Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/2B2l67Qhz-Uy9dTFtDeYDT83gUs.roa
File: 2B2l67Qhz-Uy9dTFtDeYDT83gUs.roa (raw, json)
Hash identifier: 5RaIx5/fQI1YydaR4xkNYXID5d7lnCBB5WhrJVA3GFg=
Subject key identifier: D8:1D:A5:EB:B4:21:CF:E5:32:F5:D4:C5:B4:37:98:0D:3F:37:81:4B
Certificate issuer: /CN=7938dfb9eb924079bb706cb616eda572864a9e13
Certificate serial: 018354445BA00B15A1ED0B71C31BD3FE9E86
Authority key identifier: 79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/2B2l67Qhz-Uy9dTFtDeYDT83gUs.roa
Signing time: Mon 19 Sep 2022 05:41:49 +0000
ROA not before: Mon 19 Sep 2022 05:41:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44400
IP address blocks: 185.51.40.0/24 maxlen: 24
185.51.41.0/24 maxlen: 24
2a04:c140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:54:44:5b:a0:0b:15:a1:ed:0b:71:c3:1b:d3:fe:9e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7938dfb9eb924079bb706cb616eda572864a9e13
Validity
Not Before: Sep 19 05:41:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d81da5ebb421cfe532f5d4c5b437980d3f37814b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1b:58:1b:e9:fa:88:6c:1c:ff:24:f1:bf:b1:
b9:47:7a:1d:a9:be:1e:3b:d5:ca:f9:1b:f6:ee:c6:
41:2c:ac:78:ea:70:82:9a:ff:1e:fe:78:68:7d:03:
77:4f:a4:1d:b1:7e:50:7f:7a:74:37:84:6d:04:1e:
df:2d:4d:b5:82:fb:f7:98:aa:28:8c:08:ab:7f:50:
21:5a:4b:c9:55:f2:19:97:80:f8:40:6e:c3:72:4f:
11:db:6b:19:c9:33:4b:69:fa:78:9d:4e:7a:6b:b8:
5a:f9:71:81:0c:96:dd:a4:3c:fa:30:98:bb:0b:05:
6b:57:06:9b:04:92:62:da:37:68:78:a4:f9:bf:42:
7e:df:b2:75:6e:42:96:11:d5:48:d0:46:80:e0:24:
87:f7:ee:78:d1:71:7c:10:84:91:ad:93:1e:07:84:
3a:51:b4:e0:3a:c1:98:ae:ab:7e:4f:db:72:5d:f6:
f2:29:66:92:6f:6d:fb:69:60:8f:85:4d:8f:0b:58:
d9:f2:f4:de:96:d1:9e:5c:19:1c:ba:a4:f8:e5:be:
41:2e:68:0b:98:a7:12:25:77:5b:96:cc:e8:ae:9c:
05:2f:a6:e4:fa:cb:bc:1c:9e:59:82:c5:0d:af:65:
bb:1f:04:cd:d2:61:a6:a9:aa:7a:83:31:1b:72:1b:
2e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1D:A5:EB:B4:21:CF:E5:32:F5:D4:C5:B4:37:98:0D:3F:37:81:4B
X509v3 Authority Key Identifier:
keyid:79:38:DF:B9:EB:92:40:79:BB:70:6C:B6:16:ED:A5:72:86:4A:9E:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eTjfueuSQHm7cGy2Fu2lcoZKnhM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/2B2l67Qhz-Uy9dTFtDeYDT83gUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/5f53ee-fb00-4df4-9764-06da2bb06071/1/eTjfueuSQHm7cGy2Fu2lcoZKnhM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.40.0/23
IPv6:
