Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/2prnhDGlW7cP8Wkk8aFFpNUIJ_w.roa
File: 2prnhDGlW7cP8Wkk8aFFpNUIJ_w.roa (raw, json)
Hash identifier: 1Q7ytL6maS87qWofL8F/WP5Vam8nujkZdApuFKi1OHo=
Subject key identifier: DA:9A:E7:84:31:A5:5B:B7:0F:F1:69:24:F1:A1:45:A4:D5:08:27:FC
Certificate issuer: /CN=b87b766968716296e5bba0bce83856ae7165b8b8
Certificate serial: 018C59EEB876EE5C092D9AFB66AABD6A9E43
Authority key identifier: B8:7B:76:69:68:71:62:96:E5:BB:A0:BC:E8:38:56:AE:71:65:B8:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/2prnhDGlW7cP8Wkk8aFFpNUIJ_w.roa
Signing time: Mon 11 Dec 2023 17:31:06 +0000
ROA not before: Mon 11 Dec 2023 17:31:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 199.247.0.0/19 maxlen: 32
80.240.16.0/20 maxlen: 32
192.248.128.0/18 maxlen: 32
95.179.128.0/17 maxlen: 32
66.245.192.0/19 maxlen: 32
209.250.224.0/19 maxlen: 32
217.69.0.0/20 maxlen: 32
185.92.220.0/22 maxlen: 32
78.141.192.0/19 maxlen: 32
78.141.224.0/19 maxlen: 32
2a05:f480:3400::/38 maxlen: 38
2a05:f480:2c00::/38 maxlen: 38
2a05:f480:1000::/38 maxlen: 38
2a05:f480:3000::/38 maxlen: 38
2a05:f480:1400::/38 maxlen: 38
2a05:f480:1800::/38 maxlen: 38
2a05:f480:2400::/38 maxlen: 38
2a05:f480:1c00::/38 maxlen: 38
2a05:f480:2800::/38 maxlen: 38
2a05:f480:2000::/38 maxlen: 38
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:59:ee:b8:76:ee:5c:09:2d:9a:fb:66:aa:bd:6a:9e:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b87b766968716296e5bba0bce83856ae7165b8b8
Validity
Not Before: Dec 11 17:31:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da9ae78431a55bb70ff16924f1a145a4d50827fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:87:b5:6e:05:ad:6f:80:08:d9:82:6f:89:fa:
80:04:ce:7e:d7:16:e1:b3:a7:b2:9d:c8:b4:c1:f1:
34:b1:ad:ba:ad:52:c4:76:88:92:98:38:f5:8d:49:
13:c0:37:a6:a6:b9:37:74:74:ed:ea:0a:77:46:9b:
88:f8:aa:d9:0f:1a:84:24:b3:f2:b6:12:c3:0c:71:
c0:6f:a2:86:8b:d4:e1:b4:ff:08:e9:a9:5c:80:41:
30:67:5e:de:13:87:a6:8f:be:68:52:31:85:ff:32:
bf:18:46:b5:3b:53:e1:1d:60:ff:77:3b:f7:99:ea:
b2:0b:c4:31:60:28:f0:9b:47:e1:9e:fa:24:1e:0e:
34:bc:96:d5:25:10:87:61:51:6c:42:47:5b:23:2c:
59:f7:57:10:86:bd:60:ca:03:47:b6:80:c4:a8:38:
65:d3:05:a3:ee:7c:56:eb:42:16:ec:bc:51:2d:35:
c4:69:cb:3e:f4:06:4b:d8:73:64:26:ce:b0:3b:bf:
82:a0:62:c4:92:c4:d9:ac:09:8e:93:5b:9a:ba:3e:
01:9e:28:a9:b9:1b:b8:86:43:3b:ff:79:2f:3a:4c:
64:d8:37:c8:23:7f:5b:d5:de:be:b8:f9:70:ca:c7:
4b:94:8f:a8:63:58:9f:99:ce:45:56:ca:23:ec:dd:
7b:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9A:E7:84:31:A5:5B:B7:0F:F1:69:24:F1:A1:45:A4:D5:08:27:FC
X509v3 Authority Key Identifier:
keyid:B8:7B:76:69:68:71:62:96:E5:BB:A0:BC:E8:38:56:AE:71:65:B8:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uHt2aWhxYpblu6C86DhWrnFluLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/2prnhDGlW7cP8Wkk8aFFpNUIJ_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/a3ede6-bc31-4d00-925c-3d612f324996/1/uHt2aWhxYpblu6C86DhWrnFluLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.245.192.0/19
