Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/2ivf7z9DsCZNyNZJw_C6UBj-nm8.roa
File: 2ivf7z9DsCZNyNZJw_C6UBj-nm8.roa (raw, json)
Hash identifier: 16jG7MP6IQNKmE1pndicxkeKSYxxH9jLcmBfLLSuMQc=
Subject key identifier: DA:2B:DF:EF:3F:43:B0:26:4D:C8:D6:49:C3:F0:BA:50:18:FE:9E:6F
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 458B876C
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/2ivf7z9DsCZNyNZJw_C6UBj-nm8.roa
Signing time: Fri 25 Mar 2022 08:03:35 +0000
ROA not before: Fri 25 Mar 2022 08:03:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6453
IP address blocks: 194.2.86.0/24 maxlen: 24
194.250.98.0/24 maxlen: 24
90.115.208.0/24 maxlen: 24
90.115.209.0/24 maxlen: 24
194.3.4.0/24 maxlen: 24
194.2.57.0/24 maxlen: 24
81.255.178.0/24 maxlen: 24
194.2.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1166772076 (0x458b876c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Mar 25 08:03:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da2bdfef3f43b0264dc8d649c3f0ba5018fe9e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d4:fc:f3:e2:c3:97:b7:21:e2:a8:2d:b0:dd:
24:c0:cc:27:a2:67:f7:3a:21:a0:00:cc:bd:a4:5e:
fa:83:a1:b6:23:86:d2:b0:06:51:d2:2f:a2:cf:ba:
34:a8:63:5a:a1:b3:74:35:57:6d:9a:a8:04:b5:d2:
89:9a:24:76:80:69:d5:6f:2c:79:bb:23:44:cf:f4:
62:c3:ca:fb:81:a8:d9:8f:fa:7c:0d:39:24:4d:fc:
97:58:83:2a:d4:c0:d6:b2:f1:8c:0e:11:c4:fe:19:
bd:ec:fd:08:d8:e4:0e:dd:8b:9e:86:5e:d2:55:b3:
1a:6f:bc:d3:6d:a9:f8:24:06:a5:1e:c8:85:49:a1:
d6:f2:c2:db:07:41:ba:27:94:67:00:7e:74:b0:2b:
b4:be:9a:41:5f:18:3f:fd:94:c6:49:89:b1:56:a7:
9e:5f:07:a6:9f:56:d4:99:8e:f1:ac:c6:de:13:0d:
25:33:45:30:a4:48:fe:77:85:af:9c:5f:90:e3:f4:
52:05:c0:53:81:7f:c5:91:9b:f1:5d:67:2a:df:a4:
d9:4b:9c:21:09:70:9d:df:da:3d:c5:30:18:a0:8b:
99:84:62:9b:f6:ba:39:df:3c:7b:d9:ff:7e:b7:8d:
e9:fb:e7:1b:0a:bf:7d:36:9a:dd:65:a1:74:ee:19:
39:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:2B:DF:EF:3F:43:B0:26:4D:C8:D6:49:C3:F0:BA:50:18:FE:9E:6F
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/2ivf7z9DsCZNyNZJw_C6UBj-nm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.255.178.0/24
90.115.208.0/23
194.2.56.0/23
194.2.86.0/24
194.3.4.0/24
194.250.98.0/24
Signature Algorithm: sha256WithRSAEncryption
58:88:62:c0:1a:74:0c:cd:47:f1:b3:e8:d8:3c:40:ba:eb:1e:
f6:43:1a:9c:6d:8d:70:7e:07:dc:fe:ae:25:f8:83:be:31:f3:
b5:72:5a:fa:2c:ee:14:24:d5:f0:af:d1:04:2d:c9:bc:95:97:
59:34:fd:14:93:4d:17:43:27:bb:c5:46:5a:6d:21:23:a6:7f:
cd:72:68:3b:dd:5c:08:4f:fe:ea:18:2e:15:ed:dc:7e:44:80:
72:ba:2e:72:bf:ab:6e:64:80:d4:2b:bf:80:7c:b0:ed:2b:fd:
b5:8b:06:36:d6:68:36:69:2b:1e:a5:50:8f:27:5a:8f:bc:25:
90:fd:05:3b:69:7e:6f:c1:18:77:b8:bd:f9:c2:25:ac:c2:1f:
1f:02:30:d2:ce:01:4e:84:18:00:9e:9a:b5:5c:21:c8:65:ea:
ed:b2:5b:97:39:03:11:8a:3c:40:5f:e0:a5:dd:09:ed:6e:68:
4e:79:f4:77:1f:60:cb:89:15:cb:d0:48:b3:49:7f:14:9d:e6:
b3:09:44:19:f2:b6:e1:82:2c:cc:c6:fe:42:6b:7d:69:0e:9c:
9a:61:e2:f1:8f:fd:e8:92:5e:56:53:ff:52:22:8f:94:36:69:
03:01:bb:88:81:77:60:91:0f:a5:97:31:f0:28:69:5e:90:51:
82:f6:a9:ce
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIERYuHbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDMy
NTA4MDMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGEyYmRmZWYzZjQz
YjAyNjRkYzhkNjQ5YzNmMGJhNTAxOGZlOWU2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMTU/PPiw5e3IeKoLbDdJMDMJ6Jn9zohoADMvaRe+oOhtiOG
0rAGUdIvos+6NKhjWqGzdDVXbZqoBLXSiZokdoBp1W8sebsjRM/0YsPK+4Go2Y/6
fA05JE38l1iDKtTA1rLxjA4RxP4Zvez9CNjkDt2LnoZe0lWzGm+8022p+CQGpR7I
hUmh1vLC2wdBuieUZwB+dLArtL6aQV8YP/2UxkmJsVannl8Hpp9W1JmO8azG3hMN
JTNFMKRI/neFr5xfkOP0UgXAU4F/xZGb8V1nKt+k2UucIQlwnd/aPcUwGKCLmYRi
m/a6Od88e9n/freN6fvnGwq/fTaa3WWhdO4ZOeMCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTaK9/vP0OwJk3I1knD8LpQGP6ebzAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
LzJpdmY3ejlEc0NaTnlOWkp3X0M2VUJqLW5tOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAFH/sgMEAVpz0AMEAcICOAMEAMIC
VgMEAMIDBAMEAML6YjANBgkqhkiG9w0BAQsFAAOCAQEAWIhiwBp0DM1H8bPo2DxA
uuse9kManG2NcH4H3P6uJfiDvjHztXJa+izuFCTV8K/RBC3JvJWXWTT9FJNNF0Mn
u8VGWm0hI6Z/zXJoO91cCE/+6hguFe3cfkSAcroucr+rbmSA1Cu/gHyw7Sv9tYsG
NtZoNmkrHqVQjydaj7wlkP0FO2l+b8EYd7i9+cIlrMIfHwIw0s4BToQYAJ6atVwh
yGXq7bJblzkDEYo8QF/gpd0J7W5oTnn0dx9gy4kVy9BIs0l/FJ3mswlEGfK24YIs
zMb+Qmt9aQ6cmmHi8Y/96JJeVlP/UiKPlDZpAwG7iIF3YJEPpZcx8ChpXpBRgvap
zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org