Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/2sXiHIKUie8fs3NpzHXUf2u0LVA.roa
File: 2sXiHIKUie8fs3NpzHXUf2u0LVA.roa (raw, json)
Hash identifier: n0mzrkFG/7DIRTvuNgGXXRhamF2UQee9SVKbFHa7t4k=
Subject key identifier: DA:C5:E2:1C:82:94:89:EF:1F:B3:73:69:CC:75:D4:7F:6B:B4:2D:50
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 205A4B81
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/2sXiHIKUie8fs3NpzHXUf2u0LVA.roa
Signing time: Mon 21 Mar 2022 16:53:58 +0000
ROA not before: Mon 21 Mar 2022 16:53:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60461
IP address blocks: 94.154.50.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
2a00:ccc3::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 542788481 (0x205a4b81)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Mar 21 16:53:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dac5e21c829489ef1fb37369cc75d47f6bb42d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:98:cd:01:db:46:da:e1:c9:3d:94:7a:28:5c:
a8:02:dc:f5:23:59:ae:45:45:44:9d:dd:9e:5e:7a:
fb:9d:14:6e:27:29:35:ae:29:46:84:b1:a3:70:ab:
68:40:76:f8:e9:04:96:ea:1f:e8:ae:d2:77:3d:6e:
82:01:95:f1:d9:83:20:d5:e6:ad:97:90:c5:8c:5a:
2e:60:74:35:77:cb:56:64:5d:80:0d:99:03:c0:4f:
c5:e3:32:9a:62:9f:4f:ca:86:e0:ac:ae:70:7c:18:
80:ed:cc:99:37:90:33:a4:78:73:c9:cf:7c:b4:7c:
df:00:d7:b6:c5:f1:4c:77:32:1c:86:10:c9:34:08:
99:00:03:a5:49:d2:2f:e4:e0:4a:91:4e:34:ea:71:
31:07:14:f7:bc:83:99:d1:1c:2d:38:46:08:98:55:
ce:27:e6:f6:71:8d:b2:f6:85:2a:12:b2:38:5f:ad:
f5:0e:6f:80:b4:61:0f:46:35:2f:2a:46:88:b0:cb:
e7:d3:bd:91:18:25:c3:99:93:42:5a:b7:de:ae:60:
77:79:38:be:e9:c0:92:14:d5:8f:f2:3f:51:d8:cf:
fd:ac:26:13:58:fd:d2:07:1d:34:4c:59:c1:73:f7:
68:31:a4:09:90:2c:18:f7:05:27:92:94:d7:11:88:
8e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C5:E2:1C:82:94:89:EF:1F:B3:73:69:CC:75:D4:7F:6B:B4:2D:50
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/2sXiHIKUie8fs3NpzHXUf2u0LVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.39.0/24
37.114.44.0/23
37.114.48.0/24
37.114.50.0/24
37.114.52.0/24
37.114.54.0/24
37.114.58.0/24
43.251.160.0/24
94.154.50.0/24
176.100.36.0/23
176.100.39.0/24
IPv6:
2a00:ccc3::/32
Signature Algorithm: sha256WithRSAEncryption
9a:9d:9e:3f:dc:0b:78:17:70:15:60:b3:06:57:1d:63:53:bc:
3c:e3:d5:24:07:5c:1c:93:d4:b1:ec:5b:b3:4d:26:1c:20:39:
a5:0b:55:66:13:dd:07:1c:5c:15:a8:c1:fb:50:eb:e9:39:c7:
