Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/2xft-F5d-5tjyLPEyUPirz7-b3M.roa
File: 2xft-F5d-5tjyLPEyUPirz7-b3M.roa (raw, json)
Hash identifier: JcrrGExQr3b87nVEKYY3JRFYXWNlzb1+Au/cpHMHNl4=
Subject key identifier: DB:17:ED:F8:5E:5D:FB:9B:63:C8:B3:C4:C9:43:E2:AF:3E:FE:6F:73
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 01821A752D85B2D8E3FD6591345C90A54AB3
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/2xft-F5d-5tjyLPEyUPirz7-b3M.roa
Signing time: Wed 20 Jul 2022 07:14:23 +0000
ROA not before: Wed 20 Jul 2022 07:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34871
IP address blocks: 195.238.247.0/24 maxlen: 24
185.240.148.0/22 maxlen: 22
185.240.151.0/24 maxlen: 24
185.240.150.0/24 maxlen: 24
195.238.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1a:75:2d:85:b2:d8:e3:fd:65:91:34:5c:90:a5:4a:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jul 20 07:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db17edf85e5dfb9b63c8b3c4c943e2af3efe6f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a2:e8:cd:15:c3:6f:1d:4a:78:e8:f5:bc:bc:
21:cd:ae:29:9f:cf:fb:00:3b:b4:b6:62:4f:05:6e:
94:ca:d3:6a:bc:fd:bd:f8:31:56:fd:a9:13:5c:22:
5f:28:43:52:40:1a:98:a6:ba:43:1b:0a:b7:82:b9:
61:da:53:cd:32:cd:bb:94:58:2a:ae:1a:db:29:80:
5c:b3:d0:01:69:f5:b9:4b:a3:72:88:b0:0a:e9:61:
31:a6:d0:c5:5e:14:2c:44:6a:05:66:24:85:e9:56:
a2:51:99:1d:6b:b9:32:eb:f8:43:5f:78:c1:66:24:
0a:8b:0e:4c:f0:61:8a:3f:1c:56:62:db:be:6d:71:
03:a4:e5:05:e9:98:b8:92:3e:97:22:09:0c:f5:c5:
9e:0d:90:3b:1e:01:a8:f0:e9:1b:fe:38:aa:67:6e:
a1:df:51:fd:7a:a6:ff:41:0b:fd:8d:90:ac:bf:cb:
9e:73:dc:1f:70:cd:4b:c1:56:cf:02:a2:47:8b:4c:
bd:74:da:62:5f:77:2f:05:04:df:ff:7a:1d:64:aa:
d0:e7:44:1a:e6:10:da:cc:b7:73:eb:e3:89:48:ac:
02:07:c1:46:53:13:52:a8:52:8f:19:7f:e4:44:78:
f4:c3:da:91:85:e7:e2:a9:59:d6:9e:fd:93:86:ff:
ce:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:17:ED:F8:5E:5D:FB:9B:63:C8:B3:C4:C9:43:E2:AF:3E:FE:6F:73
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/2xft-F5d-5tjyLPEyUPirz7-b3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.148.0/22
195.238.240.0/24
195.238.247.0/24
Signature Algorithm: sha256WithRSAEncryption
21:26:0c:14:58:68:aa:25:cf:61:94:cf:80:5d:9e:7f:1d:2c:
55:3b:a8:88:a1:10:2b:d6:31:4a:10:8b:18:44:d2:d0:f3:17:
78:10:86:bb:78:88:d0:61:44:cd:a6:3f:80:21:cf:29:56:af:
aa:64:d4:9b:ac:72:2d:71:07:45:7b:7c:6b:14:23:0e:41:6b:
e7:46:1f:48:2d:f7:b7:de:5f:13:4c:78:ec:8c:cf:4f:8b:34:
5e:bc:45:fc:ec:7f:88:d3:ce:e5:b5:83:81:27:ae:1a:5f:51:
ca:53:de:38:80:ef:f1:8d:07:99:d4:8d:02:ab:60:13:47:b4:
78:0d:6a:ab:86:3d:51:fe:6a:b2:ca:c8:13:f7:77:a1:62:79:
2a:5b:0d:b6:f9:c6:ff:8b:17:19:e5:98:fa:a6:17:23:ad:66:
94:b1:7e:5e:0a:cb:8b:88:7a:e3:3f:9f:f5:ff:ab:5c:24:5d:
ae:54:73:3e:69:e1:16:b3:e1:30:c4:9b:10:e3:23:ca:0a:25:
34:96:e1:9d:63:46:00:7b:5b:a3:e5:d7:ee:83:a5:dc:2b:41:
5e:bb:72:21:0a:3b:0f:72:ac:9e:5f:6a:fa:af:df:7f:4f:09:
c2:03:6c:4a:a6:04:0f:c1:6d:4f:bd:df:19:21:a5:39:3e:a0:
5e:51:68:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYIadS2Fstjj/WWRNFyQpUqzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjIwNzIwMDcxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjE3ZWRmODVlNWRmYjliNjNjOGIzYzRjOTQzZTJhZjNlZmU2ZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKLozRXDbx1KeOj1vLwhza4pn8/7
ADu0tmJPBW6UytNqvP29+DFW/akTXCJfKENSQBqYprpDGwq3grlh2lPNMs27lFgq
rhrbKYBcs9ABafW5S6NyiLAK6WExptDFXhQsRGoFZiSF6VaiUZkda7ky6/hDX3jB
ZiQKiw5M8GGKPxxWYtu+bXEDpOUF6Zi4kj6XIgkM9cWeDZA7HgGo8Okb/jiqZ26h
31H9eqb/QQv9jZCsv8uec9wfcM1LwVbPAqJHi0y9dNpiX3cvBQTf/3odZKrQ50Qa
5hDazLdz6+OJSKwCB8FGUxNSqFKPGX/kRHj0w9qRhefiqVnWnv2Thv/OtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNsX7fheXfubY8izxMlD4q8+/m9zMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvMnhmdC1GNWQtNXRqeUxQRXlVUGlyejctYjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCufCUAwQA
w+7wAwQAw+73MA0GCSqGSIb3DQEBCwUAA4IBAQAhJgwUWGiqJc9hlM+AXZ5/HSxV
O6iIoRAr1jFKEIsYRNLQ8xd4EIa7eIjQYUTNpj+AIc8pVq+qZNSbrHItcQdFe3xr
FCMOQWvnRh9ILfe33l8TTHjsjM9PizRevEX87H+I087ltYOBJ64aX1HKU944gO/x
jQeZ1I0Cq2ATR7R4DWqrhj1R/mqyysgT93ehYnkqWw22+cb/ixcZ5Zj6phcjrWaU
sX5eCsuLiHrjP5/1/6tcJF2uVHM+aeEWs+EwxJsQ4yPKCiU0luGdY0YAe1uj5dfu
g6XcK0Feu3IhCjsPcqyeX2r6r99/TwnCA2xKpgQPwW1Pvd8ZIaU5PqBeUWhd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:58 2025 by rpki-client