Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/2dAQI_18zETjo81WrfQMwQLLlHM.roa
File: 2dAQI_18zETjo81WrfQMwQLLlHM.roa (raw, json)
Hash identifier: t5OXXMQwqgNpdnUfkr3uKoG3Cyz/OnFdHru+8BN5e0s=
Subject key identifier: D9:D0:10:23:FD:7C:CC:44:E3:A3:CD:56:AD:F4:0C:C1:02:CB:94:73
Certificate issuer: /CN=6dfa4a1ffc749b1c4fa3b6da819b6dbb9ae885a0
Certificate serial: 0A8D627B
Authority key identifier: 6D:FA:4A:1F:FC:74:9B:1C:4F:A3:B6:DA:81:9B:6D:BB:9A:E8:85:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bfpKH_x0mxxPo7bagZttu5rohaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/2dAQI_18zETjo81WrfQMwQLLlHM.roa
Signing time: Sat 01 Jan 2022 06:53:07 +0000
ROA not before: Sat 01 Jan 2022 06:53:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39642
IP address blocks: 45.14.140.0/22 maxlen: 22
185.37.84.0/22 maxlen: 22
85.218.128.0/17 maxlen: 17
62.107.0.0/16 maxlen: 16
89.184.128.0/19 maxlen: 19
46.32.32.0/19 maxlen: 19
94.138.64.0/19 maxlen: 19
86.52.0.0/16 maxlen: 16
178.132.224.0/20 maxlen: 20
95.154.0.0/18 maxlen: 18
78.157.96.0/19 maxlen: 19
212.10.0.0/16 maxlen: 16
31.185.64.0/19 maxlen: 19
37.128.208.0/20 maxlen: 20
5.206.192.0/21 maxlen: 21
212.37.128.0/19 maxlen: 19
212.112.128.0/19 maxlen: 19
178.155.128.0/17 maxlen: 17
185.5.164.0/22 maxlen: 22
2a02:2b98::/32 maxlen: 32
2a02:6940::/32 maxlen: 32
2a03:7400::/29 maxlen: 32
2a00:1b70::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177037947 (0xa8d627b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dfa4a1ffc749b1c4fa3b6da819b6dbb9ae885a0
Validity
Not Before: Jan 1 06:53:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9d01023fd7ccc44e3a3cd56adf40cc102cb9473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:80:c6:1f:ea:5a:de:24:3f:69:2d:36:9c:0b:
dd:30:d7:5d:86:2f:df:d2:ac:db:b0:4a:11:e4:d3:
9f:23:7c:76:81:49:23:6a:cb:fb:ba:4a:db:c5:6c:
74:c6:17:0c:b0:f2:c6:cf:74:69:e0:7b:f9:3c:34:
e0:ef:06:8b:cf:49:1f:aa:48:98:16:f6:7c:3a:b9:
fb:d1:09:bc:35:48:44:b9:fb:96:2f:af:af:8d:78:
02:94:9d:53:67:eb:e8:51:39:ea:9f:c6:13:96:7e:
93:bd:41:a7:6a:35:cc:2a:db:d5:b4:2c:b9:54:b2:
07:7d:6b:e2:75:5e:9d:3a:06:b4:de:aa:32:87:c0:
38:42:d4:95:c1:d1:7c:48:2b:ee:e5:e1:a6:bf:e4:
a1:26:f0:b9:bb:94:5a:65:3b:b4:c1:37:ab:6d:8d:
5c:3f:c8:0f:d5:a4:b3:00:42:7b:17:a5:bb:4e:91:
b4:75:39:92:9d:70:81:39:0f:39:e6:ff:e6:05:ea:
71:37:12:60:f2:32:59:5a:bd:4e:7b:18:4d:b4:1f:
aa:ca:08:59:00:b5:d9:5c:10:06:03:4e:d3:b6:78:
bf:3b:46:1f:fb:a0:3e:68:e5:46:75:0e:4b:81:da:
4a:14:a6:f8:d2:82:d3:05:5f:2e:05:0f:fe:7a:65:
ca:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D0:10:23:FD:7C:CC:44:E3:A3:CD:56:AD:F4:0C:C1:02:CB:94:73
X509v3 Authority Key Identifier:
keyid:6D:FA:4A:1F:FC:74:9B:1C:4F:A3:B6:DA:81:9B:6D:BB:9A:E8:85:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bfpKH_x0mxxPo7bagZttu5rohaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/2dAQI_18zETjo81WrfQMwQLLlHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/f2f1c5-866c-42b5-8b46-38669d1e2301/1/bfpKH_x0mxxPo7bagZttu5rohaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.206.192.0/21
31.185.64.0/19
37.128.208.0/20
