Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/7a542d-719e-46d0-a5cc-061dd681332c/1/2mT9bo7tBA-Gf2WpCKtIbB6VxsM.roa
File: 2mT9bo7tBA-Gf2WpCKtIbB6VxsM.roa (raw, json)
Hash identifier: 6FQ/yiXjSBJKGj+SiHwSl1TVvD5gfMmiNq+ouNtRVI4=
Subject key identifier: DA:64:FD:6E:8E:ED:04:0F:86:7F:65:A9:08:AB:48:6C:1E:95:C6:C3
Certificate issuer: /CN=36af041d12c4adb66f8c16113c9a6147d02388d9
Certificate serial: DC0097
Authority key identifier: 36:AF:04:1D:12:C4:AD:B6:6F:8C:16:11:3C:9A:61:47:D0:23:88:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nq8EHRLErbZvjBYRPJphR9AjiNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/7a542d-719e-46d0-a5cc-061dd681332c/1/2mT9bo7tBA-Gf2WpCKtIbB6VxsM.roa
Signing time: Sat 01 Jan 2022 09:58:04 +0000
ROA not before: Sat 01 Jan 2022 09:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198203
IP address blocks: 81.4.108.0/22 maxlen: 24
81.4.124.0/22 maxlen: 24
81.4.120.0/22 maxlen: 24
185.34.219.0/24 maxlen: 24
185.34.218.0/24 maxlen: 24
185.34.216.0/24 maxlen: 24
91.229.232.0/24 maxlen: 24
81.4.104.0/22 maxlen: 24
81.4.100.0/22 maxlen: 24
185.56.60.0/22 maxlen: 24
185.56.61.0/24 maxlen: 24
176.56.224.0/20 maxlen: 24
2a00:d880::/32 maxlen: 48
2a00:d880:4::/48 maxlen: 48
2a02:50e0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14418071 (0xdc0097)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36af041d12c4adb66f8c16113c9a6147d02388d9
Validity
Not Before: Jan 1 09:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da64fd6e8eed040f867f65a908ab486c1e95c6c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2f:b4:cd:a7:75:ea:68:98:bd:c6:ee:ec:78:
b7:c5:ca:2f:ad:86:fd:8c:39:58:05:4c:f6:e8:c8:
03:92:36:b7:54:1b:b8:72:ee:a7:6a:c5:e0:e9:58:
38:7e:31:4a:4e:2a:c5:12:94:fc:77:55:e4:3a:81:
6c:9e:39:0b:63:57:1a:75:88:00:e6:cb:02:a8:b4:
82:04:7f:0e:e5:90:08:76:b1:44:28:d4:d6:a2:98:
36:44:ed:b8:6b:fb:59:17:3a:7f:39:6a:ff:22:c2:
29:e4:44:10:97:37:5c:69:4a:f6:e1:1d:05:e5:2d:
db:8d:f7:61:58:56:09:15:0e:a8:30:1d:1a:f1:9c:
c7:c1:b3:67:0e:9d:7f:ca:cf:92:f1:ab:b2:1a:da:
70:e5:9c:ac:d0:6b:a5:a3:24:74:0f:a4:92:74:87:
93:21:6e:bc:42:5a:f8:f9:69:b9:25:a4:1c:6a:38:
9a:94:20:e3:92:c0:ed:ba:53:da:a5:b5:79:4e:ec:
c1:73:25:08:40:c3:37:58:af:68:41:5d:1e:47:ab:
44:ea:3d:4c:9f:46:2e:5a:d2:14:ec:f7:74:15:4d:
d4:21:0d:82:17:10:8d:55:24:84:eb:91:cc:ce:d6:
0f:5a:72:b3:cc:ba:12:cc:53:51:71:1e:30:ab:92:
9e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:64:FD:6E:8E:ED:04:0F:86:7F:65:A9:08:AB:48:6C:1E:95:C6:C3
X509v3 Authority Key Identifier:
keyid:36:AF:04:1D:12:C4:AD:B6:6F:8C:16:11:3C:9A:61:47:D0:23:88:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nq8EHRLErbZvjBYRPJphR9AjiNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/7a542d-719e-46d0-a5cc-061dd681332c/1/2mT9bo7tBA-Gf2WpCKtIbB6VxsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/7a542d-719e-46d0-a5cc-061dd681332c/1/Nq8EHRLErbZvjBYRPJphR9AjiNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.4.100.0-81.4.111.255
