Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/2tHWW82LWgrPIF_ZE0oc0gf1Kmc.roa
File: 2tHWW82LWgrPIF_ZE0oc0gf1Kmc.roa (raw, json)
Hash identifier: c9BVJla01dtu6mSYucqdgn5YqwMFdC/kWPjQK69PMvM=
Subject key identifier: DA:D1:D6:5B:CD:8B:5A:0A:CF:20:5F:D9:13:4A:1C:D2:07:F5:2A:67
Certificate issuer: /CN=f57bc7f2eaf0cafa69bee5fabe67122b4363fe72
Certificate serial: 0767730F
Authority key identifier: F5:7B:C7:F2:EA:F0:CA:FA:69:BE:E5:FA:BE:67:12:2B:43:63:FE:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XvH8urwyvppvuX6vmcSK0Nj_nI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/2tHWW82LWgrPIF_ZE0oc0gf1Kmc.roa
Signing time: Sat 01 Jan 2022 12:02:47 +0000
ROA not before: Sat 01 Jan 2022 12:02:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200567
IP address blocks: 46.16.216.0/22 maxlen: 22
46.16.216.0/23 maxlen: 23
46.16.218.0/23 maxlen: 23
46.16.222.0/23 maxlen: 23
46.16.220.0/23 maxlen: 23
46.16.220.0/22 maxlen: 22
185.39.176.0/23 maxlen: 24
185.39.178.0/23 maxlen: 23
185.70.144.0/23 maxlen: 23
185.70.146.0/23 maxlen: 23
185.109.32.0/23 maxlen: 23
185.109.34.0/23 maxlen: 23
2a05:2a80:1::/48 maxlen: 48
2a05:2a80::/29 maxlen: 29
2a05:2a80::/32 maxlen: 32
2a06:4e40::/29 maxlen: 29
2a02:4500::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124220175 (0x767730f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57bc7f2eaf0cafa69bee5fabe67122b4363fe72
Validity
Not Before: Jan 1 12:02:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dad1d65bcd8b5a0acf205fd9134a1cd207f52a67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cd:bb:a1:e8:d1:1a:14:41:92:8e:c7:aa:8d:
74:39:92:41:94:80:e7:d8:20:16:75:4d:49:b0:16:
3d:fa:10:12:a8:d3:a0:e3:25:e5:9a:4e:d4:8d:14:
36:9d:f9:3c:cc:1b:f4:7f:03:e0:c2:96:6b:18:c2:
a4:64:08:b0:27:75:a0:66:a3:27:73:d7:ca:a8:b8:
08:9d:2f:e4:ea:39:4f:c8:5b:15:47:43:cc:bf:90:
cc:01:bb:58:47:41:2e:0d:aa:7c:8f:de:23:33:4e:
27:8a:a2:4d:1e:76:b3:46:58:c7:9b:83:f5:66:8a:
41:0b:11:04:bd:cc:3f:2e:44:f7:a9:ee:b2:c3:f6:
0c:0f:e9:fa:e0:4f:5f:b9:3b:5e:8f:76:4f:f7:d8:
09:5f:4d:15:8f:36:cd:c6:68:85:b2:c2:e6:a4:1b:
61:a7:31:12:f0:0d:2c:70:f9:99:7f:2b:ed:af:c7:
8f:8f:17:eb:50:22:bb:12:40:ef:01:ad:d4:cf:e9:
e9:c8:93:67:7f:f2:e2:82:3b:99:c1:9a:aa:3b:22:
6a:aa:f6:0d:ec:d1:6f:b1:06:ef:ac:e0:3e:43:f3:
f0:81:33:07:79:00:08:fe:cd:b0:5e:f6:06:65:d9:
e1:c3:eb:1a:25:28:20:a8:78:83:8e:5c:d5:53:77:
c8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D1:D6:5B:CD:8B:5A:0A:CF:20:5F:D9:13:4A:1C:D2:07:F5:2A:67
X509v3 Authority Key Identifier:
keyid:F5:7B:C7:F2:EA:F0:CA:FA:69:BE:E5:FA:BE:67:12:2B:43:63:FE:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XvH8urwyvppvuX6vmcSK0Nj_nI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/2tHWW82LWgrPIF_ZE0oc0gf1Kmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4441b4-f981-4c26-9b99-1010473f4fe8/1/9XvH8urwyvppvuX6vmcSK0Nj_nI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.216.0/21
