Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/2X9D2sII_8CzbAUs6gwf68jL788.roa
File: 2X9D2sII_8CzbAUs6gwf68jL788.roa (raw, json)
Hash identifier: 3Xu/vYboXbdKI/238pUFVyBhC/IYmf/ir6VWI3TmRhI=
Subject key identifier: D9:7F:43:DA:C2:08:FF:C0:B3:6C:05:2C:EA:0C:1F:EB:C8:CB:EF:CF
Certificate issuer: /CN=e4b1306101cc9ec9fce985280c1db0f37c135a3a
Certificate serial: 024BF4B5
Authority key identifier: E4:B1:30:61:01:CC:9E:C9:FC:E9:85:28:0C:1D:B0:F3:7C:13:5A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5LEwYQHMnsn86YUoDB2w83wTWjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/2X9D2sII_8CzbAUs6gwf68jL788.roa
Signing time: Sat 01 Jan 2022 10:01:08 +0000
ROA not before: Sat 01 Jan 2022 10:01:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47165
IP address blocks: 185.13.176.0/22 maxlen: 22
178.74.64.0/18 maxlen: 18
94.137.16.0/20 maxlen: 20
94.137.32.0/20 maxlen: 20
94.137.48.0/20 maxlen: 20
176.62.64.0/18 maxlen: 18
109.120.0.0/20 maxlen: 20
109.120.16.0/20 maxlen: 20
46.233.192.0/18 maxlen: 18
217.25.208.0/20 maxlen: 20
109.120.32.0/20 maxlen: 20
94.137.0.0/20 maxlen: 20
109.120.48.0/20 maxlen: 20
2a02:ddc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 38532277 (0x24bf4b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4b1306101cc9ec9fce985280c1db0f37c135a3a
Validity
Not Before: Jan 1 10:01:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d97f43dac208ffc0b36c052cea0c1febc8cbefcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:99:c6:d1:d9:a9:ba:1e:3b:4f:4c:d1:16:93:
e9:f0:1f:9e:47:50:ab:42:72:34:9e:1d:60:6c:4b:
f0:1f:7d:80:a1:52:51:38:8e:45:6a:ca:8a:ac:44:
dd:13:51:31:d7:33:6b:f2:ab:a9:e7:ee:6a:b4:dd:
c8:6d:2d:dd:c2:2f:c6:ed:94:80:23:7c:5a:2f:95:
7d:a3:8f:be:58:73:a2:70:e2:e9:b6:9c:32:b4:aa:
3f:a2:53:f0:95:1a:76:b2:c8:de:f6:4d:9a:2e:a1:
9c:47:a7:8b:f2:63:19:25:e0:5c:85:d3:10:13:c2:
25:38:47:34:39:ec:66:d5:5b:56:a4:40:3c:ed:19:
b5:7a:62:14:99:70:ca:93:99:a7:4a:07:d7:8c:f8:
79:b3:6c:e9:4c:6a:a8:86:0a:87:e5:bd:aa:40:71:
47:88:e6:f0:35:9f:03:24:5c:9f:30:6a:ed:63:de:
9a:b0:b3:67:4d:59:0a:13:98:64:f5:29:39:1a:24:
29:49:59:49:a7:12:31:e7:a3:f5:6e:97:b3:8f:95:
f1:76:26:fb:18:c7:83:6d:14:74:85:54:a0:67:24:
ba:86:24:06:81:95:c9:6b:25:79:5a:43:68:a2:23:
59:ed:ab:69:15:4e:76:ca:77:c4:24:d3:32:6f:39:
72:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:7F:43:DA:C2:08:FF:C0:B3:6C:05:2C:EA:0C:1F:EB:C8:CB:EF:CF
X509v3 Authority Key Identifier:
keyid:E4:B1:30:61:01:CC:9E:C9:FC:E9:85:28:0C:1D:B0:F3:7C:13:5A:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LEwYQHMnsn86YUoDB2w83wTWjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/2X9D2sII_8CzbAUs6gwf68jL788.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/5LEwYQHMnsn86YUoDB2w83wTWjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.233.192.0/18
