Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/2IxP7DnaZ8Lrg0ZaPC2sqPzvlnE.roa
File: 2IxP7DnaZ8Lrg0ZaPC2sqPzvlnE.roa (raw, json)
Hash identifier: vTfqiVgAGlZnqjdIC7dYyS0o8eavHqv6ISEJSC8X5y8=
Subject key identifier: D8:8C:4F:EC:39:DA:67:C2:EB:83:46:5A:3C:2D:AC:A8:FC:EF:96:71
Certificate issuer: /CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Certificate serial: 0184D2E9CDFD7A14FA9908726FBA06FD27FA
Authority key identifier: 39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/2IxP7DnaZ8Lrg0ZaPC2sqPzvlnE.roa
Signing time: Fri 02 Dec 2022 12:57:28 +0000
ROA not before: Fri 02 Dec 2022 12:57:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48918
IP address blocks: 185.250.110.0/24 maxlen: 24
185.250.108.0/24 maxlen: 24
2a0c:c40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:e9:cd:fd:7a:14:fa:99:08:72:6f:ba:06:fd:27:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Validity
Not Before: Dec 2 12:57:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d88c4fec39da67c2eb83465a3c2daca8fcef9671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:72:94:e6:29:55:e3:61:44:06:8b:3c:9f:1a:
3d:a7:41:f6:90:24:e4:6e:31:63:76:56:11:19:6d:
07:67:a7:3b:bf:71:b0:1f:57:e0:d4:05:3e:2b:cd:
4e:2b:d0:e3:89:d4:91:f9:e3:ae:87:fe:7f:86:6e:
0a:d6:f7:a1:52:e7:9e:27:50:39:c4:7f:b3:09:b4:
b8:d2:41:0f:34:c6:a9:11:5b:98:ef:3c:b6:ab:38:
4e:35:6c:1e:cb:58:39:c3:00:93:c3:32:e6:14:01:
30:ad:a5:60:40:6b:e0:5a:ce:39:1c:7a:eb:61:9b:
bb:e4:fd:40:5b:98:cc:ea:8f:8a:71:ed:2a:df:3a:
79:23:72:2b:38:b3:ee:46:d8:f0:02:73:8a:87:ee:
8f:05:51:63:66:48:ae:6d:e8:0b:75:d5:fe:75:a3:
d3:f6:bf:27:67:5f:bb:5d:45:8a:4b:f2:b5:54:2e:
11:36:52:3c:0d:e7:c5:37:88:01:a4:e3:b1:08:d2:
06:96:39:72:a2:a2:cf:32:3e:e6:9e:4b:f0:13:84:
8f:65:88:51:53:41:c5:32:9b:e6:24:10:8a:b9:ec:
48:7a:61:41:08:64:e4:08:a6:d6:ef:f3:21:e2:33:
14:e4:2d:a4:d4:df:71:fd:07:db:48:27:82:fb:c2:
2f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:8C:4F:EC:39:DA:67:C2:EB:83:46:5A:3C:2D:AC:A8:FC:EF:96:71
X509v3 Authority Key Identifier:
keyid:39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/2IxP7DnaZ8Lrg0ZaPC2sqPzvlnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/OffHSY_ZyfKGgElRYrnrdq1HxgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.108.0/24
185.250.110.0/24
IPv6:
2a0c:c40::/32
Signature Algorithm: sha256WithRSAEncryption
8c:fc:25:dc:31:10:1e:cd:7a:98:23:71:5e:49:ea:69:03:08:
6c:59:2c:fa:e7:ca:ae:fc:50:6c:ff:54:d6:ae:76:b2:df:34:
30:2a:65:ee:57:33:94:29:01:3f:22:dc:63:44:27:73:d6:55:
be:26:cd:0d:94:2a:1e:c0:c8:0b:e5:b9:7d:5c:d9:8f:d7:af:
a3:b4:b4:bf:75:62:c5:30:9a:44:65:1c:9f:35:b8:7d:3b:42:
9f:8b:74:ab:29:3e:d6:78:9d:6d:fc:85:02:c6:cc:85:12:f4:
6c:c6:55:18:17:da:ac:a8:00:5b:c5:3d:54:23:b2:31:7d:66:
aa:14:e0:dd:83:8c:88:9a:74:d1:27:e6:c5:97:9c:40:80:98:
91:aa:b0:fa:26:10:0e:63:ab:a6:cd:cd:f6:e7:a7:de:70:08:
24:82:8f:f8:ce:ec:24:20:fc:c5:16:94:9a:3d:24:9d:49:27:
9e:bd:09:e6:5e:4d:69:2f:de:e4:74:3d:07:75:d0:e6:da:85:
67:0e:97:4b:31:ed:b7:41:71:40:4c:33:aa:43:f0:99:c7:2b:
df:84:64:59:00:97:4a:6e:d6:7c:f6:7b:f7:42:72:1b:57:4b:
dc:f9:8b:8e:2b:a0:d3:f0:21:68:5b:97:9e:a3:60:98:84:95:
34:43:ff:46
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYTS6c39ehT6mQhyb7oG/Sf6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZjdjNzQ5OGZkOWM5ZjI4NjgwNDk1MTYyYjllYjc2YWQ0
N2M2MDMwHhcNMjIxMjAyMTI1NzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODhjNGZlYzM5ZGE2N2MyZWI4MzQ2NWEzYzJkYWNhOGZjZWY5NjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3KU5ilV42FEBos8nxo9p0H2kCTk
bjFjdlYRGW0HZ6c7v3GwH1fg1AU+K81OK9DjidSR+eOuh/5/hm4K1vehUueeJ1A5
xH+zCbS40kEPNMapEVuY7zy2qzhONWwey1g5wwCTwzLmFAEwraVgQGvgWs45HHrr
YZu75P1AW5jM6o+Kce0q3zp5I3IrOLPuRtjwAnOKh+6PBVFjZkiubegLddX+daPT
9r8nZ1+7XUWKS/K1VC4RNlI8DefFN4gBpOOxCNIGljlyoqLPMj7mnkvwE4SPZYhR
U0HFMpvmJBCKuexIemFBCGTkCKbW7/Mh4jMU5C2k1N9x/QfbSCeC+8IvEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNiMT+w52mfC64NGWjwtrKj875ZxMB8GA1UdIwQY
MBaAFDn3x0mP2cnyhoBJUWK563atR8YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZmSFNZX1p5ZktHZ0VsUllybnJkcTFIeGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xZDViMGItNGIwNS00MDJjLTgyNjUt
ZWZjZmJhOTkwN2RjLzEvMkl4UDdEbmFaOExyZzBaYVBDMnNxUHp2bG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xZDViMGItNGIwNS00MDJjLTgyNjUtZWZjZmJhOTkwN2Rj
LzEvT2ZmSFNZX1p5ZktHZ0VsUllybnJkcTFIeGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAufpsAwQA
ufpuMA0EAgACMAcDBQAqDAxAMA0GCSqGSIb3DQEBCwUAA4IBAQCM/CXcMRAezXqY
I3FeSeppAwhsWSz658qu/FBs/1TWrnay3zQwKmXuVzOUKQE/ItxjRCdz1lW+Js0N
lCoewMgL5bl9XNmP16+jtLS/dWLFMJpEZRyfNbh9O0Kfi3SrKT7WeJ1t/IUCxsyF
EvRsxlUYF9qsqABbxT1UI7IxfWaqFODdg4yImnTRJ+bFl5xAgJiRqrD6JhAOY6um
zc3256fecAgkgo/4zuwkIPzFFpSaPSSdSSeevQnmXk1pL97kdD0HddDm2oVnDpdL
Me23QXFATDOqQ/CZxyvfhGRZAJdKbtZ89nv3QnIbV0vc+YuOK6DT8CFoW5eeo2CY
hJU0Q/9G
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:06 2025 by rpki-client