Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/2RKAJc2DWbVbXT6JVe9B3qTqguY.roa
File: 2RKAJc2DWbVbXT6JVe9B3qTqguY.roa (raw, json)
Hash identifier: CzQp3kInTB84i0c7sQFzCrXz7uP7D0pOFPdGPIUfybU=
Subject key identifier: D9:12:80:25:CD:83:59:B5:5B:5D:3E:89:55:EF:41:DE:A4:EA:82:E6
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018A8DE1F3F77C9A9A295E3B426BD3C1DC64
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/2RKAJc2DWbVbXT6JVe9B3qTqguY.roa
Signing time: Wed 13 Sep 2023 09:31:50 +0000
ROA not before: Wed 13 Sep 2023 09:31:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8683
IP address blocks: 149.20.108.0/22 maxlen: 22
213.248.198.0/23 maxlen: 23
213.248.196.0/23 maxlen: 23
149.20.96.0/22 maxlen: 22
149.20.104.0/22 maxlen: 22
149.20.100.0/22 maxlen: 22
213.248.230.0/23 maxlen: 23
213.248.228.0/23 maxlen: 23
2a01:61c:1000::/40 maxlen: 40
2a01:61c:1100::/40 maxlen: 40
2a01:61c:1900::/40 maxlen: 40
2a01:61c:1d00::/40 maxlen: 40
2a01:61c:1f00::/40 maxlen: 40
2a01:61c:2000::/40 maxlen: 40
2a01:61c:2100::/40 maxlen: 40
2a01:61c:2f00::/40 maxlen: 40
2a01:618:8000::/33 maxlen: 33
2a01:618:8000::/40 maxlen: 40
2a01:61c:ffff::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:e1:f3:f7:7c:9a:9a:29:5e:3b:42:6b:d3:c1:dc:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 13 09:31:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d9128025cd8359b55b5d3e8955ef41dea4ea82e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e2:83:14:c8:20:96:23:20:35:b2:c8:e9:e3:
89:94:f7:86:3f:93:25:24:d1:c3:74:ed:32:e8:ec:
46:9e:5f:73:75:44:ba:61:98:6b:82:2a:57:a8:78:
9f:c4:32:eb:2a:40:3c:bc:d8:d4:4f:79:90:cb:19:
e2:52:22:7f:ff:33:3a:f4:e5:8d:59:ee:b9:6b:81:
70:20:36:da:e6:61:29:97:be:80:f5:3a:b3:6e:c9:
62:2b:af:4f:bb:95:1b:ce:b6:dd:5f:be:00:e5:b0:
40:ce:85:3c:cd:74:6e:48:59:05:18:4e:39:a6:6e:
01:db:97:4e:9b:e3:3d:a7:fb:e4:cb:98:d2:e7:ff:
b3:6b:74:98:86:b2:3a:f1:68:93:68:a0:7b:12:6f:
06:30:be:1e:be:88:0d:26:82:05:30:19:d1:b0:f9:
e0:66:3b:7b:05:48:15:6f:ee:80:6b:5a:a6:73:34:
0d:20:62:e1:6f:87:0a:81:73:50:01:47:d3:93:78:
f0:69:31:72:9d:64:c8:16:2b:19:16:25:e0:26:05:
d6:d8:2b:01:fa:88:a6:81:60:77:a9:9e:9a:d2:08:
33:b4:cc:ec:4b:14:32:3f:c1:9c:66:44:8a:af:fe:
10:a4:46:fb:6c:a0:32:ab:fa:ec:4a:5b:80:a3:11:
91:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:12:80:25:CD:83:59:B5:5B:5D:3E:89:55:EF:41:DE:A4:EA:82:E6
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/2RKAJc2DWbVbXT6JVe9B3qTqguY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.20.96.0/20
