Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/2nLN84TruItDsb-QW9eHKDK614s.roa
File: 2nLN84TruItDsb-QW9eHKDK614s.roa (raw, json)
Hash identifier: bXQwpnCSSKcB/n9SJ7R9M25+ZycBGTrQXpfS+KmEHs8=
Subject key identifier: DA:72:CD:F3:84:EB:B8:8B:43:B1:BF:90:5B:D7:87:28:32:BA:D7:8B
Certificate issuer: /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Certificate serial: 018B736786A4179535F57FE8E218C8DAB9FC
Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/2nLN84TruItDsb-QW9eHKDK614s.roa
Signing time: Fri 27 Oct 2023 23:10:46 +0000
ROA not before: Fri 27 Oct 2023 23:10:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8814
IP address blocks: 212.47.144.0/22 maxlen: 22
212.47.148.0/22 maxlen: 22
158.181.44.0/22 maxlen: 22
158.181.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:73:67:86:a4:17:95:35:f5:7f:e8:e2:18:c8:da:b9:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Validity
Not Before: Oct 27 23:10:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da72cdf384ebb88b43b1bf905bd7872832bad78b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:be:d0:45:6e:88:e3:6d:49:58:8d:91:b9:cf:
7c:03:3a:25:9e:84:38:23:09:5c:66:8e:95:78:9e:
3f:80:d3:fb:2f:0b:29:de:77:fd:c0:08:7f:19:4e:
3e:28:6c:2e:50:36:4f:90:e5:61:0a:0f:7c:5c:1e:
71:ac:4e:5e:3f:ce:ef:59:a6:25:73:0f:d5:28:40:
e5:6f:74:f7:aa:55:40:cd:39:8e:84:37:10:79:16:
0a:bf:8d:90:df:a4:c2:4a:aa:15:f2:72:3d:99:11:
ea:21:3f:87:54:63:7b:f4:1b:27:46:63:4f:64:33:
f3:67:5f:10:31:ba:c3:ce:11:a3:07:8d:f2:f2:b4:
86:1c:83:61:e5:e7:94:7d:f6:12:75:a1:cf:5d:18:
39:9a:d4:21:56:60:dc:71:16:58:3c:77:b9:ad:94:
3d:84:06:d2:f9:31:d9:db:f8:63:3f:17:3e:ba:87:
8f:c1:61:14:0c:e0:65:c2:e9:d7:f2:7e:48:4f:57:
90:76:f0:75:32:12:c4:f1:00:a9:6d:44:de:f9:db:
30:3d:89:7c:ac:fe:25:16:f0:e8:90:eb:35:19:ae:
4f:64:60:02:9e:71:1a:24:1b:6d:e8:20:36:44:6a:
2e:ac:21:c4:78:7b:6b:8c:2f:06:10:45:dd:d3:be:
94:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:72:CD:F3:84:EB:B8:8B:43:B1:BF:90:5B:D7:87:28:32:BA:D7:8B
X509v3 Authority Key Identifier:
keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/2nLN84TruItDsb-QW9eHKDK614s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.181.40.0/21
212.47.144.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:e8:22:38:78:46:b1:4f:ab:9f:f3:66:1b:9f:e8:84:93:50:
25:3f:8e:74:ff:03:a8:7f:ee:39:17:09:f8:84:c7:0e:6d:2b:
d3:45:0d:ea:7c:b8:f9:3e:f8:55:90:77:94:dd:35:cb:db:2c:
24:f6:c5:f7:0a:87:f7:d4:0d:a2:2d:d4:7b:72:b7:b2:38:ab:
8f:dd:79:fb:8d:96:a0:df:74:7e:ec:89:24:c6:99:ae:5e:33:
c4:ab:7c:09:cc:c1:e3:5b:ba:03:4f:da:85:c5:35:42:7d:b3:
07:93:e0:f3:8a:51:29:07:5f:2f:6a:d0:8e:70:07:9b:d5:98:
5a:5c:d4:94:6b:f4:76:47:4d:6b:ba:41:3b:43:2f:1a:40:30:
af:71:9a:a9:e7:c9:18:f7:27:0a:47:2b:8d:35:82:d8:f5:0a:
c4:96:0f:20:ec:0d:37:24:88:85:1a:5e:99:d9:15:7a:95:85:
37:a5:8e:94:0f:6f:36:d4:38:39:d0:b3:b8:71:96:94:50:19:
44:ec:f3:2c:d3:99:bc:ad:5e:ae:d3:64:7f:f1:ed:57:1f:58:
73:cf:05:a1:5a:78:66:28:ee:c4:ab:ff:40:cb:e6:d2:5f:b0:
69:9d:c4:8f:3d:fc:a6:61:26:4d:48:20:4f:50:fe:18:56:ed:
30:5b:31:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYtzZ4akF5U19X/o4hjI2rn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi
MTU4OWMwHhcNMjMxMDI3MjMxMDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTcyY2RmMzg0ZWJiODhiNDNiMWJmOTA1YmQ3ODcyODMyYmFkNzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhb7QRW6I421JWI2Ruc98AzolnoQ4
IwlcZo6VeJ4/gNP7Lwsp3nf9wAh/GU4+KGwuUDZPkOVhCg98XB5xrE5eP87vWaYl
cw/VKEDlb3T3qlVAzTmOhDcQeRYKv42Q36TCSqoV8nI9mRHqIT+HVGN79BsnRmNP
ZDPzZ18QMbrDzhGjB43y8rSGHINh5eeUffYSdaHPXRg5mtQhVmDccRZYPHe5rZQ9
hAbS+THZ2/hjPxc+uoePwWEUDOBlwunX8n5IT1eQdvB1MhLE8QCpbUTe+dswPYl8
rP4lFvDokOs1Ga5PZGACnnEaJBtt6CA2RGourCHEeHtrjC8GEEXd076UgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNpyzfOE67iLQ7G/kFvXhygyuteLMB8GA1UdIwQY
MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt
NWQ0OGJjZDdjMWRjLzEvMm5MTjg0VHJ1SXREc2ItUVc5ZUhLREs2MTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDItNWQ0OGJjZDdjMWRj
LzEvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDnrUoAwQD
1C+QMA0GCSqGSIb3DQEBCwUAA4IBAQAb6CI4eEaxT6uf82Ybn+iEk1AlP450/wOo
f+45Fwn4hMcObSvTRQ3qfLj5PvhVkHeU3TXL2ywk9sX3Cof31A2iLdR7creyOKuP
3Xn7jZag33R+7IkkxpmuXjPEq3wJzMHjW7oDT9qFxTVCfbMHk+DzilEpB18vatCO
cAeb1ZhaXNSUa/R2R01rukE7Qy8aQDCvcZqp58kY9ycKRyuNNYLY9QrElg8g7A03
JIiFGl6Z2RV6lYU3pY6UD2821Dg50LO4cZaUUBlE7PMs05m8rV6u02R/8e1XH1hz
zwWhWnhmKO7Eq/9Ay+bSX7BpncSPPfymYSZNSCBPUP4YVu0wWzE7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:45 2025 by rpki-client