Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/2_8lKBzOf_HqCW_jpLG6EKM2DCk.roa
File: 2_8lKBzOf_HqCW_jpLG6EKM2DCk.roa (raw, json)
Hash identifier: V8aa1FtuI8hHdKoTO8WVIMdmviKlhpmSRzFuLKR7mA8=
Subject key identifier: DB:FF:25:28:1C:CE:7F:F1:EA:09:6F:E3:A4:B1:BA:10:A3:36:0C:29
Certificate issuer: /CN=9a70b051e5cdf962dbc26b352488d0831bdf9a3c
Certificate serial: 0500F87E
Authority key identifier: 9A:70:B0:51:E5:CD:F9:62:DB:C2:6B:35:24:88:D0:83:1B:DF:9A:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnCwUeXN-WLbwms1JIjQgxvfmjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/2_8lKBzOf_HqCW_jpLG6EKM2DCk.roa
Signing time: Mon 27 Jun 2022 12:09:03 +0000
ROA not before: Mon 27 Jun 2022 12:09:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201471
IP address blocks: 84.40.58.0/23 maxlen: 24
84.40.60.0/22 maxlen: 24
185.90.48.0/22 maxlen: 24
84.40.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83949694 (0x500f87e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a70b051e5cdf962dbc26b352488d0831bdf9a3c
Validity
Not Before: Jun 27 12:09:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dbff25281cce7ff1ea096fe3a4b1ba10a3360c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ff:38:a8:31:82:21:9c:9c:8a:41:7a:c5:1f:
97:3a:b8:58:48:37:85:66:b8:c9:49:87:ad:cf:5d:
1f:29:12:02:0a:d8:4a:6c:35:55:32:39:1c:6d:81:
a4:ca:0a:2d:f8:c3:77:73:47:9c:9b:56:92:b6:73:
b3:0c:d3:2a:bc:a1:0a:37:54:25:e7:f9:de:30:c5:
ad:8d:b6:8f:0d:2e:3a:04:42:44:70:80:cd:78:fd:
82:74:23:a9:c3:29:67:e3:10:32:dc:0e:49:9a:78:
d0:7f:a0:c9:db:47:45:d4:0b:66:e5:bd:7f:ae:9b:
67:01:c4:0f:fe:3a:e8:d4:85:cc:84:5a:31:bb:03:
70:b3:eb:e7:e3:45:40:5e:12:59:57:ae:97:0f:a9:
f3:9b:80:9e:00:f6:87:d4:4b:e7:8d:81:46:bf:ae:
7e:56:95:8e:b4:eb:e0:da:56:cd:40:d3:fb:22:76:
29:73:50:de:19:47:64:08:49:dd:c2:5e:ef:23:46:
ea:85:f9:f2:62:34:69:5e:51:a1:17:f8:27:82:b1:
e4:08:cf:a3:d9:b0:02:dc:4b:34:3a:18:2c:14:90:
00:8f:df:80:5f:ea:68:a6:8c:aa:07:59:32:cf:b2:
55:80:80:c6:68:5d:eb:92:bb:da:11:fb:83:78:82:
b4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:FF:25:28:1C:CE:7F:F1:EA:09:6F:E3:A4:B1:BA:10:A3:36:0C:29
X509v3 Authority Key Identifier:
keyid:9A:70:B0:51:E5:CD:F9:62:DB:C2:6B:35:24:88:D0:83:1B:DF:9A:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnCwUeXN-WLbwms1JIjQgxvfmjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/2_8lKBzOf_HqCW_jpLG6EKM2DCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/mnCwUeXN-WLbwms1JIjQgxvfmjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.40.40.0/21
84.40.58.0-84.40.63.255
185.90.48.0/22
