Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/2qPvHMuoBMZrHpOg0XmQ1LaZhn8.roa
File: 2qPvHMuoBMZrHpOg0XmQ1LaZhn8.roa (raw, json)
Hash identifier: a8W9n1304gkoldpTIP1gzHVHw1YDbHaHlgVd636moLY=
Subject key identifier: DA:A3:EF:1C:CB:A8:04:C6:6B:1E:93:A0:D1:79:90:D4:B6:99:86:7F
Certificate issuer: /CN=ea9d376d5441f48b3dd508515b16fe95c5a11782
Certificate serial: 018BA398B5674FFE0C202B86DFAF6A09562D
Authority key identifier: EA:9D:37:6D:54:41:F4:8B:3D:D5:08:51:5B:16:FE:95:C5:A1:17:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6p03bVRB9Is91QhRWxb-lcWhF4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/2qPvHMuoBMZrHpOg0XmQ1LaZhn8.roa
Signing time: Mon 06 Nov 2023 07:46:15 +0000
ROA not before: Mon 06 Nov 2023 07:46:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30925
IP address blocks: 193.84.143.0/24 maxlen: 24
185.223.36.0/22 maxlen: 22
194.124.196.0/22 maxlen: 22
185.220.212.0/22 maxlen: 22
185.226.76.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a3:98:b5:67:4f:fe:0c:20:2b:86:df:af:6a:09:56:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea9d376d5441f48b3dd508515b16fe95c5a11782
Validity
Not Before: Nov 6 07:46:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=daa3ef1ccba804c66b1e93a0d17990d4b699867f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8a:ee:d4:91:3d:3a:44:c1:fb:7c:93:3d:1e:
5e:9d:ae:fa:fc:f6:ea:36:7d:80:1f:b0:1a:09:c8:
06:ea:94:12:7b:af:9e:3b:8b:be:0d:a4:d9:f5:1e:
9d:b8:9c:bd:de:e2:0d:41:22:46:c0:d1:9c:f4:b2:
dd:1a:38:03:5d:f7:c2:bc:d9:ad:7f:b6:9f:4b:66:
bb:da:03:a1:0d:7d:b4:9f:41:b7:93:22:4e:07:b9:
71:27:d2:db:9e:61:8b:fd:30:ad:f9:e2:b5:54:dd:
d1:92:f0:a4:62:3a:aa:4f:6e:ba:73:25:ad:df:85:
51:ae:f4:d9:ac:f8:41:37:44:15:87:56:5c:48:ae:
3e:9b:d9:68:1e:fb:9c:1e:5e:2a:c4:32:77:85:5e:
92:7f:f9:b3:e7:6c:25:c4:63:ee:fd:dd:00:5b:86:
ab:0b:76:a1:ac:f9:06:24:2f:9c:a6:bb:52:83:05:
eb:56:e9:1f:0d:75:a5:df:ff:1a:20:71:76:74:80:
75:2b:20:34:da:c7:61:ee:ae:a1:58:e5:c4:bf:b6:
3f:e9:17:90:b0:7d:62:16:c2:26:f3:b3:6d:e4:4c:
7f:20:11:57:bf:46:29:5c:89:5c:e5:26:3f:ca:6f:
3f:b5:d3:19:68:48:59:1b:c0:c9:e6:da:2c:2d:30:
8b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A3:EF:1C:CB:A8:04:C6:6B:1E:93:A0:D1:79:90:D4:B6:99:86:7F
X509v3 Authority Key Identifier:
keyid:EA:9D:37:6D:54:41:F4:8B:3D:D5:08:51:5B:16:FE:95:C5:A1:17:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6p03bVRB9Is91QhRWxb-lcWhF4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/2qPvHMuoBMZrHpOg0XmQ1LaZhn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/92c8a4-4a95-486d-9993-3f7aa446f7a8/1/6p03bVRB9Is91QhRWxb-lcWhF4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.212.0/22