45.14.140.0/22
46.32.32.0/19
62.107.0.0/16
78.157.96.0/19
85.218.128.0/17
86.52.0.0/16
89.184.128.0/19
94.138.64.0/19
95.154.0.0/18
178.132.224.0/20
178.155.128.0/17
185.5.164.0/22
185.37.84.0/22
212.10.0.0/16
212.37.128.0/19
212.112.128.0/19
IPv6:
2a00:1b70::/29
2a02:2b98::/32
2a02:6940::/32
2a03:7400::/29
Signature Algorithm: sha256WithRSAEncryption
30:8f:5d:9b:44:5d:41:72:08:cd:f7:cd:c5:32:94:a7:48:9d:
98:e8:99:a8:7a:b3:fb:f0:01:da:04:51:ec:36:2b:e6:24:2d:
69:57:77:df:af:3a:96:70:e2:83:c9:d0:a3:e8:dd:bf:f5:30:
d8:b4:51:77:62:fe:1b:68:b2:27:c5:44:f3:f4:70:a8:e6:74:
30:70:e0:69:f4:5b:8a:d8:16:c1:a8:92:5e:16:22:94:50:dd:
d3:e1:67:75:5d:a1:04:43:d5:67:92:51:b9:cd:27:06:78:43:
d2:3f:49:94:ad:7f:ab:5d:23:66:08:71:b7:76:8b:3b:fc:ac:
78:a8:45:8e:33:96:f6:81:85:ff:dd:c7:dc:b0:3b:27:db:62:
5a:5b:be:2c:54:b6:bc:fd:26:65:c6:9f:7c:55:f6:6c:b5:49:
0b:08:e8:57:86:bb:36:38:b4:26:e0:86:b7:d6:f1:53:ad:ec:
c7:22:01:82:11:f9:56:17:4c:e7:e4:fe:58:08:c6:b4:31:41:
84:d8:6a:73:8c:2f:c6:55:0f:97:3b:4a:b3:8a:ee:ee:41:ce:
84:f6:a8:e6:aa:e2:94:1f:9a:90:6a:a8:25:f1:1f:7a:fe:e6:
27:dc:2e:a3:c7:65:8d:19:49:94:34:91:5c:27:1a:b2:31:a3:
5b:6a:45:0e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIECo1iezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZGZhNGExZmZjNzQ5YjFjNGZhM2I2ZGE4MTliNmRiYjlhZTg4NWEwMB4XDTIyMDEw
MTA2NTMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDlkMDEwMjNmZDdj
Y2M0NGUzYTNjZDU2YWRmNDBjYzEwMmNiOTQ3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANyAxh/qWt4kP2ktNpwL3TDXXYYv39Ks27BKEeTTnyN8doFJ
I2rL+7pK28VsdMYXDLDyxs90aeB7+Tw04O8Gi89JH6pImBb2fDq5+9EJvDVIRLn7
li+vr414ApSdU2fr6FE56p/GE5Z+k71Bp2o1zCrb1bQsuVSyB31r4nVenToGtN6q
MofAOELUlcHRfEgr7uXhpr/koSbwubuUWmU7tME3q22NXD/ID9WkswBCexelu06R
tHU5kp1wgTkPOeb/5gXqcTcSYPIyWVq9TnsYTbQfqsoIWQC12VwQBgNO07Z4vztG
H/ugPmjlRnUOS4HaShSm+NKC0wVfLgUP/nplyusCAwEAAaOCApkwggKVMB0GA1Ud
DgQWBBTZ0BAj/XzMROOjzVat9AzBAsuUczAfBgNVHSMEGDAWgBRt+kof/HSbHE+j
ttqBm227muiFoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JmcEtIX3gwbXh4UG83YmFnWnR0dTVyb2hhQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvZjJmMWM1LTg2NmMtNDJiNS04YjQ2LTM4NjY5ZDFlMjMwMS8x
LzJkQVFJXzE4ekVUam84MVdyZlFNd1FMTGxITS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
ZjJmMWM1LTg2NmMtNDJiNS04YjQ2LTM4NjY5ZDFlMjMwMS8xL2JmcEtIX3gwbXh4
UG83YmFnWnR0dTVyb2hhQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rgYIKwYBBQUHAQcBAf8EgZ4wgZswdQQCAAEwbwMEAwXOwAMEBR+5QAMEBCWA0AME
Ai0OjAMEBS4gIAMDAD5rAwQFTp1gAwQHVdqAAwMAVjQDBAVZuIADBAVeikADBAZf
mgADBASyhOADBAeym4ADBAK5BaQDBAK5JVQDAwDUCgMEBdQlgAMEBdRwgDAiBAIA
AjAcAwUDKgAbcAMFACoCK5gDBQAqAmlAAwUDKgN0ADANBgkqhkiG9w0BAQsFAAOC
AQEAMI9dm0RdQXIIzffNxTKUp0idmOiZqHqz+/AB2gRR7DYr5iQtaVd33686lnDi
g8nQo+jdv/Uw2LRRd2L+G2iyJ8VE8/RwqOZ0MHDgafRbitgWwaiSXhYilFDd0+Fn
dV2hBEPVZ5JRuc0nBnhD0j9JlK1/q10jZghxt3aLO/yseKhFjjOW9oGF/93H3LA7
J9tiWlu+LFS2vP0mZcaffFX2bLVJCwjoV4a7Nji0JuCGt9bxU63sxyIBghH5VhdM
5+T+WAjGtDFBhNhqc4wvxlUPlztKs4ru7kHOhPao5qrilB+akGqoJfEfev7mJ9wu
o8dljRlJlDSRXCcasjGjW2pFDg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:54 2024 by rpki-client on console-ams.rpki-client.org