Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/2mFnz8EasbxXxZAoMI8tWga42oE.roa
File: 2mFnz8EasbxXxZAoMI8tWga42oE.roa (raw, json)
Hash identifier: zkX1Y7Fz3O7mXPMlRYdYLrXDcjQc96JOOuS7JaoIQfQ=
Subject key identifier: DA:61:67:CF:C1:1A:B1:BC:57:C5:90:28:30:8F:2D:5A:06:B8:DA:81
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 2089A0C0
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/2mFnz8EasbxXxZAoMI8tWga42oE.roa
Signing time: Mon 11 Apr 2022 13:17:47 +0000
ROA not before: Mon 11 Apr 2022 13:17:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60461
IP address blocks: 94.154.50.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
37.114.33.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
2a00:ccc3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 545890496 (0x2089a0c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Apr 11 13:17:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da6167cfc11ab1bc57c59028308f2d5a06b8da81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a6:61:bc:9e:46:da:1c:cc:1e:eb:8c:49:7a:
45:6c:01:01:9b:4d:05:c8:33:0c:53:4c:76:ae:a5:
b2:5f:ce:ff:d5:f8:5e:c6:0b:bf:af:9e:1c:c7:37:
54:83:11:3d:b1:d7:4f:ea:8c:f1:05:d6:68:07:f9:
f4:20:3b:84:e4:80:65:4e:0e:57:7d:44:05:99:33:
bf:a4:44:d3:b9:1d:f5:b4:d4:b0:73:8c:f7:e7:8e:
32:a4:21:67:8f:bf:ef:95:09:b0:af:93:39:ff:39:
93:9b:e2:da:17:86:b6:91:5a:af:64:9c:aa:5d:39:
e0:45:99:04:52:6e:32:b6:eb:fc:20:80:12:f1:3a:
48:e7:26:ef:c5:91:8e:01:5a:12:69:22:d3:8b:ae:
d4:c9:b5:9f:cd:67:15:c1:79:b0:f3:41:34:df:5e:
fc:89:a6:d9:e4:b0:d3:24:7e:1e:7c:9d:50:b6:b5:
70:5c:8e:db:3a:0f:a8:c7:96:83:43:d6:98:bc:3a:
49:c4:96:72:e6:3e:2e:e4:13:43:77:3e:f9:48:87:
d6:a2:33:fa:3c:3e:96:b3:29:16:79:d1:31:92:7e:
74:f3:2b:4a:f7:40:ed:13:ee:2e:0b:56:ae:1b:80:
5c:ac:a4:be:26:81:86:de:ed:32:24:39:2c:4f:63:
42:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:61:67:CF:C1:1A:B1:BC:57:C5:90:28:30:8F:2D:5A:06:B8:DA:81
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/2mFnz8EasbxXxZAoMI8tWga42oE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.33.0/24
37.114.39.0/24
37.114.43.0-37.114.45.255
37.114.48.0/24
37.114.50.0-37.114.52.255
37.114.54.0/24
37.114.58.0/24
43.251.160.0/24
94.154.50.0/24
176.100.36.0/23
176.100.39.0/24
IPv6:
2a00:ccc3::/32
Signature Algorithm: sha256WithRSAEncryption
ca:30:fb:01:53:b5:4b:c2:2e:37:e2:20:52:0c:46:86:10:6a:
b7:c3:f2:0c:d6:51:99:51:ae:75:36:73:d0:da:b8:fd:f2:6c:
4c:fe:9f:cd:88:11:d1:95:ef:16:3a:d1:a0:e1:af:e5:49:ec:
f9:c0:7b:a2:2e:92:25:27:95:63:f7:35:8d:b1:eb:ee:a9:a7:
8b:d7:c3:d9:37:f8:c6:8d:6f:8b:4f:ab:97:08:89:8b:57:e6:
83:58:0b:9f:ce:6e:70:00:e7:e9:62:da:f0:1b:0f:5d:54:19:
e6:56:83:f1:fa:98:b5:65:78:6e:9b:62:a1:bd:e8:e9:a5:08:
a0:a9:2d:70:b3:60:0c:55:4a:29:25:bd:7d:4d:99:77:40:f5:
54:27:2a:1d:e8:c6:98:29:b3:4a:35:ee:3f:1f:1e:a6:84:d2:
30:23:71:17:b9:85:bb:cf:22:46:e4:19:e9:24:f0:4f:98:a4:
bf:de:ce:27:37:91:b5:59:c3:9b:d8:52:18:0d:74:9f:79:88:
1a:b5:f8:de:8e:cf:48:cb:f2:e2:d3:69:ed:f2:4e:fd:ca:93:
67:65:6d:1a:0f:a6:bd:ed:00:71:48:6e:c4:4a:c6:d8:e3:39:
d3:d7:60:4b:89:79:2f:0e:aa:90:be:4a:0d:a4:d5:d8:2e:1f:
24:8e:27:02
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIEIImgwDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDQx
MTEzMTc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE2MTY3Y2ZjMTFh
YjFiYzU3YzU5MDI4MzA4ZjJkNWEwNmI4ZGE4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIymYbyeRtoczB7rjEl6RWwBAZtNBcgzDFNMdq6lsl/O/9X4
XsYLv6+eHMc3VIMRPbHXT+qM8QXWaAf59CA7hOSAZU4OV31EBZkzv6RE07kd9bTU
sHOM9+eOMqQhZ4+/75UJsK+TOf85k5vi2heGtpFar2Scql054EWZBFJuMrbr/CCA
EvE6SOcm78WRjgFaEmki04uu1Mm1n81nFcF5sPNBNN9e/Imm2eSw0yR+HnydULa1
cFyO2zoPqMeWg0PWmLw6ScSWcuY+LuQTQ3c++UiH1qIz+jw+lrMpFnnRMZJ+dPMr
SvdA7RPuLgtWrhuAXKykviaBht7tMiQ5LE9jQh0CAwEAAaOCAmQwggJgMB0GA1Ud
DgQWBBTaYWfPwRqxvFfFkCgwjy1aBrjagTAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
LzJtRm56OEVhc2J4WHhaQW9NSTh0V2dhNDJvRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB6
BggrBgEFBQcBBwEB/wRrMGkwWAQCAAEwUgMEACVyIQMEACVyJzAMAwQAJXIrAwQB
JXIsAwQAJXIwMAwDBAElcjIDBAAlcjQDBAAlcjYDBAAlcjoDBAAr+6ADBABemjID
BAGwZCQDBACwZCcwDQQCAAIwBwMFACoAzMMwDQYJKoZIhvcNAQELBQADggEBAMow
+wFTtUvCLjfiIFIMRoYQarfD8gzWUZlRrnU2c9DauP3ybEz+n82IEdGV7xY60aDh
r+VJ7PnAe6IukiUnlWP3NY2x6+6pp4vXw9k3+MaNb4tPq5cIiYtX5oNYC5/ObnAA
5+li2vAbD11UGeZWg/H6mLVleG6bYqG96OmlCKCpLXCzYAxVSiklvX1NmXdA9VQn
Kh3oxpgps0o17j8fHqaE0jAjcRe5hbvPIkbkGekk8E+YpL/ezic3kbVZw5vYUhgN
dJ95iBq1+N6Oz0jL8uLTae3yTv3Kk2dlbRoPpr3tAHFIbsRKxtjjOdPXYEuJeS8O
qpC+Sg2k1dguHySOJwI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:17 2024 by rpki-client on console-ams.rpki-client.org