Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/acgFPXDjlXf2KxBC-qk3-6-Of2A.roa
File: acgFPXDjlXf2KxBC-qk3-6-Of2A.roa (raw, json)
Hash identifier: w1zPls7flsq6b7SgUYlHoPPgG4jrwLfNWCh0IYW+oeU=
Subject key identifier: 69:C8:05:3D:70:E3:95:77:F6:2B:10:42:FA:A9:37:FB:AF:8E:7F:60
Certificate issuer: /CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705
Certificate serial: 02152C17
Authority key identifier: 2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/acgFPXDjlXf2KxBC-qk3-6-Of2A.roa
Signing time: Sat 01 Jan 2022 14:58:43 +0000
ROA not before: Sat 01 Jan 2022 14:58:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5482
IP address blocks: 193.36.4.0/22 maxlen: 22
45.9.23.0/24 maxlen: 24
2a0b:6dc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34941975 (0x2152c17)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc291b8db6cfddf6dd2a1d55b226d49492a2705
Validity
Not Before: Jan 1 14:58:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69c8053d70e39577f62b1042faa937fbaf8e7f60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:ac:63:00:0c:04:59:58:23:7b:1a:bb:5c:2a:
6f:c5:3c:6a:cd:87:7c:49:36:a8:0b:99:f8:c0:2c:
da:40:71:5d:e5:bf:29:29:0b:fa:f9:c9:fc:ab:97:
1a:8b:05:6b:45:48:43:57:c3:94:fa:89:c2:5b:35:
e9:fd:a1:cf:21:c4:a2:85:da:93:4b:46:40:0e:fe:
8e:ff:1a:69:ac:2d:08:2f:06:76:a4:8b:35:2b:ea:
5e:46:64:0e:04:0f:94:16:7a:1e:bf:30:7d:03:45:
55:9b:2a:01:44:81:83:0f:f6:c5:cb:0c:f6:56:70:
32:3d:99:c1:48:80:88:10:98:b9:f1:5c:ef:23:85:
54:39:5c:4c:ab:bf:e1:a5:c6:4b:f3:5f:72:6f:26:
2c:32:b0:cf:92:74:52:9b:7d:17:71:24:63:1f:12:
e1:6c:f2:ba:83:b3:83:25:bc:cb:92:8c:ca:77:a0:
52:48:0a:b1:b5:37:2a:93:1a:17:81:af:ea:4e:dc:
0d:b0:43:00:91:db:16:57:a7:5c:cb:4b:e2:31:2f:
9c:04:88:cb:f5:2c:cf:b3:19:5e:46:d7:3b:47:82:
86:cf:78:58:fe:02:b2:16:ec:7b:d2:99:54:97:c5:
13:ce:6b:0d:e6:70:c8:14:6a:65:93:ea:0d:70:cc:
6f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:C8:05:3D:70:E3:95:77:F6:2B:10:42:FA:A9:37:FB:AF:8E:7F:60
X509v3 Authority Key Identifier:
keyid:2D:C2:91:B8:DB:6C:FD:DF:6D:D2:A1:D5:5B:22:6D:49:49:2A:27:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcKRuNts_d9t0qHVWyJtSUkqJwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/acgFPXDjlXf2KxBC-qk3-6-Of2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/41a843-7524-455b-be22-2b170e95c2b7/1/LcKRuNts_d9t0qHVWyJtSUkqJwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.23.0/24
193.36.4.0/22
IPv6:
2a0b:6dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:07:d9:d7:00:80:21:eb:28:92:58:fc:8d:7c:b3:e5:77:1e:
