Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/4aeee7-45c0-4213-8085-b8f3f09eaade/1/2BEQRJmK80UkZP6wesWVcXSJZhQ.roa
File: 2BEQRJmK80UkZP6wesWVcXSJZhQ.roa (raw, json)
Hash identifier: bFa1cbYF4LUOPGPPywODHtIDuYwHgpQUVdFpCmfbuX4=
Subject key identifier: D8:11:10:44:99:8A:F3:45:24:64:FE:B0:7A:C5:95:71:74:89:66:14
Certificate issuer: /CN=677d4ea2c016ce2797af7aeb737d132875669f12
Certificate serial: 0188A4FB4B673246E12D64247EC1BC079510
Authority key identifier: 67:7D:4E:A2:C0:16:CE:27:97:AF:7A:EB:73:7D:13:28:75:66:9F:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z31OosAWzieXr3rrc30TKHVmnxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/4aeee7-45c0-4213-8085-b8f3f09eaade/1/2BEQRJmK80UkZP6wesWVcXSJZhQ.roa
Signing time: Sat 10 Jun 2023 11:05:12 +0000
ROA not before: Sat 10 Jun 2023 11:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209985
IP address blocks: 193.160.94.0/24 maxlen: 24
193.160.92.0/22 maxlen: 22
193.160.95.0/24 maxlen: 24
193.160.92.0/24 maxlen: 24
193.160.93.0/24 maxlen: 24
2a0d:ed40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:a4:fb:4b:67:32:46:e1:2d:64:24:7e:c1:bc:07:95:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=677d4ea2c016ce2797af7aeb737d132875669f12
Validity
Not Before: Jun 10 11:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8111044998af3452464feb07ac5957174896614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:28:63:05:a0:f8:16:4e:39:9c:23:95:8a:46:
96:bb:6a:30:e0:d7:e1:8a:f7:07:15:79:97:77:51:
e7:e7:83:02:44:b1:af:08:43:62:57:11:1f:d2:10:
74:86:71:25:a1:cb:f7:ce:00:92:ef:5d:cf:61:52:
bd:48:ed:66:02:7e:3b:b3:90:27:d2:59:fc:6d:56:
d5:9b:ad:ed:1e:25:fa:b7:85:db:57:e3:cc:d5:db:
0a:ac:b2:cc:ae:1f:e8:98:ef:6a:0a:ba:8d:ee:3c:
c5:aa:bb:22:d4:e4:31:11:11:ed:b9:45:94:cb:9e:
a7:c8:dc:c0:a7:d3:bc:e7:cc:e9:7a:2e:f7:91:39:
f2:9c:1a:65:53:0f:db:c2:65:b8:24:9f:20:36:c1:
28:65:47:05:c5:88:7b:44:b6:50:a6:9f:b5:5e:dc:
c5:1b:6b:d5:17:a2:87:64:f8:4e:b9:3b:f2:4c:7c:
01:a5:dd:45:1e:14:7c:3c:9c:8b:d2:9d:e1:54:f6:
09:09:0f:c9:c0:f2:6f:a0:31:ab:ed:4c:94:04:cb:
36:f7:73:b2:1d:aa:31:5b:45:cc:2d:9f:6a:8e:f3:
52:ee:de:a8:b8:cb:50:a9:fe:07:32:de:1b:ca:0d:
96:7b:91:19:8f:6c:cd:3b:8e:9a:06:92:a4:18:89:
bc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:11:10:44:99:8A:F3:45:24:64:FE:B0:7A:C5:95:71:74:89:66:14
X509v3 Authority Key Identifier:
keyid:67:7D:4E:A2:C0:16:CE:27:97:AF:7A:EB:73:7D:13:28:75:66:9F:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z31OosAWzieXr3rrc30TKHVmnxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/4aeee7-45c0-4213-8085-b8f3f09eaade/1/2BEQRJmK80UkZP6wesWVcXSJZhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/4aeee7-45c0-4213-8085-b8f3f09eaade/1/Z31OosAWzieXr3rrc30TKHVmnxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.160.92.0/22
