Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2LK-AptRTKES7w7-F6eiScQKCN0.roa
File: 2LK-AptRTKES7w7-F6eiScQKCN0.roa (raw, json)
Hash identifier: 4JZWJwuTXFD3kpoKoj2OvLHoDBgllCUG+5ufhrP20bg=
Subject key identifier: D8:B2:BE:02:9B:51:4C:A1:12:EF:0E:FE:17:A7:A2:49:C4:0A:08:DD
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0184675BD9E8FB06F71C654B95E98C6EB68B
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2LK-AptRTKES7w7-F6eiScQKCN0.roa
Signing time: Fri 11 Nov 2022 15:43:03 +0000
ROA not before: Fri 11 Nov 2022 15:43:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2119
IP address blocks: 194.132.108.0/23 maxlen: 23
193.183.3.0/24 maxlen: 24
194.68.126.0/24 maxlen: 24
194.71.248.0/21 maxlen: 21
194.68.56.0/23 maxlen: 23
192.71.158.0/24 maxlen: 24
194.68.99.0/24 maxlen: 24
194.14.129.0/24 maxlen: 24
193.183.92.0/24 maxlen: 24
192.176.161.0/24 maxlen: 24
193.183.93.0/24 maxlen: 24
193.183.104.0/24 maxlen: 24
193.181.187.0/24 maxlen: 24
193.183.118.0/24 maxlen: 24
193.183.68.0/23 maxlen: 23
193.183.79.0/24 maxlen: 24
192.165.65.0/24 maxlen: 24
192.71.5.0/24 maxlen: 24
192.165.86.0/24 maxlen: 24
192.121.172.0/24 maxlen: 24
192.121.101.0/24 maxlen: 24
193.234.68.0/23 maxlen: 23
192.71.97.0/24 maxlen: 24
192.36.37.0/24 maxlen: 24
193.234.220.0/23 maxlen: 23
193.181.0.0/24 maxlen: 24
193.234.237.0/24 maxlen: 24
194.71.140.0/23 maxlen: 23
192.71.41.0/24 maxlen: 24
192.71.40.0/24 maxlen: 24
194.103.50.0/24 maxlen: 24
192.121.192.0/24 maxlen: 24
194.71.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:67:5b:d9:e8:fb:06:f7:1c:65:4b:95:e9:8c:6e:b6:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Nov 11 15:43:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8b2be029b514ca112ef0efe17a7a249c40a08dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:41:f6:2a:b5:40:73:b9:0a:b5:e8:f5:b8:89:
e4:9a:3c:c0:c6:02:2e:30:86:b6:16:f6:9e:a3:2d:
c1:65:1c:e4:30:c7:75:6d:d9:33:98:21:d6:19:bb:
12:af:8a:41:47:4e:f6:9f:24:b7:2b:0f:90:25:c3:
28:b2:7d:a1:e1:e8:8b:26:57:81:37:bf:24:13:76:
1b:a2:82:c8:5b:9a:24:4b:f9:20:9d:f5:52:63:2a:
db:f8:c5:e7:7a:7e:50:1d:46:01:b5:eb:32:0c:aa:
70:3d:15:5a:03:35:ca:ed:5b:74:b6:76:09:d1:d4:
d9:db:1d:51:df:ae:64:fb:ca:c0:cf:5b:76:bf:c2:
0b:4d:62:8b:e1:d5:3c:bd:84:9c:da:67:da:b8:2e:
6f:ca:8a:35:04:e0:91:7b:0c:a1:c6:17:e7:3b:a3:
da:63:97:1a:b1:26:14:4b:07:a3:0f:14:0e:11:48:
3b:5b:3a:e9:4f:e2:95:46:7a:a9:69:5e:22:6a:4e:
85:3f:90:d2:ca:da:f5:5a:11:c8:80:0b:9e:6c:ca:
12:91:47:28:e7:26:f0:0b:90:20:e0:5b:c7:77:a2:
ce:34:de:c6:9c:8d:9b:6e:16:cc:5e:27:96:5f:6e:
15:3b:46:be:32:8e:25:d7:7d:17:71:26:08:ba:b1:
9a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B2:BE:02:9B:51:4C:A1:12:EF:0E:FE:17:A7:A2:49:C4:0A:08:DD
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2LK-AptRTKES7w7-F6eiScQKCN0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.37.0/24
192.71.5.0/24
192.71.40.0/23
