:e7:7c:6c:1c:a3:5a:51:b2:ad:1f:
02:e3:e2:ec
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVycPXkdPG1/qf3HKt5naOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYzEyYjUyN2E1ZDFmOGI4YmNmMjMwZWI2MTFmNTJmMTFk
NTJiYmYwHhcNMjMwMTAyMTIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTJmZjY5ZTIwM2NhODkxM2U2YjQyYjRmNjk2YzUzMDc4YTcxY2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowOwaNy43fSF5EGt10D98va+OL/c
dDh7HXP7cmPKkgYcpdKoghpRcAeaNYxLNcrF93PRxrKd8QA6bvm1alYTL6uQ8m8Y
WTm93dlwM58k7I2PBacsKlmg876TFtgoO+liA28qhUyTrW9ctfenAG4jLaaHownS
V9KY9NqhcAq4QYyP/PqXlEkP/CHTHucHkpzJtpfXVxpQieXaBo2wVf3AexslEzBb
JlqlxoXfZ/7JT7SEc5gZPiNqiUkc83/I/tjTqwA9aFZ35aHoPV+aZQNSFDDarFpH
q1G0Ej83w0qJ4D2BzzSrzfnyEP1GBZYggYn8L5FF97gAkOyawIZB25SBZQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLUv9p4gPKiRPmtCtPaWxTB4pxy0MB8GA1UdIwQY
MBaAFMLBK1J6XR+Li88jDrYR9S8R1Su/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMt
NDZlZTU3OGEwYmZlLzEvdFNfMm5pQThxSkUtYTBLMDlwYkZNSGluSExRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zZWJiNDYtYjlkZC00Njk1LTgxNWMtNDZlZTU3OGEwYmZl
LzEvd3NFclVucGRINHVMenlNT3RoSDFMeEhWSzc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAAjl7AwQA
LQ0kAwQBLQ3WAwQALYEMMAwDBAAthjEDBAAthjIDBADBHQwDBAHBIKAwDQYJKoZI
hvcNAQELBQADggEBACx+os55BnpMkIgrepxdqCLyi+zd4+kixSuTzadFSyVInJJO
OfzkBBfRRawtiwLEM5ZrI9yXgAGM1UnY09ITvKdt8ABqSgz+P2A7R00nzKjLwJM6
QJYU4yRxSyGhqp3A/zShEi9VveUCNV7i1YeP1c14BAHZfWyUfDaj6KFp3tU2G3tE
sNLQnhB438r9u4dYxky89Dz+3PBaUek1ildXOV5tldF/yAkgrb0qkKLP9p8PkqHU
kU2494+VM6zJawzqI380Pa+2uLE1bKTuJTWR2Mey29J468qVNp4r1XCxlVOdjw59
SLpJhdhoBqbCM9gaZjay53xsHKNaUbKtHwLj4uw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:41:41 2025 by rpki-client