Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/2i3MRhpg7VQ5Smcv1NWNblEcbTs.roa
File: 2i3MRhpg7VQ5Smcv1NWNblEcbTs.roa (raw, json)
Hash identifier: LQdZ/KcAqqihEOkLRxHQrc0TWlCRbFTsj5+1cnzx75I=
Subject key identifier: DA:2D:CC:46:1A:60:ED:54:39:4A:67:2F:D4:D5:8D:6E:51:1C:6D:3B
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 0184086A413D1F1C58A7E543C4F64B7F8E73
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/2i3MRhpg7VQ5Smcv1NWNblEcbTs.roa
Signing time: Mon 24 Oct 2022 05:14:51 +0000
ROA not before: Mon 24 Oct 2022 05:14:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5398
IP address blocks: 193.221.216.0/23 maxlen: 23
46.21.20.0/23 maxlen: 23
2a0f:e880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:08:6a:41:3d:1f:1c:58:a7:e5:43:c4:f6:4b:7f:8e:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Oct 24 05:14:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da2dcc461a60ed54394a672fd4d58d6e511c6d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b9:02:89:bf:f6:91:1c:9c:6c:94:55:f5:06:
f0:78:34:ac:8d:37:53:b8:47:ce:ca:b1:a8:bf:1c:
55:1e:f3:52:1d:e6:1e:e3:3a:ab:5f:f8:86:78:0f:
cd:0e:de:05:71:5c:13:0e:5b:5a:dd:5f:d0:89:b0:
72:c9:0a:fe:88:c3:ca:d0:51:cf:4e:26:1b:65:a8:
21:b8:d4:3c:40:73:c3:31:1c:72:cb:91:9f:d8:88:
4e:43:2b:43:69:27:60:db:4c:96:ec:8f:4d:cd:e9:
1d:0c:5a:94:7d:c3:81:bf:6b:3a:21:71:92:3e:58:
87:79:9b:2c:2e:f5:38:a0:83:ce:4b:ab:0c:d0:eb:
ea:87:37:54:ac:e5:48:86:01:2c:1c:ac:81:35:77:
78:9f:9a:69:01:6a:01:ba:06:b9:d0:81:91:c4:37:
b7:7e:6c:4e:91:be:6e:e7:bd:d3:93:88:b3:d5:9d:
b5:7b:40:55:fc:40:a8:d4:de:7e:99:ef:df:e1:13:
03:61:d9:18:62:29:69:06:2f:f8:04:97:32:c8:f0:
e9:54:d7:2a:fd:6c:58:d4:db:89:22:1d:62:58:bd:
ba:ec:6b:9c:7a:c3:f6:45:37:b7:d1:21:11:08:8a:
0d:41:f7:7a:57:09:ab:3a:d9:7c:0e:69:77:56:8b:
f2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:2D:CC:46:1A:60:ED:54:39:4A:67:2F:D4:D5:8D:6E:51:1C:6D:3B
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/2i3MRhpg7VQ5Smcv1NWNblEcbTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.20.0/23
193.221.216.0/23
IPv6:
2a0f:e880::/29
Signature Algorithm: sha256WithRSAEncryption
00:f4:fd:c5:51:96:cb:bd:5d:43:37:29:a6:28:0a:12:4e:43:
3b:c0:a5:13:93:b0:01:0c:c1:aa:cd:f0:28:05:c2:ff:ba:9e:
09:be:ee:de:93:41:ad:e4:61:59:f5:99:47:55:6d:99:be:b7:
67:4b:69:a2:e0:d5:f6:a0:7a:9b:94:3f:b5:6c:2b:e5:0d:6e:
f2:4a:ce:8a:d0:48:60:07:71:4f:ed:9c:85:5e:e1:84:de:c6:
1a:33:37:48:09:7a:09:d2:3d:93:cc:8f:86:01:71:94:99:e4:
01:88:15:cb:e3:b4:6b:38:c1:05:e5:e7:c1:53:c7:73:9c:c6:
b9:17:40:bb:24:c9:e5:03:77:59:85:16:88:b1:6e:04:3b:05:
08:82:3c:cf:ad:03:d8:f4:81:c8:6a:b6:64:8c:22:5f:fa:06:
1c:5f:99:e1:c7:d0:af:07:5a:7e:8d:96:53:bb:d8:fc:2d:01:
90:5a:76:cd:6b:0d:33:e9:a3:44:30:67:32:df:20:9e:0c:9d:
61:cf:26:81:60:f6:5e:78:3a:a7:a4:45:20:a5:69:84:c1:46:
73:e2:7f:85:88:e3:bd:40:78:cf:3f:51:14:bc:36:9c:1b:21:
60:17:5f:ff:66:21:65:ea:ab:d5:52:8b:7d:b2:7d:ed:41:7a:
b4:51:77:46
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYQIakE9HxxYp+VDxPZLf45zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjIxMDI0MDUxNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTJkY2M0NjFhNjBlZDU0Mzk0YTY3MmZkNGQ1OGQ2ZTUxMWM2ZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbkCib/2kRycbJRV9QbweDSsjTdT
uEfOyrGovxxVHvNSHeYe4zqrX/iGeA/NDt4FcVwTDlta3V/QibByyQr+iMPK0FHP
TiYbZaghuNQ8QHPDMRxyy5Gf2IhOQytDaSdg20yW7I9NzekdDFqUfcOBv2s6IXGS
PliHeZssLvU4oIPOS6sM0OvqhzdUrOVIhgEsHKyBNXd4n5ppAWoBuga50IGRxDe3
fmxOkb5u573Tk4iz1Z21e0BV/ECo1N5+me/f4RMDYdkYYilpBi/4BJcyyPDpVNcq
/WxY1NuJIh1iWL267GucesP2RTe30SERCIoNQfd6VwmrOtl8Dml3VovyswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNotzEYaYO1UOUpnL9TVjW5RHG07MB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvMmkzTVJocGc3VlE1U21jdjFOV05ibEVjYlRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLhUUAwQB
wd3YMA0EAgACMAcDBQMqD+iAMA0GCSqGSIb3DQEBCwUAA4IBAQAA9P3FUZbLvV1D
NymmKAoSTkM7wKUTk7ABDMGqzfAoBcL/up4Jvu7ek0Gt5GFZ9ZlHVW2ZvrdnS2mi
4NX2oHqblD+1bCvlDW7ySs6K0EhgB3FP7ZyFXuGE3sYaMzdICXoJ0j2TzI+GAXGU
meQBiBXL47RrOMEF5efBU8dznMa5F0C7JMnlA3dZhRaIsW4EOwUIgjzPrQPY9IHI
arZkjCJf+gYcX5nhx9CvB1p+jZZTu9j8LQGQWnbNaw0z6aNEMGcy3yCeDJ1hzyaB
YPZeeDqnpEUgpWmEwUZz4n+FiOO9QHjPP1EUvDacGyFgF1//ZiFl6qvVUot9sn3t
QXq0UXdG
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:50 2025 by rpki-client