7c:42:05:f9:8a:22:68:61:10:fc:e8:f4:b8:78:1a:f1:a4:e5:
ad:61:d2:87:99:3b:42:5e:3e:f5:84:9f:25:cd:59:65:a0:79:
27:88:f5:62:43:11:cb:66:47:3a:47:35:7b:36:df:ef:40:6b:
2e:b0:a2:c1:df:21:96:44:80:39:7f:21:67:5a:86:89:a0:44:
4d:fd:88:fc:17:e4:46:c2:2c:e4:50:39:3a:5c:7b:ce:91:cf:
6c:84:10:db:e6:96:ce:43:e0:8a:98:9f:5b:3c:20:36:41:dc:
b9:f7:e5:6d:01:b9:e2:cc:ba:2b:d0:ee:ab:61:bb:5a:92:ab:
18:ed:1f:06:9d:c0:a4:0c:b2:1d:9a:7e:26:5b:69:45:79:5c:
a3:3c:97:ba:2e:79:39:b5:d5:8c:90:7a:4b:33:0a:2a:f6:5e:
63:19:1b:4b:9a:a7:bc:13:a2:25:8e:15:9d:b1:00:61:6e:29:
f9:bd:ae:05:79:7a:a0:b1:7c:18:97:3f:36:40:fd:d5:c7:2e:
a2:5d:87:2c:35:5a:c3:d8:15:a3:ae:f0:ac:aa:32:f5:a0:db:
fd:4a:ab:bc:11:20:8e:17:a1:52:d0:22:b3:b4:54:b5:60:d4:
fc:bc:8c:48
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAhUsFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZGMyOTFiOGRiNmNmZGRmNmRkMmExZDU1YjIyNmQ0OTQ5MmEyNzA1MB4XDTIyMDEw
MTE0NTg0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjljODA1M2Q3MGUz
OTU3N2Y2MmIxMDQyZmFhOTM3ZmJhZjhlN2Y2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2sYwAMBFlYI3sau1wqb8U8as2HfEk2qAuZ+MAs2kBxXeW/
KSkL+vnJ/KuXGosFa0VIQ1fDlPqJwls16f2hzyHEooXak0tGQA7+jv8aaawtCC8G
dqSLNSvqXkZkDgQPlBZ6Hr8wfQNFVZsqAUSBgw/2xcsM9lZwMj2ZwUiAiBCYufFc
7yOFVDlcTKu/4aXGS/Nfcm8mLDKwz5J0Upt9F3EkYx8S4WzyuoOzgyW8y5KMyneg
UkgKsbU3KpMaF4Gv6k7cDbBDAJHbFlenXMtL4jEvnASIy/Usz7MZXkbXO0eChs94
WP4Cshbse9KZVJfFE85rDeZwyBRqZZPqDXDMb48CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRpyAU9cOOVd/YrEEL6qTf7r45/YDAfBgNVHSMEGDAWgBQtwpG422z9323S
odVbIm1JSSonBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xjS1J1TnRzX2Q5dDBxSFZXeUp0U1VrcUp3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvNDFhODQzLTc1MjQtNDU1Yi1iZTIyLTJiMTcwZTk1YzJiNy8x
L2FjZ0ZQWERqbFhmMkt4QkMtcWszLTYtT2YyQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
NDFhODQzLTc1MjQtNDU1Yi1iZTIyLTJiMTcwZTk1YzJiNy8xL0xjS1J1TnRzX2Q5
dDBxSFZXeUp0U1VrcUp3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAC0JFwMEAsEkBDANBAIAAjAHAwUD
KgttwDANBgkqhkiG9w0BAQsFAAOCAQEAjQfZ1wCAIesoklj8jXyz5XcefEIF+Yoi
aGEQ/Oj0uHga8aTlrWHSh5k7Ql4+9YSfJc1ZZaB5J4j1YkMRy2ZHOkc1ezbf70Br
LrCiwd8hlkSAOX8hZ1qGiaBETf2I/BfkRsIs5FA5Olx7zpHPbIQQ2+aWzkPgipif
WzwgNkHcufflbQG54sy6K9Duq2G7WpKrGO0fBp3ApAyyHZp+JltpRXlcozyXui55
ObXVjJB6SzMKKvZeYxkbS5qnvBOiJY4VnbEAYW4p+b2uBXl6oLF8GJc/NkD91ccu
ol2HLDVaw9gVo67wrKoy9aDb/UqrvBEgjhehUtAis7RUtWDU/LyMSA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:10 2025 by rpki-client