81.4.120.0/21
91.229.232.0/24
176.56.224.0/20
185.34.216.0/24
185.34.218.0/23
185.56.60.0/22
IPv6:
2a00:d880::/32
2a02:50e0::/32
Signature Algorithm: sha256WithRSAEncryption
68:6d:24:e3:c6:22:0c:3a:f7:eb:42:e0:ae:f4:7a:6d:3c:b4:
00:75:ca:0f:5e:85:6a:bf:87:98:66:8c:aa:74:b6:4e:a2:14:
b2:e7:9d:63:c1:0b:ef:9e:b1:9b:1a:54:f7:e1:8d:51:90:5c:
6e:ce:1a:66:a3:69:69:48:6c:c8:8c:cb:77:29:d1:86:d0:85:
1d:50:85:50:b2:e9:28:ad:0c:17:3e:7d:ef:78:54:ed:67:fd:
4c:80:e8:6f:da:51:c7:a0:a2:61:ed:19:3b:e4:1f:fe:bc:71:
64:e5:b3:16:9b:5d:57:46:37:b7:1f:47:1a:2a:51:3e:fe:c9:
be:43:a2:8c:b7:ea:19:c6:4d:a5:d2:f5:78:4d:ce:d8:b5:07:
61:e1:8e:e1:a8:4f:3c:b3:17:a4:72:0b:b9:6d:a6:3d:b3:db:
55:b5:06:51:05:89:ca:8c:99:2a:c8:b1:e7:4b:66:04:cf:c5:
37:ae:3a:89:1b:ac:c9:d3:65:ec:c4:ad:8a:02:22:1d:92:0f:
ef:93:09:67:e9:52:ee:cd:c8:3f:ba:62:20:45:55:7a:80:11:
fc:43:52:bc:d0:16:f8:10:81:20:0a:34:97:c3:a9:a9:b6:b0:
1a:f3:f1:0a:e1:30:f3:4f:d0:48:8c:21:e5:d9:a4:ee:ff:bc:
47:e3:7d:26
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEANwAlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmFmMDQxZDEyYzRhZGI2NmY4YzE2MTEzYzlhNjE0N2QwMjM4OGQ5MB4XDTIyMDEw
MTA5NTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE2NGZkNmU4ZWVk
MDQwZjg2N2Y2NWE5MDhhYjQ4NmMxZTk1YzZjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgvtM2ndepomL3G7ux4t8XKL62G/Yw5WAVM9ujIA5I2t1Qb
uHLup2rF4OlYOH4xSk4qxRKU/HdV5DqBbJ45C2NXGnWIAObLAqi0ggR/DuWQCHax
RCjU1qKYNkTtuGv7WRc6fzlq/yLCKeREEJc3XGlK9uEdBeUt2433YVhWCRUOqDAd
GvGcx8GzZw6df8rPkvGrshracOWcrNBrpaMkdA+kknSHkyFuvEJa+PlpuSWkHGo4
mpQg45LA7bpT2qW1eU7swXMlCEDDN1ivaEFdHkerROo9TJ9GLlrSFOz3dBVN1CEN
ghcQjVUkhOuRzM7WD1pys8y6EsxTUXEeMKuSnkMCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBTaZP1uju0ED4Z/ZakIq0hsHpXGwzAfBgNVHSMEGDAWgBQ2rwQdEsSttm+M
FhE8mmFH0COI2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05xOEVIUkxFcmJadmpCWVJQSnBoUjlBamlOay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvN2E1NDJkLTcxOWUtNDZkMC1hNWNjLTA2MWRkNjgxMzMyYy8x
LzJtVDlibzd0QkEtR2YyV3BDS3RJYkI2VnhzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
N2E1NDJkLTcxOWUtNDZkMC1hNWNjLTA2MWRkNjgxMzMyYy8xL05xOEVIUkxFcmJa
dmpCWVJQSnBoUjlBamlOay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwOAQCAAEwMjAMAwQCUQRkAwQEUQRgAwQDUQR4AwQA
W+XoAwQEsDjgAwQAuSLYAwQBuSLaAwQCuTg8MBQEAgACMA4DBQAqANiAAwUAKgJQ
4DANBgkqhkiG9w0BAQsFAAOCAQEAaG0k48YiDDr360LgrvR6bTy0AHXKD16Far+H
mGaMqnS2TqIUsuedY8EL756xmxpU9+GNUZBcbs4aZqNpaUhsyIzLdynRhtCFHVCF
ULLpKK0MFz5973hU7Wf9TIDob9pRx6CiYe0ZO+Qf/rxxZOWzFptdV0Y3tx9HGipR
Pv7JvkOijLfqGcZNpdL1eE3O2LUHYeGO4ahPPLMXpHILuW2mPbPbVbUGUQWJyoyZ
Ksix50tmBM/FN646iRusydNl7MStigIiHZIP75MJZ+lS7s3IP7piIEVVeoAR/ENS
vNAW+BCBIAo0l8OpqbawGvPxCuEw80/QSIwh5dmk7v+8R+N9Jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:56 2024 by rpki-client on console-ams.rpki-client.org