Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/2U9XRB-K_UwYd1-Q8q_vtl_D-9A.roa
File: 2U9XRB-K_UwYd1-Q8q_vtl_D-9A.roa (raw, json)
Hash identifier: ccNvgnehgV52psF2+uXRNqXPZdcLeNMW2iqLtXLXQTg=
Subject key identifier: D9:4F:57:44:1F:8A:FD:4C:18:77:5F:90:F2:AF:EF:B6:5F:C3:FB:D0
Certificate issuer: /CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Certificate serial: 0188B9C433FD76925806F5ECE67193E637FF
Authority key identifier: C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/2U9XRB-K_UwYd1-Q8q_vtl_D-9A.roa
Signing time: Wed 14 Jun 2023 11:57:03 +0000
ROA not before: Wed 14 Jun 2023 11:57:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 94.143.208.0/21 maxlen: 24
185.63.20.0/22 maxlen: 24
2a00:1558::/32 maxlen: 48
2a02:27c8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:b9:c4:33:fd:76:92:58:06:f5:ec:e6:71:93:e6:37:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Validity
Not Before: Jun 14 11:57:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d94f57441f8afd4c18775f90f2afefb65fc3fbd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fc:17:3b:f9:dd:ae:d2:48:6a:d6:00:b9:4e:
7a:01:c0:f9:d7:6d:f0:55:be:dc:c7:bc:fd:2a:e0:
0d:24:02:c2:8f:c3:55:e2:e1:ea:ee:42:db:05:40:
fc:54:7b:f2:1d:49:ab:62:91:15:db:e6:56:1d:88:
56:7a:fb:87:34:47:6c:54:7a:7e:ef:94:57:b6:9e:
cf:a0:09:07:d5:c0:fd:51:96:d0:dd:b3:89:04:e8:
36:fc:be:0d:94:31:d9:db:67:fd:64:d6:5c:34:d3:
df:1b:15:00:81:ae:09:08:17:ee:82:a6:e4:8a:c5:
b4:2d:9a:a3:be:f3:d7:74:6c:13:7d:cd:6e:24:35:
2f:07:1d:2a:b3:09:96:cd:53:97:d9:9d:93:1e:1c:
92:3d:15:51:94:cb:3a:17:d0:85:9f:e2:59:01:c8:
75:78:3a:91:85:3f:6e:65:06:5e:b4:fc:12:28:a0:
1a:7e:54:7c:68:d7:4e:ac:4c:f1:6f:e8:fc:55:19:
fd:84:1d:5d:d8:17:39:11:3f:61:7c:e7:85:fc:2d:
b6:e4:64:85:9e:7d:4c:3a:af:d6:aa:88:5b:24:2c:
be:d3:f8:47:ec:b2:fb:be:33:ff:5d:65:3a:5e:9f:
01:1c:95:8c:b6:81:24:76:0b:3a:07:65:c2:f9:e9:
4f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:4F:57:44:1F:8A:FD:4C:18:77:5F:90:F2:AF:EF:B6:5F:C3:FB:D0
X509v3 Authority Key Identifier:
keyid:C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/2U9XRB-K_UwYd1-Q8q_vtl_D-9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/yAA8l5YD986hKsoB68IFfDb9fzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.208.0/21
185.63.20.0/22
IPv6:
2a00:1558::/32
2a02:27c8::/32
Signature Algorithm: sha256WithRSAEncryption
2e:6f:16:5e:78:6e:2c:d3:ef:d2:c1:23:ef:52:31:fb:d5:d8:
41:a0:e7:00:fc:4a:ae:82:e5:be:87:75:73:25:0f:07:de:8c:
d7:c5:c8:01:79:32:a5:22:a2:b7:dd:41:aa:c2:e7:a0:dd:22:
7d:a3:4f:bc:54:7c:31:f3:b7:e5:bd:47:b7:f8:50:40:4e:33:
75:7d:8f:34:43:1f:7a:27:dc:03:02:56:c6:91:ed:22:15:53:
5a:23:11:30:23:59:4a:9b:4f:60:8e:c9:6f:78:3b:70:0f:c9:
72:7f:e4:dc:d2:67:5b:40:93:ad:72:35:65:b6:af:73:dd:fa:
54:0e:95:9d:35:e2:61:50:bd:fe:27:7e:84:09:7a:1f:44:67:
e1:6d:ab:49:a8:b6:dd:55:ae:3a:6a:8f:09:2a:1f:dc:bb:c6:
ee:aa:86:77:d8:c6:4a:32:0d:a1:26:37:d4:14:74:76:06:35:
49:8a:89:24:24:b0:38:d2:09:10:08:a6:8b:1c:ef:74:7e:bb:
6d:99:62:18:f0:ba:f3:ff:4c:16:65:1d:8b:94:74:d4:9c:7d:
84:25:88:cd:f6:b5:42:35:b0:7c:ed:13:59:15:a8:44:a7:29:
3c:f0:85:6b:89:46:ec:e7:76:26:05:3d:48:4a:40:07:ec:8e:
ac:cb:01:8e
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYi5xDP9dpJYBvXs5nGT5jf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDAzYzk3OTYwM2Y3Y2VhMTJhY2EwMWViYzIwNTdjMzZm
ZDdmMzAwHhcNMjMwNjE0MTE1NzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTRmNTc0NDFmOGFmZDRjMTg3NzVmOTBmMmFmZWZiNjVmYzNmYmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/wXO/ndrtJIatYAuU56AcD5123w
Vb7cx7z9KuANJALCj8NV4uHq7kLbBUD8VHvyHUmrYpEV2+ZWHYhWevuHNEdsVHp+
75RXtp7PoAkH1cD9UZbQ3bOJBOg2/L4NlDHZ22f9ZNZcNNPfGxUAga4JCBfugqbk
isW0LZqjvvPXdGwTfc1uJDUvBx0qswmWzVOX2Z2THhySPRVRlMs6F9CFn+JZAch1
eDqRhT9uZQZetPwSKKAaflR8aNdOrEzxb+j8VRn9hB1d2Bc5ET9hfOeF/C225GSF
nn1MOq/WqohbJCy+0/hH7LL7vjP/XWU6Xp8BHJWMtoEkdgs6B2XC+elPwQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNlPV0Qfiv1MGHdfkPKv77Zfw/vQMB8GA1UdIwQY
MBaAFMgAPJeWA/fOoSrKAevCBXw2/X8wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMt
MDcyMjg4MTJkMDE3LzEvMlU5WFJCLUtfVXdZZDEtUThxX3Z0bF9ELTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMtMDcyMjg4MTJkMDE3
LzEveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQDXo/QAwQC
uT8UMBQEAgACMA4DBQAqABVYAwUAKgInyDANBgkqhkiG9w0BAQsFAAOCAQEALm8W
XnhuLNPv0sEj71Ix+9XYQaDnAPxKroLlvod1cyUPB96M18XIAXkypSKit91BqsLn
oN0ifaNPvFR8MfO35b1Ht/hQQE4zdX2PNEMfeifcAwJWxpHtIhVTWiMRMCNZSptP
YI7Jb3g7cA/Jcn/k3NJnW0CTrXI1Zbavc936VA6VnTXiYVC9/id+hAl6H0Rn4W2r
Sai23VWuOmqPCSof3LvG7qqGd9jGSjINoSY31BR0dgY1SYqJJCSwONIJEAimixzv
dH67bZliGPC68/9MFmUdi5R01Jx9hCWIzfa1QjWwfO0TWRWoRKcpPPCFa4lG7Od2
JgU9SEpAB+yOrMsBjg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:12 2025 by rpki-client