Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/2LHz8YHhapfxpE22Hqg2rc1xaf4.roa
File: 2LHz8YHhapfxpE22Hqg2rc1xaf4.roa (raw, json)
Hash identifier: NgxOdi4q76cKzXgMdfc30gSmRmd7tiYs+X/EewzlvkU=
Subject key identifier: D8:B1:F3:F1:81:E1:6A:97:F1:A4:4D:B6:1E:A8:36:AD:CD:71:69:FE
Certificate issuer: /CN=d58cc8506fedbb5061de9925b07d649918a19926
Certificate serial: 01FED07D
Authority key identifier: D5:8C:C8:50:6F:ED:BB:50:61:DE:99:25:B0:7D:64:99:18:A1:99:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1YzIUG_tu1Bh3pklsH1kmRihmSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/2LHz8YHhapfxpE22Hqg2rc1xaf4.roa
Signing time: Sat 01 Jan 2022 11:57:19 +0000
ROA not before: Sat 01 Jan 2022 11:57:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44416
IP address blocks: 193.228.2.0/24 maxlen: 24
188.239.200.0/21 maxlen: 21
188.239.208.0/21 maxlen: 21
188.239.216.0/21 maxlen: 21
188.239.224.0/21 maxlen: 21
188.239.232.0/21 maxlen: 21
188.239.240.0/21 maxlen: 21
188.239.240.0/20 maxlen: 21
188.239.192.0/21 maxlen: 21
188.239.192.0/18 maxlen: 18
2001:678:c7c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33476733 (0x1fed07d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d58cc8506fedbb5061de9925b07d649918a19926
Validity
Not Before: Jan 1 11:57:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8b1f3f181e16a97f1a44db61ea836adcd7169fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:25:0c:b5:b9:cc:8a:a8:6c:40:0a:69:de:a4:
4c:55:4a:e9:71:eb:2c:69:35:8c:17:cd:88:86:be:
af:0b:52:21:cf:fb:7f:e9:51:b7:7f:e7:36:9b:6e:
75:7a:fa:e6:8f:46:80:71:c3:3a:4b:36:99:54:4f:
97:cc:e8:c1:00:fc:7f:ca:84:c3:32:ec:25:13:f6:
99:fd:7f:c3:8b:86:67:c1:11:f0:9f:52:fe:d0:1c:
33:df:c5:d0:48:f4:6a:5b:10:d3:82:3b:a3:3c:14:
03:b0:31:1c:17:99:d5:98:47:6e:17:4d:1a:d5:a2:
f0:7b:5c:0e:9a:a1:49:99:d9:8f:2d:10:19:c2:d9:
9c:86:60:81:b1:28:c5:80:c2:dd:f3:91:71:a6:50:
f3:91:67:1c:e6:2f:84:d4:cf:6f:3e:05:5c:c7:f4:
32:26:85:a7:a8:d9:2e:14:31:6c:1d:12:0d:3e:d7:
ee:c5:f2:30:54:3d:03:37:52:71:1e:87:df:a2:29:
23:84:3b:57:e5:12:b8:48:4e:5f:30:71:e3:4c:e9:
47:c0:82:d6:5b:a4:eb:fb:3e:be:d3:d8:ef:f0:fc:
53:24:01:fc:b9:d8:06:78:10:c4:3d:84:bb:97:e2:
71:e3:c7:f7:7c:ae:e0:17:bd:e2:20:60:7a:8b:cc:
b8:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B1:F3:F1:81:E1:6A:97:F1:A4:4D:B6:1E:A8:36:AD:CD:71:69:FE
X509v3 Authority Key Identifier:
keyid:D5:8C:C8:50:6F:ED:BB:50:61:DE:99:25:B0:7D:64:99:18:A1:99:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1YzIUG_tu1Bh3pklsH1kmRihmSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/2LHz8YHhapfxpE22Hqg2rc1xaf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/46efb5-c9e7-4f08-bc6a-bb3e819f3ddc/1/1YzIUG_tu1Bh3pklsH1kmRihmSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.239.192.0/18