213.248.196.0/22
213.248.228.0/22
IPv6:
2a01:618:8000::/33
2a01:61c:1000::/39
2a01:61c:1900::/40
2a01:61c:1d00::/40
2a01:61c:1f00::-2a01:61c:21ff:ffff:ffff:ffff:ffff:ffff
2a01:61c:2f00::/40
2a01:61c:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
af:d5:23:e1:85:16:ed:83:31:82:8d:3f:7c:54:f5:48:c4:22:
61:63:05:0c:9e:4a:9b:a1:2f:d5:05:3e:a7:91:56:ea:66:d4:
50:37:12:a9:9b:68:b1:8a:6d:5d:cf:fc:f7:09:56:23:a8:52:
35:bc:0a:a3:6a:fd:d8:8e:48:29:b0:14:d0:a3:23:78:d3:7f:
80:b9:35:16:c1:53:04:ca:7a:32:07:56:04:eb:b2:99:5c:16:
b0:c7:82:77:d9:15:e0:30:65:05:5c:2c:95:d7:3f:06:98:10:
08:95:6f:0c:d1:64:8b:32:f7:71:94:06:ad:ff:27:21:f7:54:
94:60:2f:2d:81:67:ec:a4:6f:41:d2:cd:53:04:13:83:c0:bc:
83:24:13:75:f9:12:5f:9a:75:c5:f7:5e:bc:3b:43:4e:88:fa:
bb:8c:b8:fe:7c:61:d4:b6:90:1e:7d:89:fc:6e:48:fc:80:80:
cf:8c:ab:7a:77:2c:39:9a:c1:27:73:55:31:af:00:ad:b9:e2:
94:03:b2:b6:43:b8:c1:64:c9:a1:0f:f9:6f:35:24:48:79:e8:
e8:41:5f:96:5c:0d:15:b8:09:2e:7d:e0:fb:8c:6d:5d:ec:42:
ab:10:78:49:b5:7e:80:53:b8:c2:46:a6:03:c1:40:09:32:20:
0f:54:41:86
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYqN4fP3fJqaKV47QmvTwdxkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTEzMDkzMTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTEyODAyNWNkODM1OWI1NWI1ZDNlODk1NWVmNDFkZWE0ZWE4MmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOKDFMggliMgNbLI6eOJlPeGP5Ml
JNHDdO0y6OxGnl9zdUS6YZhrgipXqHifxDLrKkA8vNjUT3mQyxniUiJ//zM69OWN
We65a4FwIDba5mEpl76A9TqzbsliK69Pu5UbzrbdX74A5bBAzoU8zXRuSFkFGE45
pm4B25dOm+M9p/vky5jS5/+za3SYhrI68WiTaKB7Em8GML4evogNJoIFMBnRsPng
Zjt7BUgVb+6Aa1qmczQNIGLhb4cKgXNQAUfTk3jwaTFynWTIFisZFiXgJgXW2CsB
+oimgWB3qZ6a0ggztMzsSxQyP8GcZkSKr/4QpEb7bKAyq/rsSluAoxGRnQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFNkSgCXNg1m1W10+iVXvQd6k6oLmMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvMlJLQUpjMkRXYlZiWFQ2SlZlOUIzcVRxZ3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTAYBAIAATASAwQElRRgAwQC
1fjEAwQC1fjkMEkEAgACMEMDBgcqAQYYgAMGASoBBhwQAwYAKgEGHBkDBgAqAQYc
HTAQAwYAKgEGHB8DBgEqAQYcIAMGACoBBhwvAwcAKgEGHP//MA0GCSqGSIb3DQEB
CwUAA4IBAQCv1SPhhRbtgzGCjT98VPVIxCJhYwUMnkqboS/VBT6nkVbqZtRQNxKp
m2ixim1dz/z3CVYjqFI1vAqjav3YjkgpsBTQoyN403+AuTUWwVMEynoyB1YE67KZ
XBawx4J32RXgMGUFXCyV1z8GmBAIlW8M0WSLMvdxlAat/ych91SUYC8tgWfspG9B
0s1TBBODwLyDJBN1+RJfmnXF9168O0NOiPq7jLj+fGHUtpAefYn8bkj8gIDPjKt6
dyw5msEnc1UxrwCtueKUA7K2Q7jBZMmhD/lvNSRIeejoQV+WXA0VuAkufeD7jG1d
7EKrEHhJtX6AU7jCRqYDwUAJMiAPVEGG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:23 2025 by rpki-client