Signature Algorithm: sha256WithRSAEncryption
01:52:d6:b0:da:6d:91:f6:1c:3a:c0:e4:53:05:4a:c4:44:6e:
55:f9:bf:20:3c:84:0c:b2:5a:0a:1d:73:47:06:13:50:3e:84:
fc:53:af:0d:a9:fb:09:c0:76:48:8d:9a:6b:99:29:0b:77:f2:
1d:f4:e7:8c:4a:9b:8a:c6:d7:da:a2:ee:53:0f:14:b4:00:56:
d9:2d:86:81:b1:ac:89:f1:60:26:76:ce:23:dd:2c:ca:e1:66:
f7:7a:d6:91:28:a9:15:db:c8:0a:e3:61:f1:db:2e:f8:67:42:
bd:18:d7:31:06:bd:db:7f:64:a2:eb:74:f7:fa:84:26:72:29:
af:9d:39:b4:f0:24:66:e1:86:93:ed:47:67:db:dc:55:0c:14:
25:f1:e5:06:ec:5d:be:99:b3:f2:ec:8d:3c:3b:94:d8:b0:c7:
2a:c3:a2:1f:44:bf:46:ae:30:0d:ff:f5:c4:dc:bc:5b:54:2b:
5e:28:18:a4:46:5b:64:f6:c7:f9:5b:ac:9c:ce:68:f8:c7:26:
87:c3:59:49:e3:da:4b:bf:24:9b:47:c1:76:92:75:6e:98:ea:
7b:f8:cf:be:c7:9a:c9:57:9a:bc:cc:f6:37:13:d5:68:68:43:
2a:10:6b:f2:79:fe:6d:12:33:cd:30:7b:d0:bd:1c:75:2c:fa:
c9:1b:03:63
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEBQD4fjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTcwYjA1MWU1Y2RmOTYyZGJjMjZiMzUyNDg4ZDA4MzFiZGY5YTNjMB4XDTIyMDYy
NzEyMDkwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGJmZjI1MjgxY2Nl
N2ZmMWVhMDk2ZmUzYTRiMWJhMTBhMzM2MGMyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIP/OKgxgiGcnIpBesUflzq4WEg3hWa4yUmHrc9dHykSAgrY
Smw1VTI5HG2BpMoKLfjDd3NHnJtWkrZzswzTKryhCjdUJef53jDFrY22jw0uOgRC
RHCAzXj9gnQjqcMpZ+MQMtwOSZp40H+gydtHRdQLZuW9f66bZwHED/466NSFzIRa
MbsDcLPr5+NFQF4SWVeulw+p85uAngD2h9RL542BRr+uflaVjrTr4NpWzUDT+yJ2
KXNQ3hlHZAhJ3cJe7yNG6oX58mI0aV5RoRf4J4Kx5AjPo9mwAtxLNDoYLBSQAI/f
gF/qaKaMqgdZMs+yVYCAxmhd65K72hH7g3iCtG0CAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTb/yUoHM5/8eoJb+OksboQozYMKTAfBgNVHSMEGDAWgBSacLBR5c35YtvC
azUkiNCDG9+aPDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21uQ3dVZVhOLVdMYndtczFKSWpRZ3h2Zm1qdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTYvZjk2OTFkLWFmYjItNDFmMi04ZDIyLWZhNDZiNGY5YTIwYy8x
LzJfOGxLQnpPZl9IcUNXX2pwTEc2RUtNMkRDay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTYv
Zjk2OTFkLWFmYjItNDFmMi04ZDIyLWZhNDZiNGY5YTIwYy8xL21uQ3dVZVhOLVdM
YndtczFKSWpRZ3h2Zm1qdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEA1QoKDAMAwQBVCg6AwQGVCgAAwQC
uVowMA0GCSqGSIb3DQEBCwUAA4IBAQABUtaw2m2R9hw6wORTBUrERG5V+b8gPIQM
sloKHXNHBhNQPoT8U68NqfsJwHZIjZprmSkLd/Id9OeMSpuKxtfaou5TDxS0AFbZ
LYaBsayJ8WAmds4j3SzK4Wb3etaRKKkV28gK42Hx2y74Z0K9GNcxBr3bf2Si63T3
+oQmcimvnTm08CRm4YaT7Udn29xVDBQl8eUG7F2+mbPy7I08O5TYsMcqw6IfRL9G
rjAN//XE3LxbVCteKBikRltk9sf5W6yczmj4xyaHw1lJ49pLvySbR8F2knVumOp7
+M++x5rJV5q8zPY3E9VoaEMqEGvyef5tEjPNMHvQvRx1LPrJGwNj
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:10:45 2025 by rpki-client