Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/2xqePj16IR-65hi4kxQ_01ccmpo.roa
File: 2xqePj16IR-65hi4kxQ_01ccmpo.roa (raw, json)
Hash identifier: y+8YVGWuTy6sHxyLB6SxBn8UfPgul1QfMELFhVmMsY0=
Subject key identifier: DB:1A:9E:3E:3D:7A:21:1F:BA:E6:18:B8:93:14:3F:D3:57:1C:9A:9A
Certificate issuer: /CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Certificate serial: 1958C0
Authority key identifier: B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/2xqePj16IR-65hi4kxQ_01ccmpo.roa
Signing time: Wed 08 Jun 2022 06:44:02 +0000
ROA not before: Wed 08 Jun 2022 06:44:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25454
IP address blocks: 217.12.112.0/20 maxlen: 24
185.8.68.0/22 maxlen: 22
94.243.64.0/18 maxlen: 24
212.56.192.0/19 maxlen: 24
188.131.0.0/17 maxlen: 24
77.89.192.0/18 maxlen: 24
193.239.182.0/23 maxlen: 24
195.22.224.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1661120 (0x1958c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b03c302c2f52277e3d0ab6842f68aa5f8d0d7787
Validity
Not Before: Jun 8 06:44:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db1a9e3e3d7a211fbae618b893143fd3571c9a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:51:cc:27:05:4e:66:6a:fd:1f:6d:29:e7:67:
95:1b:d4:cb:f5:26:f9:f4:60:54:d1:ad:1c:43:2b:
57:65:a4:52:4a:5c:41:74:c2:bd:b8:10:5d:91:ce:
c4:04:47:37:cd:b7:d2:3e:bf:ab:7f:fd:c8:25:21:
c5:c8:0b:21:c9:85:5b:ed:84:41:55:72:65:1b:fa:
4a:59:6d:28:9a:d4:1e:ec:d7:73:45:ef:c7:1d:34:
1e:6d:a6:a0:5c:0d:fd:4c:e0:a2:08:88:65:dc:8c:
13:f0:a1:61:d5:b3:7b:23:d9:97:39:56:5c:e7:71:
cf:82:26:71:dd:4b:cd:22:0f:72:34:6c:20:52:46:
a8:fc:0f:a2:d4:5e:8e:a4:da:70:be:fb:4a:54:14:
d5:0e:20:9a:27:6c:9c:d8:4d:ab:3c:cf:1a:4e:e2:
64:03:25:3f:d2:34:0b:b0:e2:1f:be:31:0b:60:72:
ad:57:5a:9e:db:63:02:b2:aa:3e:be:8a:10:c5:5b:
52:5f:2f:f9:b6:89:20:e2:00:dc:12:51:ab:c7:87:
d0:a4:38:49:90:8c:1e:83:8b:e2:8c:80:f6:79:b4:
0e:56:94:2a:de:f2:d2:94:a6:56:7d:ec:12:08:dd:
cd:b7:a3:0e:11:21:ff:12:d7:00:66:6d:12:44:a7:
04:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1A:9E:3E:3D:7A:21:1F:BA:E6:18:B8:93:14:3F:D3:57:1C:9A:9A
X509v3 Authority Key Identifier:
keyid:B0:3C:30:2C:2F:52:27:7E:3D:0A:B6:84:2F:68:AA:5F:8D:0D:77:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDwwLC9SJ349CraEL2iqX40Nd4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/2xqePj16IR-65hi4kxQ_01ccmpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/a2ec9c-9d76-4e94-9e3a-6f7024c3aad7/1/sDwwLC9SJ349CraEL2iqX40Nd4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.89.192.0/18
94.243.64.0/18
185.8.68.0/22
188.131.0.0/17
193.239.182.0/23
195.22.224.0/19
212.56.192.0/19
217.12.112.0/20