IPv6:
2a0d:ed40::/32
Signature Algorithm: sha256WithRSAEncryption
43:30:46:f9:ce:94:e7:71:e3:34:1c:43:43:08:7e:58:e7:1c:
08:57:27:d4:d4:9b:88:1f:34:aa:17:2e:b8:1b:57:4d:40:17:
9a:08:aa:eb:83:4f:79:7d:71:0d:8e:e1:4b:b1:62:f0:4d:06:
ac:35:ee:a0:3f:1a:2c:08:aa:77:60:ee:ac:44:8b:c3:2e:4a:
9f:8a:3a:55:c3:e9:70:df:03:4f:3c:75:bf:5d:34:eb:d6:ec:
09:2c:85:ea:bd:96:fe:05:6b:d3:4f:e3:55:f6:9e:b9:03:e7:
07:49:30:9d:4f:fb:a0:d7:2f:c0:b8:cb:15:b1:a9:4f:f5:d2:
89:db:59:f7:12:ca:f9:98:74:c0:03:9e:17:50:fc:86:dd:65:
42:16:d2:3c:c4:3d:5b:c2:81:b5:50:c5:b8:1c:25:6f:28:84:
ae:5b:3f:c6:fb:18:ca:4d:3b:73:1e:1b:60:d2:cc:c2:e5:29:
98:01:98:d7:13:6d:b3:a0:23:c6:02:58:73:78:d0:64:15:7b:
89:16:89:47:df:f1:fe:8e:12:94:05:87:80:35:81:85:3e:5a:
59:59:c1:1d:01:5a:1e:78:1b:2a:37:53:e3:c5:8f:55:e6:6d:
70:2b:cf:13:39:87:44:f0:79:0f:04:b3:2f:42:90:26:bd:2e:
df:72:e4:ce
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYik+0tnMkbhLWQkfsG8B5UQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3N2Q0ZWEyYzAxNmNlMjc5N2FmN2FlYjczN2QxMzI4NzU2
NjlmMTIwHhcNMjMwNjEwMTEwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODExMTA0NDk5OGFmMzQ1MjQ2NGZlYjA3YWM1OTU3MTc0ODk2NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkihjBaD4Fk45nCOVikaWu2ow4Nfh
ivcHFXmXd1Hn54MCRLGvCENiVxEf0hB0hnElocv3zgCS713PYVK9SO1mAn47s5An
0ln8bVbVm63tHiX6t4XbV+PM1dsKrLLMrh/omO9qCrqN7jzFqrsi1OQxERHtuUWU
y56nyNzAp9O858zpei73kTnynBplUw/bwmW4JJ8gNsEoZUcFxYh7RLZQpp+1XtzF
G2vVF6KHZPhOuTvyTHwBpd1FHhR8PJyL0p3hVPYJCQ/JwPJvoDGr7UyUBMs293Oy
HaoxW0XMLZ9qjvNS7t6ouMtQqf4HMt4byg2We5EZj2zNO46aBpKkGIm8ZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNgREESZivNFJGT+sHrFlXF0iWYUMB8GA1UdIwQY
MBaAFGd9TqLAFs4nl69663N9Eyh1Zp8SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjMxT29zQVd6aWVYcjNycmMzMFRLSFZtbnhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80YWVlZTctNDVjMC00MjEzLTgwODUt
YjhmM2YwOWVhYWRlLzEvMkJFUVJKbUs4MFVrWlA2d2VzV1ZjWFNKWmhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi80YWVlZTctNDVjMC00MjEzLTgwODUtYjhmM2YwOWVhYWRl
LzEvWjMxT29zQVd6aWVYcjNycmMzMFRLSFZtbnhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwaBcMA0E
AgACMAcDBQAqDe1AMA0GCSqGSIb3DQEBCwUAA4IBAQBDMEb5zpTnceM0HENDCH5Y
5xwIVyfU1JuIHzSqFy64G1dNQBeaCKrrg095fXENjuFLsWLwTQasNe6gPxosCKp3
YO6sRIvDLkqfijpVw+lw3wNPPHW/XTTr1uwJLIXqvZb+BWvTT+NV9p65A+cHSTCd
T/ug1y/AuMsVsalP9dKJ21n3Esr5mHTAA54XUPyG3WVCFtI8xD1bwoG1UMW4HCVv
KISuWz/G+xjKTTtzHhtg0szC5SmYAZjXE22zoCPGAlhzeNBkFXuJFolH3/H+jhKU
BYeANYGFPlpZWcEdAVoeeBsqN1PjxY9V5m1wK88TOYdE8HkPBLMvQpAmvS7fcuTO
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:14 2025 by rpki-client