Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/2iDVRfCueIsjXk8eppJ6-MHLzOg.roa
File: 2iDVRfCueIsjXk8eppJ6-MHLzOg.roa (raw, json)
Hash identifier: LqqumA2/eIApvZaM3Kr9+93yEQGTLskgHatF204r1Qc=
Subject key identifier: DA:20:D5:45:F0:AE:78:8B:23:5E:4F:1E:A6:92:7A:F8:C1:CB:CC:E8
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 01857082C6A05F848F81F92AED475F82B733
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/2iDVRfCueIsjXk8eppJ6-MHLzOg.roa
Signing time: Mon 02 Jan 2023 03:24:56 +0000
ROA not before: Mon 02 Jan 2023 03:24:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50352
IP address blocks: 185.94.82.0/24 maxlen: 24
185.94.80.0/23 maxlen: 23
193.42.157.0/24 maxlen: 24
2a05:bf81::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:c6:a0:5f:84:8f:81:f9:2a:ed:47:5f:82:b7:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 2 03:24:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da20d545f0ae788b235e4f1ea6927af8c1cbcce8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fa:4f:a2:37:46:3a:2e:18:27:c8:e9:fa:e6:
a0:1c:e9:a0:64:16:54:45:a2:28:0b:b9:90:d7:67:
46:07:b0:e1:1d:6e:74:99:40:c1:a8:73:94:20:0e:
97:9a:8e:46:32:73:db:a8:39:2b:59:3c:21:2e:26:
6c:bb:54:3c:97:29:e3:b2:8e:8b:6f:33:8a:b8:de:
ab:cc:1a:83:4a:3e:71:f5:20:7a:46:b2:3d:b6:5a:
60:6e:ae:b0:1f:fe:55:14:fd:96:c0:63:4e:e5:76:
e3:c3:6f:fc:37:4c:1b:19:7e:de:b9:9c:b7:26:73:
5e:f6:ac:ef:01:24:77:c8:3e:d7:55:91:26:c9:55:
ce:0e:0b:52:7c:04:f3:55:74:e6:db:01:28:25:04:
49:f7:d4:4c:61:f1:df:1f:fd:fd:d6:e2:6b:89:07:
cc:03:11:a3:1b:c1:04:88:7f:62:c0:c2:70:11:55:
ec:9b:2e:05:8d:6b:58:05:54:47:5b:d4:5c:b4:91:
17:c9:50:a9:bb:81:eb:3b:be:6c:88:c6:1f:86:6c:
17:43:b3:55:e5:79:aa:a6:a4:6c:b9:25:6c:f8:f0:
9b:a5:92:b1:ea:da:f5:1d:2e:fc:f8:c9:f0:e5:ee:
9c:2c:df:12:81:64:04:e8:04:4f:f6:2d:58:21:9a:
22:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:20:D5:45:F0:AE:78:8B:23:5E:4F:1E:A6:92:7A:F8:C1:CB:CC:E8
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/2iDVRfCueIsjXk8eppJ6-MHLzOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.80.0-185.94.82.255
193.42.157.0/24
IPv6:
2a05:bf81::/32
Signature Algorithm: sha256WithRSAEncryption
54:e4:b7:1f:05:34:f1:f0:f1:e3:de:11:e3:1f:b7:a6:75:1c:
71:ed:5a:f6:25:c2:04:73:15:60:3b:24:f0:8d:c1:f3:bb:76:
bb:a6:70:66:81:a6:1e:18:3a:bd:4e:53:43:80:06:95:f1:3e:
c5:7e:54:df:a8:09:aa:24:bb:50:80:a0:6b:f0:1c:04:a3:de:
f1:ae:d5:82:16:ee:5e:07:0b:96:5b:01:d3:0a:fe:de:f6:e7:
a8:f2:94:e4:42:a6:99:1e:dc:60:76:b5:ac:76:57:3d:de:a1:
75:01:17:f6:7b:77:f3:1c:7b:fa:c1:42:41:e6:e4:33:8f:99:
7f:96:89:cc:b9:c8:ef:b0:b9:24:d0:34:f0:bc:53:75:d9:27:
fe:e1:9e:90:30:ff:58:84:a5:79:2e:98:d1:b5:21:f3:8b:36:
2d:f0:f2:d5:cb:87:a0:b5:96:50:75:cd:d3:93:6d:aa:f1:bd:
61:99:8a:a7:76:36:fa:3d:89:e3:ee:43:15:54:24:b4:ed:4b:
d8:9d:72:76:9b:29:49:e2:ee:a3:af:4e:e4:4e:8d:61:4b:a2:
4a:b2:de:b1:5c:b3:04:f9:9a:bd:d5:ed:67:d8:af:4c:5b:ca:
27:a9:00:d7:21:54:0f:2a:f6:fc:26:83:f8:3a:29:cd:29:ab:
41:f8:c6:1f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVwgsagX4SPgfkq7UdfgrczMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjMwMTAyMDMyNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTIwZDU0NWYwYWU3ODhiMjM1ZTRmMWVhNjkyN2FmOGMxY2JjY2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPpPojdGOi4YJ8jp+uagHOmgZBZU
RaIoC7mQ12dGB7DhHW50mUDBqHOUIA6Xmo5GMnPbqDkrWTwhLiZsu1Q8lynjso6L
bzOKuN6rzBqDSj5x9SB6RrI9tlpgbq6wH/5VFP2WwGNO5Xbjw2/8N0wbGX7euZy3
JnNe9qzvASR3yD7XVZEmyVXODgtSfATzVXTm2wEoJQRJ99RMYfHfH/391uJriQfM
AxGjG8EEiH9iwMJwEVXsmy4FjWtYBVRHW9RctJEXyVCpu4HrO75siMYfhmwXQ7NV
5XmqpqRsuSVs+PCbpZKx6tr1HS78+Mnw5e6cLN8SgWQE6ARP9i1YIZoi6wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNog1UXwrniLI15PHqaSevjBy8zoMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvMmlEVlJmQ3VlSXNqWGs4ZXBwSjYtTUhMek9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAS5XlAD
BAC5XlIDBADBKp0wDQQCAAIwBwMFACoFv4EwDQYJKoZIhvcNAQELBQADggEBAFTk
tx8FNPHw8ePeEeMft6Z1HHHtWvYlwgRzFWA7JPCNwfO7drumcGaBph4YOr1OU0OA
BpXxPsV+VN+oCaoku1CAoGvwHASj3vGu1YIW7l4HC5ZbAdMK/t7256jylORCppke
3GB2tax2Vz3eoXUBF/Z7d/Mce/rBQkHm5DOPmX+Wicy5yO+wuSTQNPC8U3XZJ/7h
npAw/1iEpXkumNG1IfOLNi3w8tXLh6C1llB1zdOTbarxvWGZiqd2Nvo9iePuQxVU
JLTtS9idcnabKUni7qOvTuROjWFLokqy3rFcswT5mr3V7WfYr0xbyiepANchVA8q
9vwmg/g6Kc0pq0H4xh8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:57 2025 by rpki-client