193.228.2.0/24
IPv6:
2001:678:c7c::/48
Signature Algorithm: sha256WithRSAEncryption
b5:cd:f5:23:6a:40:bc:b1:49:0f:74:7c:be:3b:f6:6d:11:2e:
f2:26:4f:d7:8d:a5:07:c3:12:3d:4d:bd:f5:a4:67:37:8d:18:
ad:f8:47:9d:df:29:0e:39:d3:14:1c:cb:ff:e3:6a:5c:b8:f3:
9a:ac:1d:03:a4:71:5f:ea:fe:25:b9:da:c7:d6:98:00:27:87:
5e:aa:9c:af:d0:96:99:77:80:0a:72:31:16:f5:1b:ee:19:ad:
9c:58:be:8e:c3:6a:c3:d6:4f:81:8e:52:ee:57:06:94:e8:38:
5b:f3:43:cd:7f:85:32:6e:48:8e:b2:71:39:15:d6:c0:b3:ee:
5a:1a:09:6b:a3:2f:98:86:33:8c:a2:a1:89:fe:e4:60:60:14:
ea:e2:5b:8a:f2:59:62:bd:39:6c:b1:bd:ca:40:1b:71:58:2d:
fe:2b:2c:65:99:e8:47:4b:5b:62:a3:04:9b:d1:c6:26:2f:9d:
e9:05:a5:ef:15:11:03:eb:f4:78:a4:32:81:39:8e:20:49:40:
4d:88:3f:0c:a7:36:6b:a3:1d:87:f1:04:f1:12:7f:5d:88:27:
ea:1b:63:a2:73:13:b9:02:91:90:ce:3c:29:33:f6:21:2e:f9:
6e:41:c5:92:c2:dd:70:7a:f9:fb:32:66:ac:b4:89:9a:45:03:
aa:27:ba:28
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEAf7QfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NThjYzg1MDZmZWRiYjUwNjFkZTk5MjViMDdkNjQ5OTE4YTE5OTI2MB4XDTIyMDEw
MTExNTcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhiMWYzZjE4MWUx
NmE5N2YxYTQ0ZGI2MWVhODM2YWRjZDcxNjlmZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJklDLW5zIqobEAKad6kTFVK6XHrLGk1jBfNiIa+rwtSIc/7
f+lRt3/nNptudXr65o9GgHHDOks2mVRPl8zowQD8f8qEwzLsJRP2mf1/w4uGZ8ER
8J9S/tAcM9/F0Ej0alsQ04I7ozwUA7AxHBeZ1ZhHbhdNGtWi8HtcDpqhSZnZjy0Q
GcLZnIZggbEoxYDC3fORcaZQ85FnHOYvhNTPbz4FXMf0MiaFp6jZLhQxbB0SDT7X
7sXyMFQ9AzdScR6H36IpI4Q7V+USuEhOXzBx40zpR8CC1luk6/s+vtPY7/D8UyQB
/LnYBngQxD2Eu5ficePH93yu4Be94iBgeovMuN0CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBTYsfPxgeFql/GkTbYeqDatzXFp/jAfBgNVHSMEGDAWgBTVjMhQb+27UGHe
mSWwfWSZGKGZJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFZeklVR190dTFCaDNwa2xzSDFrbVJpaG1TWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvNDZlZmI1LWM5ZTctNGYwOC1iYzZhLWJiM2U4MTlmM2RkYy8x
LzJMSHo4WUhoYXBmeHBFMjJIcWcycmMxeGFmNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
NDZlZmI1LWM5ZTctNGYwOC1iYzZhLWJiM2U4MTlmM2RkYy8xLzFZeklVR190dTFC
aDNwa2xzSDFrbVJpaG1TWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEBrzvwAMEAMHkAjAPBAIAAjAJAwcA
IAEGeAx8MA0GCSqGSIb3DQEBCwUAA4IBAQC1zfUjakC8sUkPdHy+O/ZtES7yJk/X
jaUHwxI9Tb31pGc3jRit+Eed3ykOOdMUHMv/42pcuPOarB0DpHFf6v4ludrH1pgA
J4deqpyv0JaZd4AKcjEW9RvuGa2cWL6Ow2rD1k+BjlLuVwaU6Dhb80PNf4UybkiO
snE5FdbAs+5aGglroy+YhjOMoqGJ/uRgYBTq4luK8llivTlssb3KQBtxWC3+Kyxl
mehHS1tiowSb0cYmL53pBaXvFRED6/R4pDKBOY4gSUBNiD8MpzZrox2H8QTxEn9d
iCfqG2OicxO5ApGQzjwpM/YhLvluQcWSwt1wevn7MmastImaRQOqJ7oo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:49 2024 by rpki-client on console-fra.rpki-client.org