94.137.0.0/18
109.120.0.0/18
176.62.64.0/18
178.74.64.0/18
185.13.176.0/22
217.25.208.0/20
IPv6:
2a02:ddc0::/29
Signature Algorithm: sha256WithRSAEncryption
98:33:54:35:2b:3b:b8:bf:32:6d:05:c7:cc:1e:5f:ea:58:7e:
08:f2:ed:69:02:f0:6f:85:1e:f5:58:3b:a0:c4:cb:ef:f9:bd:
3b:ec:89:11:08:f6:cc:9a:ae:3f:44:b0:d5:cb:c7:40:60:38:
13:e1:1f:87:35:99:cf:79:8f:9b:9f:77:f4:af:d5:e1:1b:c8:
df:d9:4a:24:e1:b0:36:b4:ea:7b:ef:e5:e7:0c:06:46:61:e6:
c2:2c:57:d0:98:6b:3b:36:74:fb:4d:dc:62:d4:e8:47:c3:76:
a9:fe:ce:9b:64:8c:8d:c6:bf:87:33:40:9d:11:e1:83:f8:ef:
df:99:b6:e8:96:d8:96:2a:eb:65:a7:f3:24:90:42:3d:d8:41:
ad:a1:a7:00:2c:5f:d7:fe:e8:96:ab:ae:59:ee:61:52:91:1e:
0d:f8:60:c9:80:9f:e4:4f:44:80:48:b0:d0:31:5d:a8:b5:f5:
fd:5f:cc:6d:f6:ea:86:9c:16:d3:a0:da:40:75:b7:93:8f:e2:
b9:83:c7:b1:24:a0:49:1c:6f:11:4a:dd:0b:45:d9:ec:c3:6d:
5a:81:ea:05:53:c1:99:1a:07:32:d1:a6:48:66:e2:93:54:eb:
d9:56:54:4e:9e:24:11:fb:46:c0:98:b8:46:1f:4b:11:41:b4:
8a:be:59:5f
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEAkv0tTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NGIxMzA2MTAxY2M5ZWM5ZmNlOTg1MjgwYzFkYjBmMzdjMTM1YTNhMB4XDTIyMDEw
MTEwMDEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDk3ZjQzZGFjMjA4
ZmZjMGIzNmMwNTJjZWEwYzFmZWJjOGNiZWZjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANKZxtHZqboeO09M0RaT6fAfnkdQq0JyNJ4dYGxL8B99gKFS
UTiORWrKiqxE3RNRMdcza/KrqefuarTdyG0t3cIvxu2UgCN8Wi+VfaOPvlhzonDi
6bacMrSqP6JT8JUadrLI3vZNmi6hnEeni/JjGSXgXIXTEBPCJThHNDnsZtVbVqRA
PO0ZtXpiFJlwypOZp0oH14z4ebNs6UxqqIYKh+W9qkBxR4jm8DWfAyRcnzBq7WPe
mrCzZ01ZChOYZPUpORokKUlZSacSMeej9W6Xs4+V8XYm+xjHg20UdIVUoGckuoYk
BoGVyWsleVpDaKIjWe2raRVOdsp3xCTTMm85cl0CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTZf0Pawgj/wLNsBSzqDB/ryMvvzzAfBgNVHSMEGDAWgBTksTBhAcyeyfzp
hSgMHbDzfBNaOjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVMRXdZUUhNbnNuODZZVW9EQjJ3ODN3VFdqby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNGQwODllLTVkMWMtNGUzNC05NDY1LWZhNjM0OGY2OTViNS8x
LzJYOUQyc0lJXzhDemJBVXM2Z3dmNjhqTDc4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NGQwODllLTVkMWMtNGUzNC05NDY1LWZhNjM0OGY2OTViNS8xLzVMRXdZUUhNbnNu
ODZZVW9EQjJ3ODN3VFdqby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBi7pwAMEBl6JAAMEBm14AAMEBrA+
QAMEBrJKQAMEArkNsAMEBNkZ0DANBAIAAjAHAwUDKgLdwDANBgkqhkiG9w0BAQsF
AAOCAQEAmDNUNSs7uL8ybQXHzB5f6lh+CPLtaQLwb4Ue9Vg7oMTL7/m9O+yJEQj2
zJquP0Sw1cvHQGA4E+EfhzWZz3mPm5939K/V4RvI39lKJOGwNrTqe+/l5wwGRmHm
wixX0JhrOzZ0+03cYtToR8N2qf7Om2SMjca/hzNAnRHhg/jv35m26JbYlirrZafz
JJBCPdhBraGnACxf1/7olquuWe5hUpEeDfhgyYCf5E9EgEiw0DFdqLX1/V/Mbfbq
hpwW06DaQHW3k4/iuYPHsSSgSRxvEUrdC0XZ7MNtWoHqBVPBmRoHMtGmSGbik1Tr
2VZUTp4kEftGwJi4Rh9LEUG0ir5ZXw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:40 2023 by rpki-client on console-ams.rpki-client.org