Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/m2drquwDKU7Nl1Ka9UMQBayOxUE.roa
File: m2drquwDKU7Nl1Ka9UMQBayOxUE.roa (raw, json)
Hash identifier: pwFFO9GzXwgkcryY4GBCLUCG9uQPuodB9kvBmDZtTaQ=
Subject key identifier: 9B:67:6B:AA:EC:03:29:4E:CD:97:52:9A:F5:43:10:05:AC:8E:C5:41
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 01859CB401E39E35495D7425728673D32C99
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/m2drquwDKU7Nl1Ka9UMQBayOxUE.roa
Signing time: Tue 10 Jan 2023 17:22:00 +0000
ROA not before: Tue 10 Jan 2023 17:22:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202613
IP address blocks: 176.107.152.0/21 maxlen: 24
195.231.96.0/19 maxlen: 24
80.73.232.0/21 maxlen: 24
185.58.120.0/22 maxlen: 24
95.110.180.0/22 maxlen: 24
195.231.40.0/21 maxlen: 24
217.198.128.0/20 maxlen: 24
2a00:6d43::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:b4:01:e3:9e:35:49:5d:74:25:72:86:73:d3:2c:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 10 17:22:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9b676baaec03294ecd97529af5431005ac8ec541
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ab:e5:51:18:13:4b:1f:09:3c:d1:7c:1f:8a:
a0:ab:96:9f:2c:11:ec:76:cc:cf:67:d1:2b:ef:61:
c5:a7:57:9f:8f:a2:75:80:30:7c:7f:5f:b5:3f:18:
ea:87:08:18:26:51:51:2e:86:66:50:23:32:b6:8a:
a0:3d:8e:80:4a:c3:ef:ae:d0:ea:1d:1a:70:fb:fa:
65:b3:9a:4c:83:d2:e7:6a:4f:2d:e7:be:ee:24:35:
3e:8c:e7:d2:ed:6b:95:87:9c:0d:14:37:b0:58:a9:
e3:0e:ed:2e:2f:2d:dc:0c:52:30:e8:84:b0:62:6f:
a0:ac:80:8a:cf:2f:82:8c:fa:76:19:fe:10:d3:c2:
90:53:c8:3c:c1:86:2a:1d:8f:89:83:29:73:89:9c:
05:fd:27:9d:7a:66:54:eb:5e:90:d4:19:e7:e0:8a:
d9:bf:e7:a7:c3:f4:77:e5:24:8f:4e:de:63:67:58:
19:30:aa:c1:94:df:c1:f8:1f:38:d1:13:8d:89:02:
1a:3a:a0:5e:85:34:9c:07:9a:a3:61:16:ae:36:9e:
9e:99:5a:8c:3a:3e:34:81:2c:72:6f:8e:9a:5a:34:
d7:ae:31:e7:13:38:38:19:59:3d:8d:3c:0e:04:98:
b6:93:3e:98:66:4d:61:53:3d:4f:74:2a:1b:10:4a:
04:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:67:6B:AA:EC:03:29:4E:CD:97:52:9A:F5:43:10:05:AC:8E:C5:41
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/m2drquwDKU7Nl1Ka9UMQBayOxUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.232.0/21
95.110.180.0/22
176.107.152.0/21
185.58.120.0/22
195.231.40.0/21
195.231.96.0/19
217.198.128.0/20
IPv6:
2a00:6d43::/32
Signature Algorithm: sha256WithRSAEncryption
af:06:ae:f2:4f:ed:5d:09:3f:28:eb:c7:62:f1:58:f3:cf:5b:
8c:eb:95:69:48:e3:d5:dc:49:91:81:b6:6a:e6:63:c3:8d:ec:
82:4e:22:b8:30:e1:9f:4f:d1:46:30:d9:6c:3d:f7:7e:9a:28:
59:13:62:ca:a5:7b:cd:5a:78:d4:2f:18:98:ed:18:f5:55:99:
35:0e:77:c9:cd:c6:22:10:8d:82:fd:bf:2f:d6:95:c8:cc:83:
68:0c:bd:2c:bf:31:f1:6d:52:63:a4:92:dd:d1:3f:a2:64:97:
d9:0d:37:2b:cd:9f:3a:0b:b8:29:13:32:63:b8:51:11:00:85:
65:c9:69:af:48:55:f2:e4:f0:75:cd:ce:b7:fe:f3:e6:38:30:
f1:00:20:cc:2d:ba:0c:99:c3:fb:cd:02:ef:e0:24:a0:e5:6b:
52:62:28:e1:5e:b3:ea:f5:cc:f0:d8:ac:0e:c2:74:e7:1c:d6:
e4:6c:e6:07:27:a4:36:bc:02:db:9e:b6:c6:f4:58:cb:f2:39:
7b:36:8a:c2:16:f2:21:6d:09:2f:2a:b6:c6:bb:e5:34:f6:fa:
44:7d:aa:54:09:af:eb:ee:0c:f9:c1:9e:db:b9:3a:dd:e6:77:
8f:28:b4:6c:0d:da:ca:f2:3a:e0:9a:12:bb:8e:5b:c8:81:5a:
ab:3c:ab:1d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYWctAHjnjVJXXQlcoZz0yyZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMwMTEwMTcyMjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjY3NmJhYWVjMDMyOTRlY2Q5NzUyOWFmNTQzMTAwNWFjOGVjNTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6vlURgTSx8JPNF8H4qgq5afLBHs
dszPZ9Er72HFp1efj6J1gDB8f1+1PxjqhwgYJlFRLoZmUCMytoqgPY6ASsPvrtDq
HRpw+/pls5pMg9Lnak8t577uJDU+jOfS7WuVh5wNFDewWKnjDu0uLy3cDFIw6ISw
Ym+grICKzy+CjPp2Gf4Q08KQU8g8wYYqHY+JgylziZwF/SedemZU616Q1Bnn4IrZ
v+enw/R35SSPTt5jZ1gZMKrBlN/B+B840RONiQIaOqBehTScB5qjYRauNp6emVqM
Oj40gSxyb46aWjTXrjHnEzg4GVk9jTwOBJi2kz6YZk1hUz1PdCobEEoEcQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFJtna6rsAylOzZdSmvVDEAWsjsVBMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvbTJkcnF1d0RLVTdObDFLYTlVTVFCYXlPeFVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDUEnoAwQC
X260AwQDsGuYAwQCuTp4AwQDw+coAwQFw+dgAwQE2caAMA0EAgACMAcDBQAqAG1D
MA0GCSqGSIb3DQEBCwUAA4IBAQCvBq7yT+1dCT8o68di8Vjzz1uM65VpSOPV3EmR
gbZq5mPDjeyCTiK4MOGfT9FGMNlsPfd+mihZE2LKpXvNWnjULxiY7Rj1VZk1DnfJ
zcYiEI2C/b8v1pXIzINoDL0svzHxbVJjpJLd0T+iZJfZDTcrzZ86C7gpEzJjuFER
AIVlyWmvSFXy5PB1zc63/vPmODDxACDMLboMmcP7zQLv4CSg5WtSYijhXrPq9czw
2KwOwnTnHNbkbOYHJ6Q2vALbnrbG9FjL8jl7NorCFvIhbQkvKrbGu+U09vpEfapU
Ca/r7gz5wZ7buTrd5nePKLRsDdrK8jrgmhK7jlvIgVqrPKsd
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:33 2025 by rpki-client