185.39.176.0/22
185.70.144.0/22
185.109.32.0/22
IPv6:
2a02:4500::/32
2a05:2a80::/29
2a06:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
49:36:80:e0:51:f9:7d:74:ad:cb:70:f7:a2:d0:ef:40:64:f9:
30:b5:8c:69:66:14:38:bf:4d:7b:ac:03:cd:e6:0b:fc:02:06:
e7:be:b7:2e:0b:70:b7:8d:28:3f:bb:c3:5b:6e:84:7b:19:5f:
06:b6:1a:1e:8d:9e:a7:74:01:0f:c4:b7:d8:3f:5e:0d:5d:d9:
0c:bf:01:72:ae:ea:09:27:1c:24:1c:0d:ec:84:df:aa:59:c1:
ab:48:05:d0:55:e5:25:13:d7:b7:ea:26:27:f2:68:4d:eb:12:
7e:a9:e8:0f:78:3d:56:cd:d3:d2:9a:5e:a0:1a:60:c8:b8:c3:
39:bd:9a:6b:cf:87:c8:5c:f0:5b:bc:27:e7:ae:84:ea:9b:af:
97:69:10:58:b4:54:b3:be:55:db:17:fd:46:ce:ab:1c:c0:36:
c2:8a:87:a2:7f:b5:c5:e9:c2:76:4f:62:8b:f6:8f:e2:b0:b7:
4d:69:ed:d5:d2:6b:e9:3d:2a:9a:30:02:3c:d5:28:c9:44:d8:
12:bb:3f:45:40:21:c5:8c:31:ba:0f:3c:58:9d:24:2d:f8:82:
25:9d:62:cc:a7:f7:44:88:24:ed:a6:cc:2c:3c:38:80:4d:6b:
83:82:56:ad:f6:a4:0d:37:55:e0:92:41:f4:86:31:e7:89:01:
ac:23:16:9e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIEB2dzDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTdiYzdmMmVhZjBjYWZhNjliZWU1ZmFiZTY3MTIyYjQzNjNmZTcyMB4XDTIyMDEw
MTEyMDI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGFkMWQ2NWJjZDhi
NWEwYWNmMjA1ZmQ5MTM0YTFjZDIwN2Y1MmE2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvNu6Ho0RoUQZKOx6qNdDmSQZSA59ggFnVNSbAWPfoQEqjT
oOMl5ZpO1I0UNp35PMwb9H8D4MKWaxjCpGQIsCd1oGajJ3PXyqi4CJ0v5Oo5T8hb
FUdDzL+QzAG7WEdBLg2qfI/eIzNOJ4qiTR52s0ZYx5uD9WaKQQsRBL3MPy5E96nu
ssP2DA/p+uBPX7k7Xo92T/fYCV9NFY82zcZohbLC5qQbYacxEvANLHD5mX8r7a/H
j48X61AiuxJA7wGt1M/p6ciTZ3/y4oI7mcGaqjsiaqr2DezRb7EG76zgPkPz8IEz
B3kACP7NsF72BmXZ4cPrGiUoIKh4g45c1VN3yBECAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBTa0dZbzYtaCs8gX9kTShzSB/UqZzAfBgNVHSMEGDAWgBT1e8fy6vDK+mm+
5fq+ZxIrQ2P+cjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlYdkg4dXJ3eXZwcHZ1WDZ2bWNTSzBOal9uSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvNDQ0MWI0LWY5ODEtNGMyNi05Yjk5LTEwMTA0NzNmNGZlOC8x
LzJ0SFdXODJMV2dyUElGX1pFMG9jMGdmMUttYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
NDQ0MWI0LWY5ODEtNGMyNi05Yjk5LTEwMTA0NzNmNGZlOC8xLzlYdkg4dXJ3eXZw
cHZ1WDZ2bWNTSzBOal9uSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wHgQCAAEwGAMEAy4Q2AMEArknsAMEArlGkAMEArlt
IDAbBAIAAjAVAwUAKgJFAAMFAyoFKoADBQMqBk5AMA0GCSqGSIb3DQEBCwUAA4IB
AQBJNoDgUfl9dK3LcPei0O9AZPkwtYxpZhQ4v017rAPN5gv8AgbnvrcuC3C3jSg/
u8NbboR7GV8GthoejZ6ndAEPxLfYP14NXdkMvwFyruoJJxwkHA3shN+qWcGrSAXQ
VeUlE9e36iYn8mhN6xJ+qegPeD1WzdPSml6gGmDIuMM5vZprz4fIXPBbvCfnroTq
m6+XaRBYtFSzvlXbF/1GzqscwDbCioeif7XF6cJ2T2KL9o/isLdNae3V0mvpPSqa
MAI81SjJRNgSuz9FQCHFjDG6DzxYnSQt+IIlnWLMp/dEiCTtpswsPDiATWuDglat
9qQNN1XgkkH0hjHniQGsIxae
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:25 2023 by rpki-client on console-fra.rpki-client.org