Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2IZvCb69fv1YV9RO3DH-2am5yS0.roa
File: 2IZvCb69fv1YV9RO3DH-2am5yS0.roa (raw, json)
Hash identifier: yc0v7rYzChC85uQVp+s/4u4v7r32BhLt/e2gBpUd/wE=
Subject key identifier: D8:86:6F:09:BE:BD:7E:FD:58:57:D4:4E:DC:31:FE:D9:A9:B9:C9:2D
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27B53F30
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2IZvCb69fv1YV9RO3DH-2am5yS0.roa
Signing time: Sat 01 Jan 2022 16:08:40 +0000
ROA not before: Sat 01 Jan 2022 16:08:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50245
IP address blocks: 92.38.38.0/24 maxlen: 24
95.47.138.0/24 maxlen: 24
93.171.200.0/22 maxlen: 22
2a02:128:7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 666189616 (0x27b53f30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:08:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8866f09bebd7efd5857d44edc31fed9a9b9c92d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:db:29:79:45:b0:32:d2:8f:91:10:28:61:cc:
ba:28:a1:40:b0:a8:b3:18:ae:29:47:5d:18:3f:0c:
08:78:4a:c1:2e:ed:75:5f:6b:80:cd:20:f1:5c:48:
ce:13:75:31:5d:44:da:56:5e:41:05:65:65:3a:7b:
ce:8c:63:ea:33:57:a4:3f:88:c0:6d:9c:c7:6f:6e:
c0:80:a2:47:99:db:50:a6:9b:ba:78:5a:49:3c:d5:
4b:45:dd:a3:34:19:1c:ce:c7:94:dc:9c:07:9a:c4:
07:ee:d7:13:ed:37:b7:bb:17:f2:61:c0:af:62:71:
83:bd:9a:53:c3:6e:a7:7c:14:8a:81:3e:5c:29:6d:
d8:f0:56:92:b5:b8:54:63:e7:0b:ae:0f:a2:06:5e:
d1:8a:9f:4b:40:7b:83:1b:d5:0b:1d:5d:97:90:9f:
00:f5:d1:bb:30:a4:ab:de:ed:d5:4d:be:58:04:1b:
07:42:c5:ca:f1:5b:b7:7a:96:fa:ca:5c:37:22:8b:
7f:40:f0:06:f0:84:6b:06:24:57:5b:20:57:fd:5a:
f2:62:b9:40:c6:0c:ae:89:0d:b6:f7:94:01:9c:5b:
ff:dc:7d:77:e8:81:4a:bd:c1:b8:34:bd:f0:87:d4:
41:5f:36:be:08:6e:29:43:92:3b:7f:78:14:e2:76:
8a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:86:6F:09:BE:BD:7E:FD:58:57:D4:4E:DC:31:FE:D9:A9:B9:C9:2D
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/2IZvCb69fv1YV9RO3DH-2am5yS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.38.38.0/24
93.171.200.0/22
95.47.138.0/24
IPv6:
2a02:128:7::/48
Signature Algorithm: sha256WithRSAEncryption
38:c0:7c:be:4c:8f:8b:bc:63:a4:f0:0f:19:57:b4:c7:c9:b1:
69:7d:3f:b4:ae:63:96:70:17:13:38:47:19:eb:6b:26:50:27:
66:1e:e9:a5:57:ec:8d:bb:8b:45:b0:fa:b8:68:e9:7e:a0:a2:
0a:3f:4b:5d:0f:75:d2:d6:7d:03:9b:9d:4c:82:fd:6f:0d:d2:
07:4c:64:c6:fa:e6:8e:76:86:2e:c0:cf:bd:94:c1:fb:cf:d3:
c4:38:ae:31:96:ac:33:4d:c6:6e:4f:d9:2c:2b:1f:0f:a1:ce:
60:77:f8:19:53:b2:d7:ae:95:54:bb:2b:a9:7a:79:68:67:e6:
3e:c8:2e:ce:92:94:9c:55:68:bc:ee:3f:b0:a3:7e:2a:b7:c8:
9b:a7:2b:c7:03:8c:d8:73:81:d6:df:bd:59:a3:fe:ea:8b:a8:
cc:0a:2e:7f:8a:3c:52:57:61:89:d1:2d:67:9f:08:b9:aa:7d:
ba:bb:de:41:be:19:41:c7:72:f3:b0:cb:2d:a8:05:84:11:ad:
5b:9e:ea:91:50:1a:a6:22:fe:ef:a7:ea:06:83:38:7c:d4:db:
c1:3d:1e:b1:2c:bd:4b:9c:1b:d6:d0:27:ab:57:f1:4d:23:5b:
bc:3f:63:d0:d3:f7:aa:a4:c3:2c:b7:4c:91:69:01:51:48:cd:
fd:ac:0a:eb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEJ7U/MDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDg0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDg4NjZmMDliZWJk
N2VmZDU4NTdkNDRlZGMzMWZlZDlhOWI5YzkyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbbKXlFsDLSj5EQKGHMuiihQLCosxiuKUddGD8MCHhKwS7t
dV9rgM0g8VxIzhN1MV1E2lZeQQVlZTp7zoxj6jNXpD+IwG2cx29uwICiR5nbUKab
unhaSTzVS0XdozQZHM7HlNycB5rEB+7XE+03t7sX8mHAr2Jxg72aU8Nup3wUioE+
XClt2PBWkrW4VGPnC64PogZe0YqfS0B7gxvVCx1dl5CfAPXRuzCkq97t1U2+WAQb
B0LFyvFbt3qW+spcNyKLf0DwBvCEawYkV1sgV/1a8mK5QMYMrokNtveUAZxb/9x9
d+iBSr3BuDS98IfUQV82vghuKUOSO394FOJ2iosCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTYhm8Jvr1+/VhX1E7cMf7ZqbnJLTAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
LzJJWnZDYjY5ZnYxWVY5Uk8zREgtMmFtNXlTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAFwmJgMEAl2ryAMEAF8vijAPBAIA
AjAJAwcAKgIBKAAHMA0GCSqGSIb3DQEBCwUAA4IBAQA4wHy+TI+LvGOk8A8ZV7TH
ybFpfT+0rmOWcBcTOEcZ62smUCdmHumlV+yNu4tFsPq4aOl+oKIKP0tdD3XS1n0D
m51Mgv1vDdIHTGTG+uaOdoYuwM+9lMH7z9PEOK4xlqwzTcZuT9ksKx8Poc5gd/gZ
U7LXrpVUuyupenloZ+Y+yC7OkpScVWi87j+wo34qt8ibpyvHA4zYc4HW371Zo/7q
i6jMCi5/ijxSV2GJ0S1nnwi5qn26u95BvhlBx3LzsMstqAWEEa1bnuqRUBqmIv7v
p+oGgzh81NvBPR6xLL1LnBvW0CerV/FNI1u8P2PQ0/eqpMMst0yRaQFRSM39rArr
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:29:49 2025 by rpki-client