Signature Algorithm: sha256WithRSAEncryption
69:ae:09:63:57:94:a6:da:dc:96:1e:71:31:d7:55:a9:f6:a0:
73:c3:ed:3d:84:f6:ec:03:1b:37:2e:9e:8f:8b:ed:b5:7a:99:
f6:8e:b4:f0:75:cd:5f:77:e7:b8:58:be:fc:b9:04:ba:30:dd:
dc:a9:7e:4c:7f:2c:55:6e:7a:6e:35:42:75:39:1e:a9:d0:78:
7d:ac:70:56:80:8b:21:c9:81:f6:9a:cf:97:b1:85:9a:5c:ab:
4a:72:2f:7b:a0:23:1e:50:88:bc:a8:4a:65:28:d0:98:4b:67:
34:f1:56:f5:2a:11:28:e0:13:bc:ce:29:bc:24:44:54:66:b5:
b7:7e:d3:fc:51:81:a1:80:76:40:a4:30:9d:22:26:27:4f:bb:
ba:87:48:b7:50:f3:8b:c5:96:78:ae:8b:d8:ae:b8:5a:a6:9e:
66:a3:4f:17:ce:4b:29:9d:2d:02:e5:87:97:f6:35:2f:8e:10:
b5:88:2b:15:da:e4:00:e6:11:4f:af:3b:1c:b5:83:41:5f:3e:
93:56:b5:d1:fb:01:ca:70:6a:36:75:ea:23:b0:16:9b:fd:9f:
13:d8:8e:74:04:28:f5:cf:6e:94:ab:f7:37:92:02:4c:c2:7d:
e3:dd:ae:4a:ad:b2:91:a5:26:29:30:55:f6:11:7b:03:a6:55:
ef:17:23:65
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIDGVjAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIw
M2MzMDJjMmY1MjI3N2UzZDBhYjY4NDJmNjhhYTVmOGQwZDc3ODcwHhcNMjIwNjA4
MDY0NDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkYjFhOWUzZTNkN2Ey
MTFmYmFlNjE4Yjg5MzE0M2ZkMzU3MWM5YTlhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAx1HMJwVOZmr9H20p52eVG9TL9Sb59GBU0a0cQytXZaRSSlxB
dMK9uBBdkc7EBEc3zbfSPr+rf/3IJSHFyAshyYVb7YRBVXJlG/pKWW0omtQe7Ndz
Re/HHTQebaagXA39TOCiCIhl3IwT8KFh1bN7I9mXOVZc53HPgiZx3UvNIg9yNGwg
Ukao/A+i1F6OpNpwvvtKVBTVDiCaJ2yc2E2rPM8aTuJkAyU/0jQLsOIfvjELYHKt
V1qe22MCsqo+vooQxVtSXy/5tokg4gDcElGrx4fQpDhJkIweg4vijID2ebQOVpQq
3vLSlKZWfewSCN3Nt6MOESH/EtcAZm0SRKcE0wIDAQABo4ICMzCCAi8wHQYDVR0O
BBYEFNsanj49eiEfuuYYuJMUP9NXHJqaMB8GA1UdIwQYMBaAFLA8MCwvUid+PQq2
hC9oql+NDXeHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c0R3d0xDOVNKMzQ5Q3JhRUwyaXFYNDBOZDRjLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Ni9hMmVjOWMtOWQ3Ni00ZTk0LTllM2EtNmY3MDI0YzNhYWQ3LzEv
MnhxZVBqMTZJUi02NWhpNGt4UV8wMWNjbXBvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9h
MmVjOWMtOWQ3Ni00ZTk0LTllM2EtNmY3MDI0YzNhYWQ3LzEvc0R3d0xDOVNKMzQ5
Q3JhRUwyaXFYNDBOZDRjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEkG
CCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQGTVnAAwQGXvNAAwQCuQhEAwQHvIMA
AwQBwe+2AwQFwxbgAwQF1DjAAwQE2QxwMA0GCSqGSIb3DQEBCwUAA4IBAQBprglj
V5Sm2tyWHnEx11Wp9qBzw+09hPbsAxs3Lp6Pi+21epn2jrTwdc1fd+e4WL78uQS6
MN3cqX5MfyxVbnpuNUJ1OR6p0Hh9rHBWgIshyYH2ms+XsYWaXKtKci97oCMeUIi8
qEplKNCYS2c08Vb1KhEo4BO8zim8JERUZrW3ftP8UYGhgHZApDCdIiYnT7u6h0i3
UPOLxZZ4rovYrrhapp5mo08XzkspnS0C5YeX9jUvjhC1iCsV2uQA5hFPrzsctYNB
Xz6TVrXR+wHKcGo2deojsBab/Z8T2I50BCj1z26Uq/c3kgJMwn3j3a5KrbKRpSYp
MFX2EXsDplXvFyNl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:37 2025 by rpki-client