192.71.97.0/24
192.71.158.0/24
192.121.101.0/24
192.121.172.0/24
192.121.192.0/24
192.165.65.0/24
192.165.86.0/24
192.176.161.0/24
193.181.0.0/24
193.181.187.0/24
193.183.3.0/24
193.183.68.0/23
193.183.79.0/24
193.183.92.0/23
193.183.104.0/24
193.183.118.0/24
193.234.68.0/23
193.234.220.0/23
193.234.237.0/24
194.14.129.0/24
194.68.56.0/23
194.68.99.0/24
194.68.126.0/24
194.71.83.0/24
194.71.140.0/23
194.71.248.0/21
194.103.50.0/24
194.132.108.0/23
Signature Algorithm: sha256WithRSAEncryption
71:5d:ce:ea:4f:e0:ba:81:dd:5a:1d:3c:4d:36:c9:c8:bb:c2:
be:92:a0:5b:84:31:28:b5:5b:02:4f:2b:f7:f7:3f:09:60:91:
04:c4:cf:04:63:fa:5a:b9:b4:6b:95:d9:bd:56:6e:04:a5:26:
03:24:bd:bf:ea:e1:b6:c0:cc:e3:6a:fd:d2:c0:91:fc:db:59:
d8:de:17:9a:c8:b7:05:6d:09:4a:ef:1d:dc:6f:42:70:79:c6:
d8:b7:12:61:6d:d2:59:e3:91:e1:78:a3:4f:9a:a5:7d:67:ec:
36:6c:86:60:8f:db:17:08:e8:9f:81:44:7e:54:6f:1a:35:25:
ee:4a:c2:4c:dd:15:e8:c1:b1:63:29:9a:d8:4e:57:4b:64:2a:
63:be:b7:67:1f:aa:08:63:8c:4a:3a:67:07:d1:51:42:cd:1f:
5a:95:45:4d:2c:dc:55:50:c4:de:a1:83:4e:26:d6:47:f0:4a:
2d:60:1e:ac:68:e8:ac:ac:07:28:48:b9:5a:a9:08:ad:08:59:
6c:d8:7d:97:b0:98:d9:91:1d:b7:1a:b4:ac:29:83:97:75:c6:
e5:79:83:2d:b8:4f:aa:98:08:5e:7b:3b:5f:54:7e:b6:f6:a7:
22:6c:13:62:63:c4:82:37:8f:8c:e5:1a:8d:9d:45:fb:d2:c1:
d6:c2:31:33
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYRnW9no+wb3HGVLlemMbraLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMTExMTU0MzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGIyYmUwMjliNTE0Y2ExMTJlZjBlZmUxN2E3YTI0OWM0MGEwOGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0H2KrVAc7kKtej1uInkmjzAxgIu
MIa2Fvaeoy3BZRzkMMd1bdkzmCHWGbsSr4pBR072nyS3Kw+QJcMosn2h4eiLJleB
N78kE3YbooLIW5okS/kgnfVSYyrb+MXnen5QHUYBtesyDKpwPRVaAzXK7Vt0tnYJ
0dTZ2x1R365k+8rAz1t2v8ILTWKL4dU8vYSc2mfauC5vyoo1BOCRewyhxhfnO6Pa
Y5casSYUSwejDxQOEUg7WzrpT+KVRnqpaV4iak6FP5DSytr1WhHIgAuebMoSkUco
5ybwC5Ag4FvHd6LONN7GnI2bbhbMXieWX24VO0a+Mo4l130XcSYIurGaZQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFNiyvgKbUUyhEu8O/henoknECgjdMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMkxLLUFwdFJUS0VTN3c3LUY2ZWlTY1FLQ04wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBADA
JCUDBADARwUDBAHARygDBADAR2EDBADAR54DBADAeWUDBADAeawDBADAecADBADA
pUEDBADApVYDBADAsKEDBADBtQADBADBtbsDBADBtwMDBAHBt0QDBADBt08DBAHB
t1wDBADBt2gDBADBt3YDBAHB6kQDBAHB6twDBADB6u0DBADCDoEDBAHCRDgDBADC
RGMDBADCRH4DBADCR1MDBAHCR4wDBAPCR/gDBADCZzIDBAHChGwwDQYJKoZIhvcN
AQELBQADggEBAHFdzupP4LqB3VodPE02yci7wr6SoFuEMSi1WwJPK/f3PwlgkQTE
zwRj+lq5tGuV2b1WbgSlJgMkvb/q4bbAzONq/dLAkfzbWdjeF5rItwVtCUrvHdxv
QnB5xti3EmFt0lnjkeF4o0+apX1n7DZshmCP2xcI6J+BRH5Ubxo1Je5KwkzdFejB
sWMpmthOV0tkKmO+t2cfqghjjEo6ZwfRUULNH1qVRU0s3FVQxN6hg04m1kfwSi1g
Hqxo6KysByhIuVqpCK0IWWzYfZewmNmRHbcatKwpg5d1xuV5gy24T6qYCF57O19U
frb2pyJsE2JjxII3j4zlGo2dRfvSwdbCMTM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:55 2025 by rpki-client