Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/A2XIjtC0LZoAFz60IjVvy96B2jk.roa
File: A2XIjtC0LZoAFz60IjVvy96B2jk.roa (raw, json)
Hash identifier: pmsPUEwr0fVbOpL+InfPJe/Ypf+FoYK8ncQ3TDHMcMY=
Subject key identifier: 03:65:C8:8E:D0:B4:2D:9A:00:17:3E:B4:22:35:6F:CB:DE:81:DA:39
Certificate issuer: /CN=febf30201f12a040d386d2b4eed4484623e4d11b
Certificate serial: 0A760FA1
Authority key identifier: FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/A2XIjtC0LZoAFz60IjVvy96B2jk.roa
Signing time: Sat 01 Jan 2022 16:07:06 +0000
ROA not before: Sat 01 Jan 2022 16:07:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41782
IP address blocks: 151.237.16.0/24 maxlen: 24
151.237.17.0/24 maxlen: 24
151.237.18.0/24 maxlen: 24
151.237.20.0/24 maxlen: 24
151.237.19.0/24 maxlen: 24
151.237.22.0/24 maxlen: 24
151.237.25.0/24 maxlen: 24
151.237.29.0/24 maxlen: 24
151.237.30.0/24 maxlen: 24
151.237.31.0/24 maxlen: 24
151.237.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175509409 (0xa760fa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=febf30201f12a040d386d2b4eed4484623e4d11b
Validity
Not Before: Jan 1 16:07:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0365c88ed0b42d9a00173eb422356fcbde81da39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:1d:dd:5f:8a:86:51:49:1b:c0:b4:9c:0d:50:
d5:db:b1:dd:a5:c1:f8:0b:93:56:f5:69:59:52:b1:
44:10:0e:b5:b8:e6:c4:10:75:d5:63:d1:70:97:5e:
98:ec:20:55:ee:a4:0a:4d:4a:d6:79:98:ae:a0:ce:
bf:89:f3:50:3c:1f:f7:8b:5a:92:ee:80:df:ed:11:
62:91:6f:fa:12:8c:b1:a5:63:9c:61:d5:cf:5a:fd:
ce:e7:fd:d8:e5:52:58:19:26:af:58:fc:37:31:60:
be:96:ef:2f:dc:76:d5:c9:ca:81:71:cc:19:6f:27:
aa:6d:a8:7c:b5:8e:01:dc:72:8f:aa:f3:ac:df:c1:
0d:fd:8a:bc:42:e8:cb:1f:b9:ec:4d:93:7b:1a:f3:
43:18:ab:55:fd:7f:23:d6:8d:4a:9d:d5:2e:35:13:
42:1e:5c:5b:d0:b6:ab:d8:0a:22:61:8b:39:cd:58:
49:85:23:80:89:97:0e:04:ea:a8:54:c3:db:bb:ff:
b0:b5:90:59:54:12:ee:61:54:54:50:60:c1:b5:5e:
61:df:f9:32:4b:a4:e7:ee:ad:f3:e7:12:36:6b:31:
1a:cc:e6:4a:10:c0:ab:ed:84:07:c1:6f:ce:d4:9e:
b5:11:2f:9c:c0:c6:47:40:4f:2b:8d:8d:72:07:5e:
dd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:65:C8:8E:D0:B4:2D:9A:00:17:3E:B4:22:35:6F:CB:DE:81:DA:39
X509v3 Authority Key Identifier:
keyid:FE:BF:30:20:1F:12:A0:40:D3:86:D2:B4:EE:D4:48:46:23:E4:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_r8wIB8SoEDThtK07tRIRiPk0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/A2XIjtC0LZoAFz60IjVvy96B2jk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/f8c4a2-96ac-4b4e-a195-a97c0dc0a749/1/_r8wIB8SoEDThtK07tRIRiPk0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.16.0-151.237.20.255
151.237.22.0/24
151.237.25.0/24