ac:23:c2:49:1f:32:fd:54:2c:11:67:ce:24:4e:8b:4e:10:8f:
fc:cf:59:d7:4f:87:e9:16:3c:de:a4:1e:61:b9:93:63:ce:d3:
0a:41:26:83:6f:92:1a:86:a1:4b:7a:e4:2b:c8:a5:d9:f3:8f:
1a:4d:77:cb:37:8d:d2:e9:17:0a:47:86:84:30:47:08:f3:2e:
36:cd:dc:a7:27:c0:de:39:8a:d8:62:3a:0f:7c:2d:68:2a:6f:
de:a9:7f:8d:7d:be:19:91:42:7c:49:e5:a5:3d:78:b8:0b:5a:
f0:b0:b0:ee:2a:e4:4e:f7:7f:ba:2e:b8:fb:5d:48:e3:ea:da:
58:b8:05:e0:3e:af:64:e8:5c:63:f3:3a:1e:64:15:ce:a8:53:
a1:d7:9a:93:80:88:c5:d6:55:5b:32:2d:f0:9a:d4:24:0d:a0:
b2:c8:00:f3:7f:4a:02:00:8c:31:b9:e4:d7:69:a2:86:b9:1a:
8e:90:9f:90:b3:3c:c9:c0:64:88:ef:9f:bc:33:11:ca:6c:2a:
1f:a5:10:ff
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEIFpLgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTY1OTNiNzQ3ZTc2YTU2NDkyNTExYmIzNjEyZTRkNWU0Y2JlN2VjMB4XDTIyMDMy
MTE2NTM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFjNWUyMWM4Mjk0
ODllZjFmYjM3MzY5Y2M3NWQ0N2Y2YmI0MmQ1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyYzQHbRtrhyT2UeihcqALc9SNZrkVFRJ3dnl56+50Ubicp
Na4pRoSxo3CraEB2+OkEluof6K7Sdz1uggGV8dmDINXmrZeQxYxaLmB0NXfLVmRd
gA2ZA8BPxeMymmKfT8qG4KyucHwYgO3MmTeQM6R4c8nPfLR83wDXtsXxTHcyHIYQ
yTQImQADpUnSL+TgSpFONOpxMQcU97yDmdEcLThGCJhVzifm9nGNsvaFKhKyOF+t
9Q5vgLRhD0Y1LypGiLDL59O9kRglw5mTQlq33q5gd3k4vunAkhTVj/I/UdjP/awm
E1j90gcdNExZwXP3aDGkCZAsGPcFJ5KU1xGIjmsCAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBTaxeIcgpSJ7x+zc2nMddR/a7QtUDAfBgNVHSMEGDAWgBQpZZO3R+dqVkkl
Ebs2EuTV5Mvn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tXV1R0MGZuYWxaSkpSRzdOaExrMWVUTDUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8x
LzJzWGlISUtVaWU4ZnMzTnB6SFhVZjJ1MExWQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YzU4YmRjLTE0ZTctNDk5Yy05ZDljLTFiN2NiYjA4ZDczZi8xL0tXV1R0MGZuYWxa
SkpSRzdOaExrMWVUTDUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEACVyJwMEASVyLAMEACVyMAMEACVy
MgMEACVyNAMEACVyNgMEACVyOgMEACv7oAMEAF6aMgMEAbBkJAMEALBkJzANBAIA
AjAHAwUAKgDMwzANBgkqhkiG9w0BAQsFAAOCAQEAmp2eP9wLeBdwFWCzBlcdY1O8
POPVJAdcHJPUsexbs00mHCA5pQtVZhPdBxxcFajB+1Dr6TnHrCPCSR8y/VQsEWfO
JE6LThCP/M9Z10+H6RY83qQeYbmTY87TCkEmg2+SGoahS3rkK8il2fOPGk13yzeN
0ukXCkeGhDBHCPMuNs3cpyfA3jmK2GI6D3wtaCpv3ql/jX2+GZFCfEnlpT14uAta
8LCw7irkTvd/ui64+11I4+raWLgF4D6vZOhcY/M6HmQVzqhTodeak4CIxdZVWzIt
8JrUJA2gssgA839KAgCMMbnk12mihrkajpCfkLM8ycBkiO+fvDMRymwqH6UQ/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org