2a04:c140::/29
Signature Algorithm: sha256WithRSAEncryption
1f:7c:01:16:ef:50:b2:ca:90:8c:9c:d7:ac:1d:89:d2:55:f3:
a7:2c:f5:ae:f0:71:74:0e:13:51:8a:a9:82:3d:68:26:e9:78:
49:92:7f:9a:fd:9d:64:ae:c9:1d:ae:12:97:b5:9a:97:9d:58:
2b:6e:17:6c:96:bc:3c:07:92:4b:89:2d:0b:83:99:f8:90:e0:
bf:57:91:8e:06:b2:80:20:10:ad:b2:a4:74:12:1d:a4:de:ed:
91:7a:cc:a9:a6:6f:4a:53:b0:0f:df:d1:4e:99:0b:58:bd:9c:
06:cc:d0:0b:38:99:29:84:ae:56:2f:27:7e:ca:62:95:ad:7f:
2c:9b:ec:d6:b2:a1:a9:f6:d1:34:8c:60:c7:16:e2:90:3f:0c:
6b:fa:51:4d:b2:b1:6a:c7:16:12:bc:ac:89:2a:ee:fe:81:67:
f5:31:9c:e0:66:45:0f:fe:f5:35:45:4f:9d:97:ba:89:0b:05:
1b:b4:5e:91:aa:34:f2:fb:2f:bf:94:43:13:39:69:1f:fb:0a:
90:02:4c:9f:98:3b:05:31:d8:b9:ef:1c:a4:ee:2e:c3:32:cd:
cc:28:ec:3f:76:ee:c2:68:92:42:91:58:a9:61:65:c5:82:f0:
a7:cc:95:db:b7:ee:c3:04:41:f8:41:d8:da:b7:7b:1a:64:bc:
ba:b6:c7:ba
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNURFugCxWh7QtxwxvT/p6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MzhkZmI5ZWI5MjQwNzliYjcwNmNiNjE2ZWRhNTcyODY0
YTllMTMwHhcNMjIwOTE5MDU0MTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFkYTVlYmI0MjFjZmU1MzJmNWQ0YzViNDM3OTgwZDNmMzc4MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBtYG+n6iGwc/yTxv7G5R3odqb4e
O9XK+Rv27sZBLKx46nCCmv8e/nhofQN3T6QdsX5Qf3p0N4RtBB7fLU21gvv3mKoo
jAirf1AhWkvJVfIZl4D4QG7Dck8R22sZyTNLafp4nU56a7ha+XGBDJbdpDz6MJi7
CwVrVwabBJJi2jdoeKT5v0J+37J1bkKWEdVI0EaA4CSH9+540XF8EISRrZMeB4Q6
UbTgOsGYrqt+T9tyXfbyKWaSb237aWCPhU2PC1jZ8vTeltGeXBkcuqT45b5BLmgL
mKcSJXdblszorpwFL6bk+su8HJ5ZgsUNr2W7HwTN0mGmqap6gzEbchsuVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNgdpeu0Ic/lMvXUxbQ3mA0/N4FLMB8GA1UdIwQY
MBaAFHk437nrkkB5u3BsthbtpXKGSp4TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQt
MDZkYTJiYjA2MDcxLzEvMkIybDY3UWh6LVV5OWRURnREZVlEVDgzZ1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81ZjUzZWUtZmIwMC00ZGY0LTk3NjQtMDZkYTJiYjA2MDcx
LzEvZVRqZnVldVNRSG03Y0d5MkZ1Mmxjb1pLbmhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuTMoMA0E
AgACMAcDBQMqBMFAMA0GCSqGSIb3DQEBCwUAA4IBAQAffAEW71CyypCMnNesHYnS
VfOnLPWu8HF0DhNRiqmCPWgm6XhJkn+a/Z1krskdrhKXtZqXnVgrbhdslrw8B5JL
iS0Lg5n4kOC/V5GOBrKAIBCtsqR0Eh2k3u2Resyppm9KU7AP39FOmQtYvZwGzNAL
OJkphK5WLyd+ymKVrX8sm+zWsqGp9tE0jGDHFuKQPwxr+lFNsrFqxxYSvKyJKu7+
gWf1MZzgZkUP/vU1RU+dl7qJCwUbtF6RqjTy+y+/lEMTOWkf+wqQAkyfmDsFMdi5
7xyk7i7DMs3MKOw/du7CaJJCkVipYWXFgvCnzJXbt+7DBEH4Qdjat3saZLy6tse6
-----END CERTIFICATE-----
Generated at Sun Apr 13 17:19:21 2025 by rpki-client