Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/2q_Q-JdQ1r6ePPMzn-tJaHVXRRI.roa
File: 2q_Q-JdQ1r6ePPMzn-tJaHVXRRI.roa (raw, json)
Hash identifier: V256dEU29+KeIcLStO8FBhF8WdeAExeshHkc99dGSCQ=
Subject key identifier: DA:AF:D0:F8:97:50:D6:BE:9E:3C:F3:33:9F:EB:49:68:75:57:45:12
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 4D02070C
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/2q_Q-JdQ1r6ePPMzn-tJaHVXRRI.roa
Signing time: Sat 01 Jan 2022 15:56:16 +0000
ROA not before: Sat 01 Jan 2022 15:56:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50427
IP address blocks: 109.226.248.0/24 maxlen: 24
185.84.175.0/24 maxlen: 24
185.84.174.0/24 maxlen: 24
185.84.174.0/23 maxlen: 23
193.106.170.0/24 maxlen: 24
193.106.171.0/24 maxlen: 24
193.106.168.0/22 maxlen: 22
193.106.168.0/24 maxlen: 24
193.106.169.0/24 maxlen: 24
2a05:7401::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1291978508 (0x4d02070c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 1 15:56:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=daafd0f89750d6be9e3cf3339feb496875574512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:47:55:2d:51:a3:2e:5e:e2:88:5d:de:ee:38:
f1:b1:9e:b4:85:09:a2:d4:44:84:c1:55:cd:c1:70:
7d:a9:73:f6:f3:f3:3e:d4:9e:f8:36:31:d4:23:b8:
32:13:59:bf:1e:1a:7a:fc:75:83:76:2d:0b:76:c7:
ed:e0:43:28:94:96:0e:a8:eb:f4:21:f3:cb:a8:69:
35:05:07:51:77:5c:d7:1d:ca:0a:30:6d:cf:75:dc:
47:52:bf:0c:07:66:77:77:eb:fb:0c:e1:bd:53:ba:
89:81:42:28:50:96:90:be:e9:82:aa:19:4f:41:15:
8f:6d:fa:16:48:29:8b:32:7b:e6:da:d5:f6:be:b2:
2b:0f:27:4c:53:ab:a7:28:12:5b:7f:11:e9:5b:8c:
b6:6c:0d:68:12:43:f4:70:e4:47:45:6d:ce:e4:5f:
dd:f6:d8:06:c1:69:c8:e4:e4:17:c1:21:1c:2f:60:
4e:f6:8e:6a:3a:44:1d:bd:4b:2d:b9:db:b2:62:a4:
c4:50:3c:3a:e6:f2:b1:23:cb:b4:54:9c:85:dd:81:
c9:78:d9:c5:c7:82:c7:0f:d3:29:8c:db:cb:0d:66:
ed:4a:38:4d:90:f6:50:a1:7f:23:84:18:65:4c:23:
7f:bc:ef:af:ec:a7:1d:67:e1:28:ba:ef:f1:4a:b9:
9b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:AF:D0:F8:97:50:D6:BE:9E:3C:F3:33:9F:EB:49:68:75:57:45:12
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/2q_Q-JdQ1r6ePPMzn-tJaHVXRRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.226.248.0/24
185.84.174.0/23
193.106.168.0/22
IPv6:
2a05:7401::/34
Signature Algorithm: sha256WithRSAEncryption
c5:bf:97:08:c6:a2:4f:34:dd:ba:c0:55:6b:85:5e:93:23:35:
60:a7:c3:a3:f9:0d:d8:d6:5f:f8:91:2b:58:1d:50:d7:4b:87:
47:8d:91:1c:c4:f2:e6:ce:11:b5:20:fc:c3:2a:a1:5f:c5:ae:
b9:d0:1b:d1:26:65:bb:5d:ba:26:c8:67:5c:3a:9a:da:41:ad:
b7:98:7b:31:04:fa:92:ba:8b:12:45:a6:6a:40:f3:b5:fa:a8:
96:a5:ab:ba:b3:9f:19:52:80:f6:68:37:da:75:3c:90:84:cf:
0d:f1:09:74:cc:cc:86:9a:f9:d9:25:60:8e:d6:e3:af:5d:a2:
7f:7d:3f:47:d8:0a:8b:a0:f6:c6:78:17:7d:fd:9c:b1:e5:47:
4b:da:60:34:2e:fe:24:1c:20:22:df:d4:e9:9a:d9:d9:b2:a9:
dc:19:23:43:95:b5:68:20:6b:a7:e3:65:70:d0:96:b5:19:69:
cc:0d:76:f5:12:d0:84:7f:29:2b:95:42:09:a2:35:e9:41:fd:
6c:c3:8b:fc:6e:41:0b:fd:52:c8:6a:95:e1:2a:4b:ac:b7:f6:
eb:20:79:e5:54:66:97:ba:3b:83:60:5a:d6:40:85:0e:4d:eb:
50:84:df:13:2b:ea:27:4d:fa:0e:52:1e:be:a1:39:23:bb:f3:
2c:3e:04:fd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIETQIHDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTdmNzQ3ZGY1ZjI0MzUzMTU0ZGM0ZDRiZjcwZDJkZGNiNTNlOTAwMB4XDTIyMDEw
MTE1NTYxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFhZmQwZjg5NzUw
ZDZiZTllM2NmMzMzOWZlYjQ5Njg3NTU3NDUxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhHVS1Roy5e4ohd3u448bGetIUJotREhMFVzcFwfalz9vPz
PtSe+DYx1CO4MhNZvx4aevx1g3YtC3bH7eBDKJSWDqjr9CHzy6hpNQUHUXdc1x3K
CjBtz3XcR1K/DAdmd3fr+wzhvVO6iYFCKFCWkL7pgqoZT0EVj236FkgpizJ75trV
9r6yKw8nTFOrpygSW38R6VuMtmwNaBJD9HDkR0VtzuRf3fbYBsFpyOTkF8EhHC9g
TvaOajpEHb1LLbnbsmKkxFA8OubysSPLtFSchd2ByXjZxceCxw/TKYzbyw1m7Uo4
TZD2UKF/I4QYZUwjf7zvr+ynHWfhKLrv8Uq5m0MCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBTar9D4l1DWvp488zOf60lodVdFEjAfBgNVHSMEGDAWgBSuf3R99fJDUxVN
xNS/cNLdy1PpADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JuOTBmZlh5UTFNVlRjVFV2M0RTM2N0VDZRQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNThhZjI0LWM0NTQtNDRiMC1hN2NhLWM2ZjFlNmFjOWJhOS8x
LzJxX1EtSmRRMXI2ZVBQTXpuLXRKYUhWWFJSSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NThhZjI0LWM0NTQtNDRiMC1hN2NhLWM2ZjFlNmFjOWJhOS8xL3JuOTBmZlh5UTFN
VlRjVFV2M0RTM2N0VDZRQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowGAQCAAEwEgMEAG3i+AMEAblUrgMEAsFqqDAOBAIA
AjAIAwYGKgV0AQAwDQYJKoZIhvcNAQELBQADggEBAMW/lwjGok803brAVWuFXpMj
NWCnw6P5DdjWX/iRK1gdUNdLh0eNkRzE8ubOEbUg/MMqoV/FrrnQG9EmZbtduibI
Z1w6mtpBrbeYezEE+pK6ixJFpmpA87X6qJalq7qznxlSgPZoN9p1PJCEzw3xCXTM
zIaa+dklYI7W469don99P0fYCoug9sZ4F339nLHlR0vaYDQu/iQcICLf1Oma2dmy
qdwZI0OVtWgga6fjZXDQlrUZacwNdvUS0IR/KSuVQgmiNelB/WzDi/xuQQv9Ushq
leEqS6y39usgeeVUZpe6O4NgWtZAhQ5N61CE3xMr6idN+g5SHr6hOSO78yw+BP0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:49 2025 by rpki-client