Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/2_LmHC4JACDL4Y1h7MHoA2ZKZio.roa
File: 2_LmHC4JACDL4Y1h7MHoA2ZKZio.roa (raw, json)
Hash identifier: wR/KfnFOcgG+AfYPzJMFCyXgPqYpvFASj7muZpbJjVE=
Subject key identifier: DB:F2:E6:1C:2E:09:00:20:CB:E1:8D:61:EC:C1:E8:03:66:4A:66:2A
Certificate issuer: /CN=32c2be483ff27bb8f0dc09ce0f71f2a88eaf7e07
Certificate serial: 0188E2CEAFB4846936FECD03A7E098E505C7
Authority key identifier: 32:C2:BE:48:3F:F2:7B:B8:F0:DC:09:CE:0F:71:F2:A8:8E:AF:7E:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MsK-SD_ye7jw3AnOD3HyqI6vfgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/2_LmHC4JACDL4Y1h7MHoA2ZKZio.roa
Signing time: Thu 22 Jun 2023 11:12:56 +0000
ROA not before: Thu 22 Jun 2023 11:12:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51941
IP address blocks: 46.183.72.0/21 maxlen: 24
46.183.72.0/23 maxlen: 23
46.183.78.0/24 maxlen: 24
185.128.252.0/22 maxlen: 24
46.183.76.0/23 maxlen: 23
46.183.74.0/23 maxlen: 23
2a02:2380:2::/48 maxlen: 48
2a02:2380::/32 maxlen: 48
2a02:2380:ff00::/48 maxlen: 48
2a02:2380:3::/48 maxlen: 48
2a02:2380:1::/48 maxlen: 48
2a02:2380:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:e2:ce:af:b4:84:69:36:fe:cd:03:a7:e0:98:e5:05:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32c2be483ff27bb8f0dc09ce0f71f2a88eaf7e07
Validity
Not Before: Jun 22 11:12:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dbf2e61c2e090020cbe18d61ecc1e803664a662a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:12:de:12:6e:24:30:9d:2c:bf:91:ae:df:28:
04:67:85:c5:9c:6d:aa:75:52:00:be:24:3a:6e:52:
b9:37:5e:3d:32:d2:ee:d5:18:e2:9c:93:7f:7f:3a:
42:47:30:86:32:6f:36:6c:dd:ab:e2:8e:7e:bb:b0:
17:f4:5b:94:76:35:e0:89:d8:fb:63:fe:08:0a:07:
60:bf:29:bc:16:26:5c:86:aa:98:70:7a:3e:12:3c:
73:84:e3:da:90:8d:94:cb:79:ca:08:f4:80:be:04:
49:6f:db:fa:04:00:ec:0a:be:3c:12:a5:60:69:c4:
07:4d:b5:74:ee:e7:7b:04:6f:f1:76:56:34:56:26:
2e:ec:1a:ee:ff:29:dd:2d:85:2a:e5:7a:f3:64:ec:
f1:55:69:d7:e2:bb:6a:5e:75:fa:fc:45:3c:d5:49:
fa:98:66:e7:c8:8a:2f:e7:24:3f:52:52:1d:f4:7b:
93:97:9d:cf:63:a0:a7:b8:cc:92:3b:b2:a1:a3:f1:
15:a5:44:34:08:e5:ec:af:c4:71:d5:2e:78:4d:da:
90:48:44:9b:bf:c5:56:d1:5b:f8:6e:06:40:f4:6f:
7b:ed:52:ba:2b:5c:df:42:69:26:c0:10:ab:4e:14:
cf:1a:c5:22:03:ae:12:cf:86:c1:50:0a:ec:87:c1:
2e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F2:E6:1C:2E:09:00:20:CB:E1:8D:61:EC:C1:E8:03:66:4A:66:2A
X509v3 Authority Key Identifier:
keyid:32:C2:BE:48:3F:F2:7B:B8:F0:DC:09:CE:0F:71:F2:A8:8E:AF:7E:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MsK-SD_ye7jw3AnOD3HyqI6vfgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/2_LmHC4JACDL4Y1h7MHoA2ZKZio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/ff00c4-b728-44a0-962d-973db9ce68b5/1/MsK-SD_ye7jw3AnOD3HyqI6vfgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.183.72.0/21