151.237.29.0-151.237.32.255
Signature Algorithm: sha256WithRSAEncryption
81:f3:da:bb:e6:b7:d1:20:83:df:69:48:a5:74:65:d9:4e:fa:
3d:6a:13:22:51:3d:24:08:97:5a:b0:1f:8b:a1:0a:86:5c:fa:
68:7a:13:e0:74:c1:6a:c6:a0:ec:bc:72:c5:96:d3:5d:bc:a6:
d1:fd:5c:d8:6a:5d:59:da:6f:2f:0f:a9:36:ca:0c:90:fb:99:
ce:39:32:20:0e:99:76:e6:24:af:29:26:44:32:15:d9:2d:3e:
51:cb:4c:aa:d6:14:02:94:14:c7:e5:ed:b1:3a:7c:a1:b1:58:
de:5d:5b:bb:7d:b1:99:54:a4:bc:c3:9b:51:0d:25:9b:49:99:
6f:e9:2a:6f:1c:f5:f8:5b:0b:57:be:14:0f:37:24:67:b2:ad:
d1:6f:fa:51:7e:d8:1c:be:98:35:e4:5c:8a:f6:bc:8e:78:df:
3d:05:f8:26:f1:a5:f2:4d:45:1b:61:5d:d3:84:72:43:22:c7:
b4:49:af:0b:c4:eb:e8:0a:86:d6:bb:d7:ff:db:91:06:23:ef:
52:8e:f7:ba:79:28:a4:05:cc:33:33:1c:ea:45:5f:1f:06:1f:
88:86:99:37:de:33:38:a0:83:0a:4c:08:bb:b1:3c:e7:40:5f:
c5:05:6e:65:2d:3a:e8:4c:54:41:02:a2:3b:be:92:de:cf:ee:
26:01:58:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECnYPoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZWJmMzAyMDFmMTJhMDQwZDM4NmQyYjRlZWQ0NDg0NjIzZTRkMTFiMB4XDTIyMDEw
MTE2MDcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDM2NWM4OGVkMGI0
MmQ5YTAwMTczZWI0MjIzNTZmY2JkZTgxZGEzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMcd3V+KhlFJG8C0nA1Q1dux3aXB+AuTVvVpWVKxRBAOtbjm
xBB11WPRcJdemOwgVe6kCk1K1nmYrqDOv4nzUDwf94taku6A3+0RYpFv+hKMsaVj
nGHVz1r9zuf92OVSWBkmr1j8NzFgvpbvL9x21cnKgXHMGW8nqm2ofLWOAdxyj6rz
rN/BDf2KvELoyx+57E2TexrzQxirVf1/I9aNSp3VLjUTQh5cW9C2q9gKImGLOc1Y
SYUjgImXDgTqqFTD27v/sLWQWVQS7mFUVFBgwbVeYd/5Mkuk5+6t8+cSNmsxGszm
ShDAq+2EB8FvztSetREvnMDGR0BPK42Ncgde3cECAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQDZciO0LQtmgAXPrQiNW/L3oHaOTAfBgNVHSMEGDAWgBT+vzAgHxKgQNOG
0rTu1EhGI+TRGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19yOHdJQjhTb0VEVGh0SzA3dFJJUmlQazBScy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvZjhjNGEyLTk2YWMtNGI0ZS1hMTk1LWE5N2MwZGMwYTc0OS8x
L0EyWElqdEMwTFpvQUZ6NjBJalZ2eTk2QjJqay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
ZjhjNGEyLTk2YWMtNGI0ZS1hMTk1LWE5N2MwZGMwYTc0OS8xL19yOHdJQjhTb0VE
VGh0SzA3dFJJUmlQazBScy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQEl+0QAwQAl+0UAwQAl+0WAwQA
l+0ZMAwDBACX7R0DBACX7SAwDQYJKoZIhvcNAQELBQADggEBAIHz2rvmt9Egg99p
SKV0ZdlO+j1qEyJRPSQIl1qwH4uhCoZc+mh6E+B0wWrGoOy8csWW0128ptH9XNhq
XVnaby8PqTbKDJD7mc45MiAOmXbmJK8pJkQyFdktPlHLTKrWFAKUFMfl7bE6fKGx
WN5dW7t9sZlUpLzDm1ENJZtJmW/pKm8c9fhbC1e+FA83JGeyrdFv+lF+2By+mDXk
XIr2vI543z0F+CbxpfJNRRthXdOEckMix7RJrwvE6+gKhta71//bkQYj71KO97p5
KKQFzDMzHOpFXx8GH4iGmTfeMziggwpMCLuxPOdAX8UFbmUtOuhMVEECoju+kt7P
7iYBWIs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:11 2024 by rpki-client on console-fra.rpki-client.org