Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/2yBa_TAo57g-bq-Xs0gkaxorz7E.roa
File: 2yBa_TAo57g-bq-Xs0gkaxorz7E.roa (raw, json)
Hash identifier: QX9EJ9zZxmA3UD6rgA8Qds8FDF9AQTNOL4aFpfvum6g=
Subject key identifier: DB:20:5A:FD:30:28:E7:B8:3E:6E:AF:97:B3:48:24:6B:1A:2B:CF:B1
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018AD17C669767673B1BA89B7E634CFDB15E
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/2yBa_TAo57g-bq-Xs0gkaxorz7E.roa
Signing time: Tue 26 Sep 2023 12:35:05 +0000
ROA not before: Tue 26 Sep 2023 12:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43519
IP address blocks: 213.248.219.0/24 maxlen: 24
213.248.254.0/24 maxlen: 24
2a01:618:407::/48 maxlen: 48
2a01:618:402::/48 maxlen: 48
2a01:618:405::/48 maxlen: 48
2a01:618:400::/48 maxlen: 48
2a01:618:403::/48 maxlen: 48
2a01:618:406::/48 maxlen: 48
2a01:618:401::/48 maxlen: 48
2a01:618:404::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d1:7c:66:97:67:67:3b:1b:a8:9b:7e:63:4c:fd:b1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 26 12:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db205afd3028e7b83e6eaf97b348246b1a2bcfb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6b:ee:4f:55:03:83:6c:a2:19:04:26:57:d3:
28:1c:3d:ef:05:ad:45:41:b7:0a:39:db:67:f1:70:
2b:62:f1:4f:45:c2:67:5f:87:f9:85:e0:ca:0d:f9:
06:1c:88:b2:58:5d:90:c6:78:e9:79:b7:72:12:b2:
ca:fd:0f:68:f3:34:df:7c:40:4d:f4:e6:f7:6a:2e:
9b:de:b0:45:9c:92:83:2a:57:65:d0:b2:ac:42:71:
4b:2c:88:f5:6d:82:d0:88:c5:10:6a:5a:d5:f8:b2:
e9:5b:2d:bf:c8:5b:22:39:eb:03:d2:fa:6c:af:75:
c6:2b:0c:40:f5:0e:3b:ef:e4:a6:3d:95:11:ad:09:
5a:8a:5e:4b:46:f8:30:73:92:a7:d3:60:72:95:25:
bb:60:01:3f:c3:8f:b4:f7:df:80:a4:9a:f2:1a:83:
2b:89:24:55:9a:06:f5:e4:9f:eb:8d:d0:0e:be:f2:
e8:9e:fb:f7:d4:97:95:0a:cd:f2:c4:c1:f8:2a:40:
46:f6:04:d6:76:8e:58:b7:64:47:a2:76:6f:67:d5:
74:81:ab:e5:ad:72:8f:26:c6:23:8d:74:79:d1:13:
1c:da:27:cd:61:81:c4:97:68:f8:ad:e9:0d:82:5d:
f3:45:16:11:0e:76:d2:50:1e:bd:e3:7a:8b:4a:e7:
d6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:20:5A:FD:30:28:E7:B8:3E:6E:AF:97:B3:48:24:6B:1A:2B:CF:B1
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/2yBa_TAo57g-bq-Xs0gkaxorz7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.248.219.0/24
213.248.254.0/24
IPv6:
2a01:618:400::/45
Signature Algorithm: sha256WithRSAEncryption
91:0d:5b:78:0c:47:f7:39:c9:3d:6f:8c:1b:d1:4e:75:9a:ca:
ce:10:ab:01:c3:44:10:06:59:93:9e:a8:95:c9:14:a7:0d:f2:
a4:3c:1e:a2:f4:56:d7:4c:cb:e7:77:23:ac:1f:bb:50:ea:e4:
9a:a0:e5:11:9c:6c:7f:ad:21:4d:89:97:a5:df:e7:85:4a:c6:
8d:66:9b:7c:46:62:41:bb:2e:21:eb:03:20:38:dc:09:db:1d:
c2:09:a7:7c:1e:a0:48:a9:e2:d4:2c:71:fb:1d:52:ef:aa:ad:
0b:97:ad:01:f6:94:62:8e:a8:74:0c:b7:c8:19:1d:06:59:7f:
fd:c4:80:91:96:e0:1c:55:91:00:a4:27:eb:ad:45:20:00:c7:
b3:12:03:e8:9f:26:fa:bf:1e:ab:ab:4d:a9:ec:ed:26:50:da:
7d:49:38:98:a8:f6:1e:de:b8:d4:2a:83:03:18:19:70:62:6a:
3d:32:6e:51:7b:ae:1b:4d:ee:ce:6b:fa:53:ea:d2:e9:46:9a:
4c:4e:25:94:13:24:d4:c2:46:3c:d1:75:08:81:d4:da:da:e7:
22:de:44:6b:86:89:23:44:6a:6a:8b:ee:c6:e5:15:ed:ba:fd:
b8:df:0d:9a:dc:17:94:0a:db:ff:62:a2:3b:80:39:42:d0:7c:
42:c9:2c:d8
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYrRfGaXZ2c7G6ibfmNM/bFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTI2MTIzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjIwNWFmZDMwMjhlN2I4M2U2ZWFmOTdiMzQ4MjQ2YjFhMmJjZmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GvuT1UDg2yiGQQmV9MoHD3vBa1F
QbcKOdtn8XArYvFPRcJnX4f5heDKDfkGHIiyWF2QxnjpebdyErLK/Q9o8zTffEBN
9Ob3ai6b3rBFnJKDKldl0LKsQnFLLIj1bYLQiMUQalrV+LLpWy2/yFsiOesD0vps
r3XGKwxA9Q477+SmPZURrQlail5LRvgwc5Kn02BylSW7YAE/w4+099+ApJryGoMr
iSRVmgb15J/rjdAOvvLonvv31JeVCs3yxMH4KkBG9gTWdo5Yt2RHonZvZ9V0gavl
rXKPJsYjjXR50RMc2ifNYYHEl2j4rekNgl3zRRYRDnbSUB6943qLSufWywIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNsgWv0wKOe4Pm6vl7NIJGsaK8+xMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvMnlCYV9UQW81N2ctYnEtWHMwZ2theG9yejdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQA1fjbAwQA
1fj+MA8EAgACMAkDBwMqAQYYBAAwDQYJKoZIhvcNAQELBQADggEBAJENW3gMR/c5
yT1vjBvRTnWays4QqwHDRBAGWZOeqJXJFKcN8qQ8HqL0VtdMy+d3I6wfu1Dq5Jqg
5RGcbH+tIU2Jl6Xf54VKxo1mm3xGYkG7LiHrAyA43AnbHcIJp3weoEip4tQscfsd
Uu+qrQuXrQH2lGKOqHQMt8gZHQZZf/3EgJGW4BxVkQCkJ+utRSAAx7MSA+ifJvq/
HqurTans7SZQ2n1JOJio9h7euNQqgwMYGXBiaj0yblF7rhtN7s5r+lPq0ulGmkxO
JZQTJNTCRjzRdQiB1Nra5yLeRGuGiSNEamqL7sblFe26/bjfDZrcF5QK2/9iojuA
OULQfELJLNg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:06 2025 by rpki-client