Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/2TxwpFKbHrgkwLqdTzWqE424-9Q.roa
File: 2TxwpFKbHrgkwLqdTzWqE424-9Q.roa (raw, json)
Hash identifier: +sVOP1xTCsqrprZ2ktoGtivP71VAps4VMRp1jFGfFmA=
Subject key identifier: D9:3C:70:A4:52:9B:1E:B8:24:C0:BA:9D:4F:35:AA:13:8D:B8:FB:D4
Certificate issuer: /CN=435416b2282b4533c3509c18e957ce0c836bc837
Certificate serial: 018282CB0E3E3BCE0AC9B991ECE36D335FF2
Authority key identifier: 43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/2TxwpFKbHrgkwLqdTzWqE424-9Q.roa
Signing time: Tue 09 Aug 2022 13:28:41 +0000
ROA not before: Tue 09 Aug 2022 13:28:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203020
IP address blocks: 194.156.112.0/22 maxlen: 32
185.251.44.0/22 maxlen: 32
195.66.216.0/21 maxlen: 32
185.247.228.0/22 maxlen: 32
95.214.84.0/22 maxlen: 32
195.158.208.0/22 maxlen: 32
95.175.64.0/19 maxlen: 32
185.251.248.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:cb:0e:3e:3b:ce:0a:c9:b9:91:ec:e3:6d:33:5f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435416b2282b4533c3509c18e957ce0c836bc837
Validity
Not Before: Aug 9 13:28:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d93c70a4529b1eb824c0ba9d4f35aa138db8fbd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ad:b4:c3:38:70:90:f4:43:19:27:e2:5a:a4:
d6:74:3d:c8:29:63:1b:92:88:85:ea:15:3f:09:1a:
56:70:93:c3:ce:de:5b:6e:29:72:9b:ff:56:07:ab:
40:3a:47:2d:10:a6:8b:6b:83:ed:c2:31:1b:61:15:
ed:7f:ac:aa:3f:fd:4a:90:76:e2:5f:af:56:a2:11:
1f:af:a5:dd:7c:73:34:55:0d:1a:37:1b:c1:31:3b:
9b:f9:4c:da:4a:c4:1c:c6:1a:89:02:d3:0d:96:cb:
49:de:46:2d:1e:e0:8d:7b:27:09:61:a8:03:4a:14:
65:ea:74:df:47:f6:d0:0b:3d:29:56:1b:73:dd:1c:
85:4e:bc:0e:38:ac:8b:4f:76:5d:aa:f2:8c:aa:eb:
d4:b0:47:9a:9e:c9:5e:0b:64:8b:11:6c:d4:ac:90:
50:66:e3:77:8b:f5:0a:fc:5c:31:75:b2:82:e7:43:
6b:ce:92:52:30:21:3e:29:63:7c:3c:47:ac:55:fe:
ae:41:cb:19:4e:f0:de:30:42:0c:18:e6:13:58:a2:
1c:92:26:7a:c1:77:01:6f:b9:22:3f:58:7c:27:23:
60:c8:74:f7:17:15:9d:fc:ff:b9:0d:0d:b7:ba:44:
ee:8c:0a:7c:97:45:f7:d4:98:b5:bf:9a:99:59:45:
5c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3C:70:A4:52:9B:1E:B8:24:C0:BA:9D:4F:35:AA:13:8D:B8:FB:D4
X509v3 Authority Key Identifier:
keyid:43:54:16:B2:28:2B:45:33:C3:50:9C:18:E9:57:CE:0C:83:6B:C8:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q1QWsigrRTPDUJwY6VfODINryDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/2TxwpFKbHrgkwLqdTzWqE424-9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/63ff81-6460-4c05-852d-262eb39bbe76/1/Q1QWsigrRTPDUJwY6VfODINryDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.64.0/19
95.214.84.0/22
