Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/2frCwubJjCj8SfIdsU6q-ny6iXE.roa
File: 2frCwubJjCj8SfIdsU6q-ny6iXE.roa (raw, json)
Hash identifier: A8N2CgaBRczHa3jQ2oz02fcMxvuFNV48gv5DoMYqbxw=
Subject key identifier: D9:FA:C2:C2:E6:C9:8C:28:FC:49:F2:1D:B1:4E:AA:FA:7C:BA:89:71
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 018317CF4662BA39917623C78C5D959FC625
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/2frCwubJjCj8SfIdsU6q-ny6iXE.roa
Signing time: Wed 07 Sep 2022 11:56:43 +0000
ROA not before: Wed 07 Sep 2022 11:56:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39608
IP address blocks: 185.53.76.0/23 maxlen: 24
176.39.34.0/23 maxlen: 24
176.39.36.0/23 maxlen: 24
194.33.189.0/24 maxlen: 24
86.111.64.0/19 maxlen: 19
176.38.0.0/16 maxlen: 17
86.111.88.0/21 maxlen: 22
194.50.85.0/24 maxlen: 24
176.36.0.0/16 maxlen: 17
176.36.0.0/14 maxlen: 14
176.37.0.0/16 maxlen: 17
194.60.69.0/24 maxlen: 24
2a01:5800::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:17:cf:46:62:ba:39:91:76:23:c7:8c:5d:95:9f:c6:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Sep 7 11:56:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9fac2c2e6c98c28fc49f21db14eaafa7cba8971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:31:99:67:8e:11:53:7f:47:bc:8d:fb:6b:ef:
45:e5:96:71:73:7c:c7:bd:3e:23:a3:36:a6:8a:e5:
18:ae:2e:40:06:7e:c3:ce:23:7c:75:34:47:7c:a2:
67:1c:f1:c2:c9:77:47:f3:10:f6:45:1a:94:86:b9:
a6:0d:4d:e9:21:25:c7:a5:b4:ef:4a:38:0a:9e:b8:
b7:c7:b9:00:f9:e2:c8:6e:66:2a:0b:71:31:ab:6f:
fa:63:e4:bb:14:3e:86:fb:66:97:fc:ee:f0:68:12:
e1:db:ac:2f:9a:b9:fe:15:d0:0b:26:e3:e8:57:0a:
9e:a6:02:52:b4:1f:86:19:a2:0d:fc:d2:1e:8c:e6:
51:0a:30:88:26:44:57:48:0a:15:17:7e:39:aa:8d:
c5:4b:ca:3d:02:f2:c5:a3:67:42:a1:b6:62:c0:70:
fd:f4:cf:ec:f2:57:dc:44:ba:f4:f4:5b:1f:4e:eb:
7a:55:0c:83:de:ce:9c:29:f3:69:f8:9b:03:0a:e0:
63:a0:66:70:08:cd:3d:5d:87:55:07:51:80:a3:97:
ef:37:e6:78:71:b9:c6:e9:12:33:5c:04:87:fd:88:
7e:f7:95:87:90:dc:4e:0d:a9:48:42:e4:a7:e3:02:
41:09:d1:c7:76:54:b5:0a:77:d5:70:5b:f7:5f:d2:
fe:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FA:C2:C2:E6:C9:8C:28:FC:49:F2:1D:B1:4E:AA:FA:7C:BA:89:71
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/2frCwubJjCj8SfIdsU6q-ny6iXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.64.0/19
176.36.0.0/14
185.53.76.0/23
