Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2dJkQbxI5-M22ym78ej8PDdyAi4.roa
File: 2dJkQbxI5-M22ym78ej8PDdyAi4.roa (raw, json)
Hash identifier: TeTOGTGcX+svNLR/G7+ZzKM76fOOSUYh3hfH3Pl6Too=
Subject key identifier: D9:D2:64:41:BC:48:E7:E3:36:DB:29:BB:F1:E8:FC:3C:37:72:02:2E
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 02D6FA77
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2dJkQbxI5-M22ym78ej8PDdyAi4.roa
Signing time: Wed 25 May 2022 19:18:13 +0000
ROA not before: Wed 25 May 2022 19:18:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34872
IP address blocks: 45.154.97.0/24 maxlen: 24
194.28.98.0/23 maxlen: 24
2a0c:b641:540::/44 maxlen: 48
2a0f:8400::/32 maxlen: 48
2a0c:b641::/44 maxlen: 48
2a0c:b641:30::/44 maxlen: 48
2a0c:b640::/32 maxlen: 48
2a0c:b641:70f::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47643255 (0x2d6fa77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: May 25 19:18:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9d26441bc48e7e336db29bbf1e8fc3c3772022e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d4:6f:df:91:b0:18:44:08:d7:0f:05:14:87:
1e:a3:68:99:2e:6e:dd:2f:9f:6a:42:f1:f3:62:bc:
54:c0:70:b9:c3:f2:4e:90:c8:7e:9c:16:32:8e:2b:
d7:bd:20:88:63:99:b4:28:22:3b:ea:a3:33:a7:66:
b7:47:8a:57:69:14:55:b5:11:d4:96:df:cc:99:97:
2a:dc:08:8d:e3:8e:16:80:73:ca:c3:bf:57:c0:d8:
0d:8d:b0:8c:d6:48:e5:8b:15:34:bc:a7:35:35:85:
11:4a:b0:e3:bc:8a:0e:78:3e:52:13:5e:99:c4:65:
6b:46:e0:5d:7d:5e:a3:06:d1:b9:09:52:c4:da:2d:
77:a9:c6:8b:65:69:fb:3c:cf:be:dc:4c:13:11:52:
1f:e1:fb:6e:d1:a4:74:94:a2:c0:1c:ea:c3:3f:3b:
79:ec:9d:a3:b5:79:e9:0b:9d:fb:61:8e:65:0c:9c:
bd:87:19:0a:d3:6f:a1:83:c7:b8:0a:d2:a7:b3:81:
8e:bc:2b:fa:37:ed:f6:a9:41:57:8f:e3:af:3f:44:
f9:8e:a8:92:bf:a2:de:04:68:31:39:60:f3:ae:cf:
03:4f:34:1e:18:19:e4:22:bf:5f:0b:08:2a:c0:96:
c5:10:ec:fe:72:a5:3a:21:00:df:bc:e6:62:bd:ef:
e7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D2:64:41:BC:48:E7:E3:36:DB:29:BB:F1:E8:FC:3C:37:72:02:2E
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/2dJkQbxI5-M22ym78ej8PDdyAi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:30::/44
2a0c:b641:540::/44
2a0c:b641:70f::/48
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
66:41:34:9b:71:b5:c0:66:41:a7:e6:a8:9c:96:a4:b1:63:42:
4e:9e:67:23:dc:7f:26:36:00:77:c4:83:b8:f5:82:0a:19:38:
02:fc:c0:fc:a4:b0:5e:72:d7:86:ea:a9:ba:3e:f5:d9:63:46:
6e:c2:23:82:5d:8b:bf:17:24:75:90:f3:94:d1:1b:bf:47:fe:
3e:e4:36:d4:e8:1c:60:54:9a:f6:c7:2a:24:65:b1:20:66:b5:
04:f0:2a:f0:34:9e:0e:52:ea:83:46:92:6a:37:9c:6a:04:5f:
41:9f:ae:90:e2:92:67:09:b0:cc:23:33:fc:b1:d2:6c:b0:3c:
28:c2:14:68:9e:99:96:75:12:d2:d6:73:97:be:7e:6d:e1:50:
73:39:0f:2f:d5:8d:02:8f:ed:cf:27:25:3f:42:f2:3b:f6:f6:
41:6f:3c:f4:04:10:d7:10:29:5e:6b:d3:c3:83:2d:a8:35:21:
2c:8c:d5:64:74:44:71:00:20:15:e2:00:28:66:a0:b4:48:83:
33:3d:2e:30:e0:3f:a0:55:42:9e:3a:d1:83:86:30:5a:74:1e:
79:72:9e:be:e0:10:48:d2:ed:79:2e:ea:db:98:37:7c:90:12:
d5:0f:ea:18:14:8d:5a:57:de:84:5c:8e:de:c2:69:09:5f:2c:
db:6b:b9:d9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEAtb6dzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDUy
NTE5MTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDlkMjY0NDFiYzQ4
ZTdlMzM2ZGIyOWJiZjFlOGZjM2MzNzcyMDIyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXUb9+RsBhECNcPBRSHHqNomS5u3S+fakLx82K8VMBwucPy
TpDIfpwWMo4r170giGOZtCgiO+qjM6dmt0eKV2kUVbUR1JbfzJmXKtwIjeOOFoBz
ysO/V8DYDY2wjNZI5YsVNLynNTWFEUqw47yKDng+UhNemcRla0bgXX1eowbRuQlS
xNotd6nGi2Vp+zzPvtxMExFSH+H7btGkdJSiwBzqwz87eeydo7V56Qud+2GOZQyc
vYcZCtNvoYPHuArSp7OBjrwr+jft9qlBV4/jrz9E+Y6okr+i3gRoMTlg867PA080
HhgZ5CK/XwsIKsCWxRDs/nKlOiEA37zmYr3v5xUCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBTZ0mRBvEjn4zbbKbvx6Pw8N3ICLjAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzJkSmtRYnhJNS1NMjJ5bTc4ZWo4UERkeUFpNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwEgQCAAEwDAMEAC2aYQMEAcIcYjA6BAIAAjA0MBAD
BQYqDLZAAwcEKgy2QQAAAwcEKgy2QQAwAwcEKgy2QQVAAwcAKgy2QQcPAwUAKg+E
ADANBgkqhkiG9w0BAQsFAAOCAQEAZkE0m3G1wGZBp+aonJaksWNCTp5nI9x/JjYA
d8SDuPWCChk4AvzA/KSwXnLXhuqpuj712WNGbsIjgl2LvxckdZDzlNEbv0f+PuQ2
1OgcYFSa9scqJGWxIGa1BPAq8DSeDlLqg0aSajecagRfQZ+ukOKSZwmwzCMz/LHS
bLA8KMIUaJ6ZlnUS0tZzl75+beFQczkPL9WNAo/tzyclP0LyO/b2QW889AQQ1xAp
XmvTw4MtqDUhLIzVZHREcQAgFeIAKGagtEiDMz0uMOA/oFVCnjrRg4YwWnQeeXKe
vuAQSNLteS7q25g3fJAS1Q/qGBSNWlfehFyO3sJpCV8s22u52Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:15 2024 by rpki-client on console-fra.rpki-client.org