185.247.228.0/22
185.251.44.0/22
185.251.248.0/22
194.156.112.0/22
195.66.216.0/21
195.158.208.0/22
Signature Algorithm: sha256WithRSAEncryption
05:33:ce:8c:e0:d9:e0:b8:cb:b7:86:c4:26:6d:37:86:b5:66:
d5:e9:77:d1:2a:79:60:f9:79:c3:c4:61:98:2e:19:ab:ab:89:
60:bb:75:8c:42:29:ed:19:8c:45:05:e9:52:75:61:99:69:2c:
99:31:ee:35:44:81:df:cc:f5:c3:5e:ef:52:4f:67:89:73:37:
bf:98:7a:64:ce:95:88:bc:45:50:9e:5c:a2:6e:71:eb:35:f0:
42:1a:83:2a:0e:f7:dc:56:51:c4:a1:3b:d8:f2:73:6f:87:c8:
82:a3:2a:0b:e7:7e:ff:29:af:a2:ed:a6:a4:b1:4c:a4:db:f1:
5c:f9:87:3e:42:48:5b:3c:51:cf:26:75:21:37:40:72:92:f8:
a5:2d:b4:b7:c1:47:eb:40:fa:fe:dd:48:ff:86:8a:e7:d3:af:
95:dd:21:e9:2a:cb:23:67:cb:c7:23:0c:71:2e:4f:8f:23:ab:
a8:89:9f:36:e8:1f:36:ba:6c:16:71:51:8b:d1:9f:d0:9b:59:
83:d7:de:ac:21:65:0d:39:9f:4d:26:ef:31:68:fc:7a:db:79:
23:84:bb:d5:c2:ca:2c:33:bd:db:d4:41:d4:ca:c4:82:0c:56:
d3:c5:4b:2c:5f:ab:1c:f2:8c:a2:37:3d:dd:77:67:8a:c8:17:
77:6c:1e:2a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYKCyw4+O84KybmR7ONtM1/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNTQxNmIyMjgyYjQ1MzNjMzUwOWMxOGU5NTdjZTBjODM2
YmM4MzcwHhcNMjIwODA5MTMyODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNjNzBhNDUyOWIxZWI4MjRjMGJhOWQ0ZjM1YWExMzhkYjhmYmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga20wzhwkPRDGSfiWqTWdD3IKWMb
koiF6hU/CRpWcJPDzt5bbilym/9WB6tAOkctEKaLa4PtwjEbYRXtf6yqP/1KkHbi
X69WohEfr6XdfHM0VQ0aNxvBMTub+UzaSsQcxhqJAtMNlstJ3kYtHuCNeycJYagD
ShRl6nTfR/bQCz0pVhtz3RyFTrwOOKyLT3ZdqvKMquvUsEeansleC2SLEWzUrJBQ
ZuN3i/UK/FwxdbKC50NrzpJSMCE+KWN8PEesVf6uQcsZTvDeMEIMGOYTWKIckiZ6
wXcBb7kiP1h8JyNgyHT3FxWd/P+5DQ23ukTujAp8l0X31Ji1v5qZWUVcEQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNk8cKRSmx64JMC6nU81qhONuPvUMB8GA1UdIwQY
MBaAFENUFrIoK0Uzw1CcGOlXzgyDa8g3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQt
MjYyZWIzOWJiZTc2LzEvMlR4d3BGS2JIcmdrd0xxZFR6V3FFNDI0LTlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82M2ZmODEtNjQ2MC00YzA1LTg1MmQtMjYyZWIzOWJiZTc2
LzEvUTFRV3NpZ3JSVFBEVUp3WTZWZk9ESU5yeURjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQFX69AAwQC
X9ZUAwQCuffkAwQCufssAwQCufv4AwQCwpxwAwQDw0LYAwQCw57QMA0GCSqGSIb3
DQEBCwUAA4IBAQAFM86M4NnguMu3hsQmbTeGtWbV6XfRKnlg+XnDxGGYLhmrq4lg
u3WMQintGYxFBelSdWGZaSyZMe41RIHfzPXDXu9ST2eJcze/mHpkzpWIvEVQnlyi
bnHrNfBCGoMqDvfcVlHEoTvY8nNvh8iCoyoL537/Ka+i7aaksUyk2/Fc+Yc+Qkhb
PFHPJnUhN0BykvilLbS3wUfrQPr+3Uj/horn06+V3SHpKssjZ8vHIwxxLk+PI6uo
iZ826B82umwWcVGL0Z/Qm1mD196sIWUNOZ9NJu8xaPx623kjhLvVwsosM73b1EHU
ysSCDFbTxUssX6sc8oyiNz3dd2eKyBd3bB4q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:32 2024 by rpki-client on console-fra.rpki-client.org