78.141.192.0/18
80.240.16.0/20
95.179.128.0/17
185.92.220.0/22
192.248.128.0/18
199.247.0.0/19
209.250.224.0/19
217.69.0.0/20
IPv6:
2a05:f480:1000::-2a05:f480:37ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
56:de:7e:b9:3d:5b:fb:7b:ce:4c:79:db:f0:b6:d1:ca:00:ca:
e7:c1:6d:c7:39:34:76:8a:b7:71:fa:45:d2:13:40:80:03:52:
86:80:da:bf:c0:ed:12:1f:06:be:a1:af:77:9d:dd:fa:10:98:
7a:18:14:45:64:46:62:66:1a:15:74:f7:b5:da:ef:7e:b2:1a:
5a:12:c7:69:f1:e3:7e:d8:c2:94:60:23:1c:e5:32:f2:08:e2:
c5:b4:b9:b6:ac:d6:11:fc:7d:66:e3:4f:6d:0a:6f:3a:c6:2c:
05:3c:9e:26:e1:e9:91:3a:31:ad:41:84:a4:ca:f5:72:77:a7:
26:31:0e:3f:c7:a0:a5:e0:a0:bf:14:4a:dc:8f:17:84:d7:9a:
84:9d:02:8a:17:c0:e2:da:f6:49:f4:39:98:04:1f:22:40:35:
47:0f:32:54:31:d3:f2:d0:14:74:0a:19:3a:96:a0:51:ea:07:
44:83:ae:a8:bf:c3:8b:94:56:35:67:ee:4a:cd:a6:af:b9:99:
a8:2b:85:f7:98:c3:89:3e:75:ae:cb:72:d0:f0:0d:a6:8f:85:
92:b7:96:f2:31:fb:26:9f:93:fc:58:10:34:08:65:74:85:42:
cb:f2:c4:ee:10:75:14:f7:a9:d2:f2:32:1e:95:3a:6c:e9:be:
d5:0c:9d:14
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYxZ7rh27lwJLZr7Zqq9ap5DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4N2I3NjY5Njg3MTYyOTZlNWJiYTBiY2U4Mzg1NmFlNzE2
NWI4YjgwHhcNMjMxMjExMTczMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTlhZTc4NDMxYTU1YmI3MGZmMTY5MjRmMWExNDVhNGQ1MDgyN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ie1bgWtb4AI2YJvifqABM5+1xbh
s6eynci0wfE0sa26rVLEdoiSmDj1jUkTwDemprk3dHTt6gp3RpuI+KrZDxqEJLPy
thLDDHHAb6KGi9ThtP8I6alcgEEwZ17eE4emj75oUjGF/zK/GEa1O1PhHWD/dzv3
meqyC8QxYCjwm0fhnvokHg40vJbVJRCHYVFsQkdbIyxZ91cQhr1gygNHtoDEqDhl
0wWj7nxW60IW7LxRLTXEacs+9AZL2HNkJs6wO7+CoGLEksTZrAmOk1uauj4Bniip
uRu4hkM7/3kvOkxk2DfII39b1d6+uPlwysdLlI+oY1ifmc5FVsoj7N17YwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFNqa54QxpVu3D/FpJPGhRaTVCCf8MB8GA1UdIwQY
MBaAFLh7dmlocWKW5bugvOg4Vq5xZbi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUh0MmFXaHhZcGJsdTZDODZEaFdybkZsdUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9hM2VkZTYtYmMzMS00ZDAwLTkyNWMt
M2Q2MTJmMzI0OTk2LzEvMnBybmhER2xXN2NQOFdrazhhRkZwTlVJSl93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9hM2VkZTYtYmMzMS00ZDAwLTkyNWMtM2Q2MTJmMzI0OTk2
LzEvdUh0MmFXaHhZcGJsdTZDODZEaFdybkZsdUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDA8BAIAATA2AwQFQvXAAwQG
To3AAwQEUPAQAwQHX7OAAwQCuVzcAwQGwPiAAwQFx/cAAwQF0frgAwQE2UUAMBgE
AgACMBIwEAMGBCoF9IAQAwYDKgX0gDAwDQYJKoZIhvcNAQELBQADggEBAFbefrk9
W/t7zkx52/C20coAyufBbcc5NHaKt3H6RdITQIADUoaA2r/A7RIfBr6hr3ed3foQ
mHoYFEVkRmJmGhV097Xa736yGloSx2nx437YwpRgIxzlMvII4sW0ubas1hH8fWbj
T20KbzrGLAU8nibh6ZE6Ma1BhKTK9XJ3pyYxDj/HoKXgoL8UStyPF4TXmoSdAooX
wOLa9kn0OZgEHyJANUcPMlQx0/LQFHQKGTqWoFHqB0SDrqi/w4uUVjVn7krNpq+5
magrhfeYw4k+da7LctDwDaaPhZK3lvIx+yafk/xYEDQIZXSFQsvyxO4QdRT3qdLy
Mh6VOmzpvtUMnRQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:34 2025 by rpki-client