185.223.36.0/22
185.226.76.0/22
193.84.143.0/24
194.124.196.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:cb:95:8d:d5:2c:9d:2a:7c:c5:d4:ad:0f:f4:11:0d:d6:63:
a2:49:0f:f2:20:2d:58:f6:d5:08:07:cd:f2:db:7a:9a:b3:bf:
09:bf:d1:17:2c:ee:ce:8f:da:c6:a9:4e:6c:84:45:db:89:e8:
50:35:dc:d7:09:17:b8:cb:11:7e:78:d1:ab:31:fd:99:fa:51:
0a:bf:c5:da:23:0d:47:7e:e9:cb:e1:12:0c:18:6b:3d:2b:3a:
de:6f:68:70:e1:e8:bb:da:09:ad:3c:f2:9b:29:79:31:98:6d:
40:1d:34:d5:26:38:c5:91:52:44:8c:35:a6:30:c0:12:da:7c:
d5:6a:25:10:dc:3e:1a:5b:c9:90:24:1a:b3:42:07:44:7e:cc:
fa:1b:99:6c:ce:32:bb:a8:46:d1:d8:d8:b5:06:25:c7:a5:82:
b0:79:4a:23:b1:68:f1:30:c5:ce:dd:f6:60:bd:34:6e:b5:8d:
fc:41:9d:bc:78:0c:a6:0a:de:d3:65:6a:ec:28:0e:de:23:f7:
cd:d7:bb:45:c1:fb:67:0a:a7:31:7b:01:b5:01:fa:f4:f3:11:
9f:63:a9:84:45:f9:d8:a8:bb:24:2f:8a:24:8f:49:ef:8f:96:
01:ae:ac:51:16:f4:a3:08:2b:1b:ac:75:17:30:bc:89:69:76:
c1:68:f8:ba
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYujmLVnT/4MICuG369qCVYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhOWQzNzZkNTQ0MWY0OGIzZGQ1MDg1MTViMTZmZTk1YzVh
MTE3ODIwHhcNMjMxMTA2MDc0NjE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWEzZWYxY2NiYTgwNGM2NmIxZTkzYTBkMTc5OTBkNGI2OTk4NjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYru1JE9OkTB+3yTPR5ena76/Pbq
Nn2AH7AaCcgG6pQSe6+eO4u+DaTZ9R6duJy93uINQSJGwNGc9LLdGjgDXffCvNmt
f7afS2a72gOhDX20n0G3kyJOB7lxJ9LbnmGL/TCt+eK1VN3RkvCkYjqqT266cyWt
34VRrvTZrPhBN0QVh1ZcSK4+m9loHvucHl4qxDJ3hV6Sf/mz52wlxGPu/d0AW4ar
C3ahrPkGJC+cprtSgwXrVukfDXWl3/8aIHF2dIB1KyA02sdh7q6hWOXEv7Y/6ReQ
sH1iFsIm87Nt5Ex/IBFXv0YpXIlc5SY/ym8/tdMZaEhZG8DJ5tosLTCLywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNqj7xzLqATGax6ToNF5kNS2mYZ/MB8GA1UdIwQY
MBaAFOqdN21UQfSLPdUIUVsW/pXFoReCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnAwM2JWUkI5SXM5MVFoUld4Yi1sY1doRjRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS85MmM4YTQtNGE5NS00ODZkLTk5OTMt
M2Y3YWE0NDZmN2E4LzEvMnFQdkhNdW9CTVpySHBPZzBYbVExTGFaaG44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS85MmM4YTQtNGE5NS00ODZkLTk5OTMtM2Y3YWE0NDZmN2E4
LzEvNnAwM2JWUkI5SXM5MVFoUld4Yi1sY1doRjRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCudzUAwQC
ud8kAwQCueJMAwQAwVSPAwQCwnzEMA0GCSqGSIb3DQEBCwUAA4IBAQC6y5WN1Syd
KnzF1K0P9BEN1mOiSQ/yIC1Y9tUIB83y23qas78Jv9EXLO7Oj9rGqU5shEXbiehQ
NdzXCRe4yxF+eNGrMf2Z+lEKv8XaIw1HfunL4RIMGGs9Kzreb2hw4ei72gmtPPKb
KXkxmG1AHTTVJjjFkVJEjDWmMMAS2nzVaiUQ3D4aW8mQJBqzQgdEfsz6G5lszjK7
qEbR2Ni1BiXHpYKweUojsWjxMMXO3fZgvTRutY38QZ28eAymCt7TZWrsKA7eI/fN
17tFwftnCqcxewG1Afr08xGfY6mERfnYqLskL4okj0nvj5YBrqxRFvSjCCsbrHUX
MLyJaXbBaPi6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:34 2025 by rpki-client