194.33.189.0/24
194.50.85.0/24
194.60.69.0/24
IPv6:
2a01:5800::/32
Signature Algorithm: sha256WithRSAEncryption
23:f7:5d:02:f2:41:37:6c:f1:9b:84:c8:79:dc:8a:8b:3d:57:
c7:96:dc:b4:05:e7:b5:c5:9c:3b:7a:a7:2f:2f:09:44:ce:b8:
03:f4:62:b0:ae:61:54:e8:6f:20:2d:3a:49:2f:be:78:ea:17:
17:94:31:fb:b1:1a:5b:ca:47:63:90:01:e8:f4:3e:9f:d2:37:
86:2d:bc:f7:5b:5c:da:6f:ad:aa:c2:5b:b1:a1:a6:35:e8:95:
c5:21:ed:65:dc:cb:2a:81:f1:cf:3a:c0:5f:40:ad:30:83:3a:
50:b9:1b:43:d5:02:6e:22:66:ec:ac:0c:6c:c0:5a:49:28:50:
2e:31:a6:12:65:9c:ec:b0:36:21:34:c1:8d:33:9d:51:49:4f:
aa:31:0b:4a:46:64:db:07:4f:94:53:08:dc:43:8e:d4:04:df:
ad:12:df:10:91:0c:5e:49:63:90:23:1e:f0:a0:dc:97:b4:35:
a4:d7:c7:8c:fa:59:54:09:6e:a8:50:ff:c7:f7:89:66:a7:b6:
7a:e7:af:81:f2:a5:ed:9d:bc:75:27:ef:e6:8b:d3:13:4d:b9:
34:b4:93:fa:d7:1f:41:fa:17:ff:ed:b8:6a:98:77:45:3f:86:
0c:ff:4c:db:e6:65:34:ab:45:8c:24:1c:e3:79:de:7c:d0:7a:
53:41:7a:9e
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYMXz0ZiujmRdiPHjF2Vn8YlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjIwOTA3MTE1NjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWZhYzJjMmU2Yzk4YzI4ZmM0OWYyMWRiMTRlYWFmYTdjYmE4OTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjGZZ44RU39HvI37a+9F5ZZxc3zH
vT4jozamiuUYri5ABn7DziN8dTRHfKJnHPHCyXdH8xD2RRqUhrmmDU3pISXHpbTv
SjgKnri3x7kA+eLIbmYqC3Exq2/6Y+S7FD6G+2aX/O7waBLh26wvmrn+FdALJuPo
VwqepgJStB+GGaIN/NIejOZRCjCIJkRXSAoVF345qo3FS8o9AvLFo2dCobZiwHD9
9M/s8lfcRLr09FsfTut6VQyD3s6cKfNp+JsDCuBjoGZwCM09XYdVB1GAo5fvN+Z4
cbnG6RIzXASH/Yh+95WHkNxODalIQuSn4wJBCdHHdlS1CnfVcFv3X9L+qwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNn6wsLmyYwo/EnyHbFOqvp8uolxMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xLzJmckN3dWJKakNqOFNmSWRzVTZxLW55NmlYRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSwYIKwYBBQUHAQcBAf8EPDA6MCkEAgABMCMDBAVWb0AD
AwKwJAMEAbk1TAMEAMIhvQMEAMIyVQMEAMI8RTANBAIAAjAHAwUAKgFYADANBgkq
hkiG9w0BAQsFAAOCAQEAI/ddAvJBN2zxm4TIedyKiz1Xx5bctAXntcWcO3qnLy8J
RM64A/RisK5hVOhvIC06SS++eOoXF5Qx+7EaW8pHY5AB6PQ+n9I3hi2891tc2m+t
qsJbsaGmNeiVxSHtZdzLKoHxzzrAX0CtMIM6ULkbQ9UCbiJm7KwMbMBaSShQLjGm
EmWc7LA2ITTBjTOdUUlPqjELSkZk2wdPlFMI3EOO1ATfrRLfEJEMXkljkCMe8KDc
l7Q1pNfHjPpZVAluqFD/x/eJZqe2euevgfKl7Z28dSfv5ovTE025NLST+tcfQfoX
/+24aph3RT+GDP9M2+ZlNKtFjCQc43nefNB6U0F6ng==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:27 2025 by rpki-client