Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/1-5lCaf8Hg0TBgEZ1rdTe9d_7I_c.roa
File: 1-5lCaf8Hg0TBgEZ1rdTe9d_7I_c.roa (raw, json)
Hash identifier: nx49hF3TqF/Bvp68tKDo8wGMejBtQsKP99m+gHlsBAE=
Subject key identifier: FB:99:42:69:FF:07:83:44:C1:80:46:75:AD:D4:DE:F5:DF:FB:23:F7
Certificate issuer: /CN=2ceadee58f864f472eb422b0b95497b85075a12b
Certificate serial: 04B7710D
Authority key identifier: 2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/1-5lCaf8Hg0TBgEZ1rdTe9d_7I_c.roa
Signing time: Sat 01 Jan 2022 03:51:12 +0000
ROA not before: Sat 01 Jan 2022 03:51:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200675
IP address blocks: 185.232.76.0/22 maxlen: 22
138.124.188.0/22 maxlen: 22
185.71.176.0/22 maxlen: 22
2a05:3400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79130893 (0x4b7710d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ceadee58f864f472eb422b0b95497b85075a12b
Validity
Not Before: Jan 1 03:51:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb994269ff078344c1804675add4def5dffb23f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:2c:4c:fc:50:7f:c3:f1:65:82:fd:8c:a9:0c:
13:ec:65:9c:5d:c2:cc:e0:37:67:88:09:d0:d2:86:
05:fb:54:e3:81:ef:f8:cb:f2:3b:a2:8e:61:37:28:
b4:e8:0d:44:8e:e8:dd:49:c8:3d:24:78:46:c1:80:
43:1a:33:81:8d:fb:ae:a6:9f:36:d6:94:ed:d6:af:
95:b3:d5:2a:91:28:ec:48:dc:c4:c6:8e:dc:c4:b6:
c8:51:1f:3e:7e:7a:51:e0:c5:98:2a:b8:61:28:70:
c8:2b:fe:74:a0:0a:f6:cb:60:66:c9:9c:60:e4:11:
a3:12:c2:48:ed:23:88:73:fc:66:c3:91:dc:87:d3:
49:3c:18:d7:65:1c:b1:3d:91:2c:a6:43:16:62:0c:
a0:ff:94:c5:63:46:b0:88:5d:df:44:e2:0f:8f:0a:
f2:46:65:97:25:a2:e8:4b:96:8a:2f:37:bb:76:af:
a5:59:d1:46:35:6a:a2:63:55:38:e0:5e:1c:88:ac:
d3:0c:8b:7a:c8:6c:87:f2:75:d7:65:7e:2f:b6:6b:
58:67:5f:5e:ee:c2:ca:6a:ba:9f:d3:36:47:ed:77:
ec:f7:7a:4b:d1:e9:37:6e:1d:76:38:38:5b:60:c9:
a7:70:92:41:87:92:0b:ec:59:21:52:a1:db:4e:4b:
63:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:99:42:69:FF:07:83:44:C1:80:46:75:AD:D4:DE:F5:DF:FB:23:F7
X509v3 Authority Key Identifier:
keyid:2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/1-5lCaf8Hg0TBgEZ1rdTe9d_7I_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.188.0/22
185.71.176.0/22
185.232.76.0/22
IPv6:
2a05:3400::/29
Signature Algorithm: sha256WithRSAEncryption
87:f5:e0:76:db:b1:4d:6c:57:f5:52:f6:6a:63:09:db:56:e6:
28:82:bc:83:2f:6c:b7:e1:4e:75:97:d6:a3:cf:dc:96:b6:3c:
f2:75:05:4a:d5:82:e0:5d:30:a0:20:e2:e4:e9:2d:db:33:87:
28:ab:b7:ef:43:57:63:40:2f:ee:54:86:0f:27:06:65:98:5d:
dd:e5:01:12:fb:88:bf:8f:03:15:a6:f5:e2:49:00:ef:90:0a:
a0:db:d6:fa:b6:db:5c:9e:a4:2f:d9:26:a2:bd:38:c2:ce:47:
6b:22:13:92:14:c3:5f:80:81:01:63:40:67:13:f3:81:04:54:
1c:67:aa:a0:a0:d1:4f:68:b1:dd:95:09:9f:43:29:8d:a4:c3:
fa:49:4d:79:87:3a:2f:87:77:a5:5a:b6:f3:3d:ec:82:b9:9b:
e5:6e:92:a2:da:b2:15:d6:18:28:20:2a:a0:85:d1:c9:35:d2:
2c:08:c2:54:37:85:d3:20:18:13:1c:6f:ad:f4:2a:13:ff:11:
46:ca:26:be:6d:51:39:28:c0:73:44:64:b5:3b:a7:46:c6:e2:
bf:38:ec:66:46:c3:c2:8e:98:31:42:fb:92:06:7b:6e:a9:8e:
b8:89:61:71:89:70:48:39:17:15:a5:d8:03:fd:2f:5b:dd:6e:
54:eb:d6:2a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBLdxDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Y2VhZGVlNThmODY0ZjQ3MmViNDIyYjBiOTU0OTdiODUwNzVhMTJiMB4XDTIyMDEw
MTAzNTExMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI5OTQyNjlmZjA3
ODM0NGMxODA0Njc1YWRkNGRlZjVkZmZiMjNmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN8sTPxQf8PxZYL9jKkME+xlnF3CzOA3Z4gJ0NKGBftU44Hv
+MvyO6KOYTcotOgNRI7o3UnIPSR4RsGAQxozgY37rqafNtaU7davlbPVKpEo7Ejc
xMaO3MS2yFEfPn56UeDFmCq4YShwyCv+dKAK9stgZsmcYOQRoxLCSO0jiHP8ZsOR
3IfTSTwY12UcsT2RLKZDFmIMoP+UxWNGsIhd30TiD48K8kZllyWi6EuWii83u3av
pVnRRjVqomNVOOBeHIis0wyLeshsh/J112V+L7ZrWGdfXu7Cymq6n9M2R+137Pd6
S9HpN24ddjg4W2DJp3CSQYeSC+xZIVKh205LY8kCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBT7mUJp/weDRMGARnWt1N713/sj9zAfBgNVHSMEGDAWgBQs6t7lj4ZPRy60
IrC5VJe4UHWhKzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xPcmU1WS1HVDBjdXRDS3d1VlNYdUZCMW9Tcy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvN2MyZTg0LWU2Y2MtNDc1MS04ODdiLWJjN2EyNGMyZTIxOS8x
LzEtNWxDYWY4SGcwVEJnRVoxcmRUZTlkXzdJX2Mucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJm
LzdjMmU4NC1lNmNjLTQ3NTEtODg3Yi1iYzdhMjRjMmUyMTkvMS9MT3JlNVktR1Qw
Y3V0Q0t3dVZTWHVGQjFvU3MuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
OgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAKKfLwDBAK5R7ADBAK56EwwDQQC
AAIwBwMFAyoFNAAwDQYJKoZIhvcNAQELBQADggEBAIf14HbbsU1sV/VS9mpjCdtW
5iiCvIMvbLfhTnWX1qPP3Ja2PPJ1BUrVguBdMKAg4uTpLdszhyirt+9DV2NAL+5U
hg8nBmWYXd3lARL7iL+PAxWm9eJJAO+QCqDb1vq221yepC/ZJqK9OMLOR2siE5IU
w1+AgQFjQGcT84EEVBxnqqCg0U9osd2VCZ9DKY2kw/pJTXmHOi+Hd6VatvM97IK5
m+VukqLashXWGCggKqCF0ck10iwIwlQ3hdMgGBMcb630KhP/EUbKJr5tUTkowHNE
ZLU7p0bG4r847GZGw8KOmDFC+5IGe26pjriJYXGJcEg5FxWl2AP9L1vdblTr1io=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:09 2025 by rpki-client