185.128.252.0/22
IPv6:
2a02:2380::/32
Signature Algorithm: sha256WithRSAEncryption
93:2b:b1:5c:6b:ce:3b:67:4a:f8:76:2c:13:df:29:52:7a:36:
f6:46:8f:c0:66:10:25:8d:62:ee:1e:e6:9a:93:f4:d7:25:8e:
33:64:39:01:7a:4a:0a:92:7b:ae:34:55:5e:93:ce:ef:c5:0f:
c0:5e:6c:13:7b:24:60:2d:1d:a1:5a:da:19:25:dd:14:32:51:
7d:b3:c9:75:6e:6b:89:d5:42:10:53:36:db:6e:46:df:9c:8b:
24:4f:52:b0:bf:37:88:37:40:dd:f1:e4:52:52:44:c8:2c:ff:
2a:ea:2f:0e:fd:99:d1:5d:31:85:c9:32:44:f2:e7:94:43:78:
10:4c:1c:9d:b5:3e:7b:e6:f6:b4:af:ef:b1:da:0d:91:76:95:
3a:31:b7:15:c7:7a:90:c6:40:08:17:41:40:73:8b:54:11:b2:
e5:62:a8:a0:57:43:8c:5b:7b:d3:58:af:95:5f:13:2e:e3:1c:
5f:2d:36:bf:53:7b:e1:ce:b4:34:b7:2e:a7:c3:4e:7e:ba:da:
3e:43:df:b4:23:53:4c:48:96:51:ae:c2:9a:18:45:5e:45:fc:
00:45:56:42:fc:46:d4:a1:22:cd:3e:0e:86:bf:53:4c:38:e4:
20:a7:77:56:38:01:4f:8c:4e:e7:84:34:02:4c:6d:28:86:f5:
1a:7b:f6:18
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYjizq+0hGk2/s0Dp+CY5QXHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYzJiZTQ4M2ZmMjdiYjhmMGRjMDljZTBmNzFmMmE4OGVh
ZjdlMDcwHhcNMjMwNjIyMTExMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmYyZTYxYzJlMDkwMDIwY2JlMThkNjFlY2MxZTgwMzY2NGE2NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRLeEm4kMJ0sv5Gu3ygEZ4XFnG2q
dVIAviQ6blK5N149MtLu1RjinJN/fzpCRzCGMm82bN2r4o5+u7AX9FuUdjXgidj7
Y/4ICgdgvym8FiZchqqYcHo+EjxzhOPakI2Uy3nKCPSAvgRJb9v6BADsCr48EqVg
acQHTbV07ud7BG/xdlY0ViYu7Bru/yndLYUq5XrzZOzxVWnX4rtqXnX6/EU81Un6
mGbnyIov5yQ/UlId9HuTl53PY6CnuMySO7Kho/EVpUQ0COXsr8Rx1S54TdqQSESb
v8VW0Vv4bgZA9G977VK6K1zfQmkmwBCrThTPGsUiA64Sz4bBUArsh8EuiwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNvy5hwuCQAgy+GNYezB6ANmSmYqMB8GA1UdIwQY
MBaAFDLCvkg/8nu48NwJzg9x8qiOr34HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXNLLVNEX3llN2p3M0FuT0QzSHlxSTZ2ZmdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mZjAwYzQtYjcyOC00NGEwLTk2MmQt
OTczZGI5Y2U2OGI1LzEvMl9MbUhDNEpBQ0RMNFkxaDdNSG9BMlpLWmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mZjAwYzQtYjcyOC00NGEwLTk2MmQtOTczZGI5Y2U2OGI1
LzEvTXNLLVNEX3llN2p3M0FuT0QzSHlxSTZ2ZmdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLrdIAwQC
uYD8MA0EAgACMAcDBQAqAiOAMA0GCSqGSIb3DQEBCwUAA4IBAQCTK7Fca847Z0r4
diwT3ylSejb2Ro/AZhAljWLuHuaak/TXJY4zZDkBekoKknuuNFVek87vxQ/AXmwT
eyRgLR2hWtoZJd0UMlF9s8l1bmuJ1UIQUzbbbkbfnIskT1KwvzeIN0Dd8eRSUkTI
LP8q6i8O/ZnRXTGFyTJE8ueUQ3gQTBydtT575va0r++x2g2RdpU6MbcVx3qQxkAI
F0FAc4tUEbLlYqigV0OMW3vTWK+VXxMu4xxfLTa/U3vhzrQ0ty6nw05+uto+Q9+0
I1NMSJZRrsKaGEVeRfwARVZC/EbUoSLNPg6Gv1NMOOQgp3dWOAFPjE7nhDQCTG0o
hvUae/YY
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:43 2025 by rpki-client